widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

OEMCrypto v13 Header and Stubs

Browse Source 
Merge from Widevine repo of http://go/wvgerrit/22899

This is most of the header changes for OEMCrypto v13.  This updates
just enough of the code that existing unit tests build and pass.

The documentation will be reviewed in http://go/wvgerrit/22887.  When
that CL has been approved, comments in the code will be updated to
match.

Real code will be broken into several other CLs.

bug:31458046

arm/libwvlevel3.a  Level3 Library 4445 Jan 17 2017 20:01:26
x86/libwvlevel3.a  Level3 Library 4464 Jan 17 2017 19:00:37
mips/libwvlevel3.a  Level3 Library 4465 Jan 17 2017 19:24:35

Change-Id: I0318c53235c0b33afb623cba933365e09dec4e61
This commit is contained in:
Fred Gylys-Colwell
2017-01-20 18:29:20 -08:00
committed by Jeff Tinker
parent d7b27e49a0
commit b2a3921b37
14 changed files with 754 additions and 113 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
libwvdrmengine/cdm/core/include/oemcrypto_adapter.h
View File

@@ -37,6 +37,16 @@ OEMCryptoResult OEMCrypto_GetMaxNumberOfSessions(SecurityLevel level,
uint8_t OEMCrypto_Security_Patch_Level(SecurityLevel level);
OEMCrypto_ProvisioningMethod OEMCrypto_GetProvisioningMethod(
SecurityLevel level);
uint32_t OEMCrypto_SupportedCertificates(SecurityLevel level);
OEMCryptoResult OEMCrypto_CreateUsageTableHeader(SecurityLevel level);
OEMCryptoResult OEMCrypto_LoadUsageTableHeader(SecurityLevel level,
const uint8_t* buffer,
size_t buffer_length);
OEMCryptoResult OEMCrypto_ShrinkUsageTableHeader(SecurityLevel level,
uint32_t new_table_size,
uint8_t* header_buffer,
size_t* header_buffer_length);
} // namespace wvcdm
#endif // WVCDM_CORE_OEMCRYPTO_ADAPTER_H_

9
libwvdrmengine/cdm/core/src/crypto_session.cpp
View File

@@ -435,7 +435,8 @@ CdmResponseType CryptoSession::LoadKeys(
oec_session_id_, msg, message.size(),
reinterpret_cast<const uint8_t*>(signature.data()), signature.size(),
enc_mac_key_iv, enc_mac_key, keys.size(), &load_keys[0], pst,
provider_session_token.length());
provider_session_token.length(),
NULL); // TODO(rfrias): http://b/28955520
if (OEMCrypto_SUCCESS == sts) {
if (!provider_session_token.empty()) {
@@ -789,8 +790,10 @@ CdmResponseType CryptoSession::DeactivateUsageInformation(
uint8_t* pst = reinterpret_cast<uint8_t*>(
const_cast<char*>(provider_session_token.data()));
// TODO(fredgc or rfrias): make sure oec_session_id_ is valid.
OEMCryptoResult status =
OEMCrypto_DeactivateUsageEntry(pst, provider_session_token.length());
OEMCrypto_DeactivateUsageEntry((uint32_t)oec_session_id_,
pst, provider_session_token.length());
switch (status) {
case OEMCrypto_SUCCESS:
@@ -963,7 +966,7 @@ CdmResponseType CryptoSession::DeleteMultipleUsageInformation(
CdmResponseType CryptoSession::DeleteAllUsageReports() {
LOGV("DeleteAllUsageReports");
OEMCryptoResult status = OEMCrypto_DeleteUsageTable();
OEMCryptoResult status = OEMCrypto_DeleteOldUsageTable();
if (OEMCrypto_SUCCESS != status) {
LOGE("CryptoSession::DeleteAllUsageReports: Delete Usage Table error =%ld",

400
libwvdrmengine/cdm/core/src/oemcrypto_adapter_dynamic.cpp
View File

@@ -66,6 +66,12 @@ typedef OEMCryptoResult (*L1_GenerateSignature_t)(OEMCrypto_SESSION session,
uint8_t* signature,
size_t* signature_length);
typedef OEMCryptoResult (*L1_LoadKeys_t)(
OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
const uint8_t* signature, size_t signature_length,
const uint8_t* enc_mac_key_iv, const uint8_t* enc_mac_key, size_t num_keys,
const OEMCrypto_KeyObject* key_array, const uint8_t* pst,
size_t pst_length, const uint8_t* srm_requirement);
typedef OEMCryptoResult (*L1_LoadKeys_V12_t)(
OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
const uint8_t* signature, size_t signature_length,
const uint8_t* enc_mac_key_iv, const uint8_t* enc_mac_key, size_t num_keys,
@@ -173,8 +179,8 @@ typedef OEMCryptoResult (*L1_Generic_Verify_t)(OEMCrypto_SESSION session,
const uint8_t* signature,
size_t signature_length);
typedef OEMCryptoResult (*L1_UpdateUsageTable_t)();
typedef OEMCryptoResult (*L1_DeactivateUsageEntry_t)(const uint8_t* pst,
size_t pst_length);
typedef OEMCryptoResult (*L1_DeactivateUsageEntry_V12_t)(const uint8_t* pst,
size_t pst_length);
typedef OEMCryptoResult (*L1_ReportUsage_t)(OEMCrypto_SESSION session,
const uint8_t* pst,
size_t pst_length,
@@ -186,7 +192,7 @@ typedef OEMCryptoResult (*L1_DeleteUsageEntry_t)(
size_t signature_length);
typedef OEMCryptoResult (*L1_ForceDeleteUsageEntry_t)(const uint8_t* pst,
size_t pst_length);
typedef OEMCryptoResult (*L1_DeleteUsageTable_t)();
typedef OEMCryptoResult (*L1_DeleteOldUsageTable_t)();
typedef OEMCrypto_ProvisioningMethod (*L1_GetProvisioningMethod_t)();
typedef OEMCryptoResult (*L1_GetOEMPublicCertificate_t)(
OEMCrypto_SESSION session,
@@ -202,6 +208,37 @@ typedef OEMCryptoResult (*L1_RewrapDeviceRSAKey30_t)(
const uint8_t* enc_rsa_key_iv,
uint8_t* wrapped_rsa_key,
size_t* wrapped_rsa_key_length);
typedef uint32_t (*L1_SupportedCertificates_t)();
typedef bool (*L1_IsSRMUpdateSupported_t)();
typedef OEMCryptoResult (*L1_GetCurrentSRMVersion_t)(uint16_t* version);
typedef OEMCryptoResult (*L1_LoadSRM_t)(const uint8_t* buffer,
size_t buffer_length);
typedef OEMCryptoResult (*L1_RemoveSRM_t)();
typedef OEMCryptoResult (*L1_CreateUsageTableHeader_t)();
typedef OEMCryptoResult (*L1_LoadUsageTableHeader_t)(const uint8_t* buffer,
size_t buffer_length);
typedef OEMCryptoResult (*L1_CreateNewUsageEntry_t)(OEMCrypto_SESSION session,
uint32_t *usage_entry_number);
typedef OEMCryptoResult (*L1_LoadUsageEntry_t)(OEMCrypto_SESSION session,
uint32_t index,
const uint8_t *buffer,
size_t buffer_size);
typedef OEMCryptoResult (*L1_UpdateUsageEntry_t)(OEMCrypto_SESSION session,
uint8_t* header_buffer,
size_t* header_buffer_length,
uint8_t* entry_buffer,
size_t* entry_buffer_length);
typedef OEMCryptoResult (*L1_DeactivateUsageEntry_t)(OEMCrypto_SESSION session,
const uint8_t* pst,
size_t pst_length);
typedef OEMCryptoResult (*L1_ShrinkUsageTableHeader_t)(uint32_t new_table_size,
uint8_t* header_buffer,
size_t* header_buffer_length);
typedef OEMCryptoResult (*L1_MoveEntry_t)(OEMCrypto_SESSION session,
uint32_t new_index);
typedef OEMCryptoResult (*L1_CopyOldUsageEntry_t)(OEMCrypto_SESSION session,
const uint8_t*pst,
size_t pst_length);
struct FunctionPointers {
uint32_t version;
@@ -248,15 +285,30 @@ struct FunctionPointers {
L1_ReportUsage_t ReportUsage;
L1_DeleteUsageEntry_t DeleteUsageEntry;
L1_ForceDeleteUsageEntry_t ForceDeleteUsageEntry;
L1_DeleteUsageTable_t DeleteUsageTable;
L1_DeleteOldUsageTable_t DeleteOldUsageTable;
L1_GetProvisioningMethod_t GetProvisioningMethod;
L1_GetOEMPublicCertificate_t GetOEMPublicCertificate;
L1_RewrapDeviceRSAKey30_t RewrapDeviceRSAKey30;
L1_SupportedCertificates_t SupportedCertificates;
L1_IsSRMUpdateSupported_t IsSRMUpdateSupported;
L1_GetCurrentSRMVersion_t GetCurrentSRMVersion;
L1_LoadSRM_t LoadSRM;
L1_RemoveSRM_t RemoveSRM;
L1_CreateUsageTableHeader_t CreateUsageTableHeader;
L1_LoadUsageTableHeader_t LoadUsageTableHeader;
L1_CreateNewUsageEntry_t CreateNewUsageEntry;
L1_LoadUsageEntry_t LoadUsageEntry;
L1_UpdateUsageEntry_t UpdateUsageEntry;
L1_ShrinkUsageTableHeader_t ShrinkUsageTableHeader;
L1_MoveEntry_t MoveEntry;
L1_CopyOldUsageEntry_t CopyOldUsageEntry;
L1_LoadKeys_V8_t LoadKeys_V8;
L1_GenerateRSASignature_V8_t GenerateRSASignature_V8;
L1_GetHDCPCapability_V9_t GetHDCPCapability_V9;
L1_LoadKeys_V9_or_V10_t LoadKeys_V9_or_V10;
L1_LoadKeys_V12_t LoadKeys_V12;
L1_DeactivateUsageEntry_V12_t DeactivateUsageEntry_V12;
};
// The Cache Flush function is very processor dependent, but is needed by the
@@ -430,11 +482,17 @@ class Adapter {
} else { // version >= 9
LOOKUP(GenerateRSASignature, OEMCrypto_GenerateRSASignature);
LOOKUP(SupportsUsageTable, OEMCrypto_SupportsUsageTable);
LOOKUP(UpdateUsageTable, OEMCrypto_UpdateUsageTable);
LOOKUP(DeactivateUsageEntry, OEMCrypto_DeactivateUsageEntry);
// TODO(fredgc): only use these if version < 13.
LOOKUP(ReportUsage, OEMCrypto_ReportUsage);
LOOKUP(DeleteUsageEntry, OEMCrypto_DeleteUsageEntry);
LOOKUP(DeleteUsageTable, OEMCrypto_DeleteUsageTable);
LOOKUP(DeleteOldUsageTable, OEMCrypto_DeleteOldUsageTable);
// TODO(fredgc): remove this hack after unit tests have been fixed.
// TODO(fredgc) if (level1_.version < 13) {
LOOKUP(UpdateUsageTable, OEMCrypto_UpdateUsageTable);
if (level1_.version < 13 ) {
LOOKUP(DeactivateUsageEntry_V12, OEMCrypto_DeactivateUsageEntry_V12);
}
LOOKUP(DeleteUsageEntry, OEMCrypto_DeleteUsageEntry);
// TODO(fredgc): }
if (level1_.version == 9) {
LOOKUP(LoadKeys_V9_or_V10, OEMCrypto_LoadKeys_V9_or_V10);
LOOKUP(GetHDCPCapability_V9, OEMCrypto_GetHDCPCapability_V9);
@@ -447,18 +505,40 @@ class Adapter {
LOOKUP(IsAntiRollbackHwPresent, OEMCrypto_IsAntiRollbackHwPresent);
LOOKUP(GetNumberOfOpenSessions, OEMCrypto_GetNumberOfOpenSessions);
LOOKUP(GetMaxNumberOfSessions, OEMCrypto_GetMaxNumberOfSessions);
LOOKUP(ForceDeleteUsageEntry, OEMCrypto_ForceDeleteUsageEntry);
// TODO(fredgc): if (level1_.version < 13) {
LOOKUP(ForceDeleteUsageEntry, OEMCrypto_ForceDeleteUsageEntry);
// TODO(fredgc): }
if (level1_.version == 10) {
LOOKUP(LoadKeys_V9_or_V10, OEMCrypto_LoadKeys_V9_or_V10);
LOOKUP(DecryptCTR_V10, OEMCrypto_DecryptCTR_V10);
} else { // version >= 11.
LOOKUP(LoadKeys, OEMCrypto_LoadKeys);
LOOKUP(DecryptCENC, OEMCrypto_DecryptCENC);
LOOKUP(SecurityPatchLevel, OEMCrypto_Security_Patch_Level);
if (level1_.version >= 12) {
if (level1_.version == 11) {
LOOKUP(LoadKeys_V12, OEMCrypto_LoadKeys_V12);
} else { // version >= 12.
LOOKUP(GetProvisioningMethod, OEMCrypto_GetProvisioningMethod);
LOOKUP(GetOEMPublicCertificate, OEMCrypto_GetOEMPublicCertificate);
LOOKUP(RewrapDeviceRSAKey30, OEMCrypto_RewrapDeviceRSAKey30);
if (level1_.version == 12) {
LOOKUP(LoadKeys_V12, OEMCrypto_LoadKeys_V12);
} else { // version >= 13.
LOOKUP(LoadKeys, OEMCrypto_LoadKeys);
LOOKUP(SupportedCertificates, OEMCrypto_SupportedCertificates);
LOOKUP(IsSRMUpdateSupported, OEMCrypto_IsSRMUpdateSupported);
LOOKUP(GetCurrentSRMVersion, OEMCrypto_GetCurrentSRMVersion);
LOOKUP(LoadSRM, OEMCrypto_LoadSRM);
LOOKUP(RemoveSRM, OEMCrypto_RemoveSRM);
LOOKUP(CreateUsageTableHeader, OEMCrypto_CreateUsageTableHeader);
LOOKUP(LoadUsageTableHeader, OEMCrypto_LoadUsageTableHeader);
LOOKUP(CreateNewUsageEntry, OEMCrypto_CreateNewUsageEntry);
LOOKUP(LoadUsageEntry, OEMCrypto_LoadUsageEntry);
LOOKUP(UpdateUsageEntry, OEMCrypto_UpdateUsageEntry);
LOOKUP(DeactivateUsageEntry, OEMCrypto_DeactivateUsageEntry);
LOOKUP(ShrinkUsageTableHeader, OEMCrypto_ShrinkUsageTableHeader);
LOOKUP(MoveEntry, OEMCrypto_MoveEntry);
LOOKUP(CopyOldUsageEntry, OEMCrypto_CopyOldUsageEntry);
}
}
}
}
@@ -559,10 +639,23 @@ class Adapter {
level3_.ReportUsage = Level3_ReportUsage;
level3_.DeleteUsageEntry = Level3_DeleteUsageEntry;
level3_.ForceDeleteUsageEntry = Level3_ForceDeleteUsageEntry;
level3_.DeleteUsageTable = Level3_DeleteUsageTable;
level3_.DeleteOldUsageTable = Level3_DeleteOldUsageTable;
level3_.GetProvisioningMethod = Level3_GetProvisioningMethod;
level3_.GetOEMPublicCertificate = Level3_GetOEMPublicCertificate;
level3_.RewrapDeviceRSAKey30 = Level3_RewrapDeviceRSAKey30;
level3_.SupportedCertificates = Level3_SupportedCertificates;
level3_.IsSRMUpdateSupported = Level3_IsSRMUpdateSupported;
level3_.GetCurrentSRMVersion = Level3_GetCurrentSRMVersion;
level3_.LoadSRM = Level3_LoadSRM;
level3_.RemoveSRM = Level3_RemoveSRM;
level3_.CreateUsageTableHeader = Level3_CreateUsageTableHeader;
level3_.LoadUsageTableHeader = Level3_LoadUsageTableHeader;
level3_.CreateNewUsageEntry = Level3_CreateNewUsageEntry;
level3_.LoadUsageEntry = Level3_LoadUsageEntry;
level3_.UpdateUsageEntry = Level3_UpdateUsageEntry;
level3_.ShrinkUsageTableHeader = Level3_ShrinkUsageTableHeader;
level3_.MoveEntry = Level3_MoveEntry;
level3_.CopyOldUsageEntry = Level3_CopyOldUsageEntry;
level3_.version = Level3_APIVersion();
}
@@ -792,6 +885,47 @@ OEMCryptoResult OEMCrypto_GetMaxNumberOfSessions(SecurityLevel level,
if (fcn->version < 10) return OEMCrypto_ERROR_NOT_IMPLEMENTED;
return fcn->GetMaxNumberOfSessions(maximum);
}
uint32_t OEMCrypto_SupportedCertificates(SecurityLevel level) {
if (!kAdapter) return 0;
const FunctionPointers* fcn = kAdapter->get(level);
if (!fcn) return 0;
// Default is to support 2048 bit RSA keys.
if (fcn->version < 13) return OEMCrypto_Supports_RSA_2048bit;
return fcn->SupportedCertificates();
}
OEMCryptoResult OEMCrypto_CreateUsageTableHeader(SecurityLevel level) {
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
const FunctionPointers* fcn = kAdapter->get(level);
if (!fcn) return OEMCrypto_ERROR_INVALID_SESSION;
if (fcn->version < 9) return OEMCrypto_ERROR_NOT_IMPLEMENTED;
if (fcn->version < 13) return fcn->DeleteOldUsageTable();
return fcn->CreateUsageTableHeader();
}
OEMCryptoResult OEMCrypto_LoadUsageTableHeader(SecurityLevel level,
const uint8_t* buffer,
size_t buffer_length) {
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
const FunctionPointers* fcn = kAdapter->get(level);
if (!fcn) return OEMCrypto_ERROR_INVALID_SESSION;
if (fcn->version < 13) return OEMCrypto_ERROR_NOT_IMPLEMENTED;
return fcn->LoadUsageTableHeader(buffer, buffer_length);
}
OEMCryptoResult OEMCrypto_ShrinkUsageTableHeader(SecurityLevel level,
uint32_t new_table_size,
uint8_t* header_buffer,
size_t* header_buffer_length) {
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
const FunctionPointers* fcn = kAdapter->get(level);
if (!fcn) return OEMCrypto_ERROR_INVALID_SESSION;
if (fcn->version < 13) return OEMCrypto_ERROR_NOT_IMPLEMENTED;
return fcn->ShrinkUsageTableHeader(new_table_size, header_buffer,
header_buffer_length);
}
} // namespace wvcdm
extern "C" OEMCryptoResult OEMCrypto_Initialize(void) {
@@ -857,7 +991,7 @@ extern "C" OEMCryptoResult OEMCrypto_LoadKeys(
const uint8_t* signature, size_t signature_length,
const uint8_t* enc_mac_key_iv, const uint8_t* enc_mac_key, size_t num_keys,
const OEMCrypto_KeyObject* key_array, const uint8_t* pst,
size_t pst_length) {
size_t pst_length, const uint8_t* srm_requirement) {
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
LevelSession pair = kAdapter->get(session);
if (!pair.fcn) return OEMCrypto_ERROR_INVALID_SESSION;
@@ -888,9 +1022,17 @@ extern "C" OEMCryptoResult OEMCrypto_LoadKeys(
pst, pst_length);
}
} else {
return pair.fcn->LoadKeys(pair.session, message, message_length, signature,
signature_length, enc_mac_key_iv, enc_mac_key,
num_keys, key_array, pst, pst_length);
if (pair.fcn->version < 13) {
return pair.fcn->LoadKeys_V12(pair.session, message, message_length,
signature, signature_length, enc_mac_key_iv,
enc_mac_key, num_keys, key_array, pst,
pst_length);
} else {
return pair.fcn->LoadKeys(pair.session, message, message_length, signature,
signature_length, enc_mac_key_iv, enc_mac_key,
num_keys, key_array, pst, pst_length,
srm_requirement);
}
}
}
@@ -1134,6 +1276,10 @@ extern "C" OEMCryptoResult OEMCrypto_GetMaxNumberOfSessions(size_t* maximum) {
return OEMCrypto_GetMaxNumberOfSessions(kLevelDefault, maximum);
}
extern "C" uint32_t OEMCrypto_SupportedCertificates() {
return OEMCrypto_SupportedCertificates(kLevelDefault);
}
extern "C" OEMCryptoResult OEMCrypto_Generic_Encrypt(
OEMCrypto_SESSION session, const uint8_t* in_buffer, size_t buffer_length,
const uint8_t* iv, OEMCrypto_Algorithm algorithm, uint8_t* out_buffer) {
@@ -1208,31 +1354,90 @@ extern "C" OEMCryptoResult OEMCrypto_Generic_Verify(
algorithm, signature, signature_length);
}
// TODO(fredgc): remove this function when cdm layer doesn't need it.
extern "C" OEMCryptoResult OEMCrypto_UpdateUsageTable() {
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
const FunctionPointers* fcn1 = kAdapter->get(kLevelDefault);
const FunctionPointers* fcn3 = kAdapter->get(kLevel3);
OEMCryptoResult sts = OEMCrypto_ERROR_NOT_IMPLEMENTED;
if (fcn3 && fcn3->version > 8) sts = fcn3->UpdateUsageTable();
if (fcn1 && fcn1 != fcn3 && fcn1->version > 8) sts = fcn1->UpdateUsageTable();
if (fcn3 && fcn3->version > 8 && fcn3->version < 13) {
sts = fcn3->UpdateUsageTable();
}
if (fcn1 && fcn1 != fcn3 && fcn1->version > 8 && fcn1->version < 13) {
sts = fcn1->UpdateUsageTable();
} else {
// TODO(fredgc): Remove this after unit tests, haystack, and mock
// have been updated to v13. RED: REMOVE BEFORE FLIGHT -->
if (fcn1) sts = fcn1->UpdateUsageTable();
}
return sts;
}
extern "C" OEMCryptoResult OEMCrypto_DeactivateUsageEntry(const uint8_t* pst,
extern "C" OEMCryptoResult OEMCrypto_DeactivateUsageEntry(OEMCrypto_SESSION session,
const uint8_t* pst,
size_t pst_length) {
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
const FunctionPointers* fcn1 = kAdapter->get(kLevelDefault);
const FunctionPointers* fcn3 = kAdapter->get(kLevel3);
OEMCryptoResult sts = OEMCrypto_ERROR_NOT_IMPLEMENTED;
if (fcn1 && fcn1->version > 8) {
sts = fcn1->DeactivateUsageEntry(pst, pst_length);
LevelSession pair = kAdapter->get(session);
if (!pair.fcn) {
// TODO(fredgc): remove before flight!
// return OEMCrypto_ERROR_INVALID_SESSION;
LOGE("TODO(fredgc): remove temporary DeactivateUsageEntry.");
const FunctionPointers* fcn1 = kAdapter->get(kLevelDefault);
const FunctionPointers* fcn3 = kAdapter->get(kLevel3);
OEMCryptoResult sts = OEMCrypto_ERROR_INVALID_SESSION;
if (fcn1) {
if(fcn1->version < 13) {
if (fcn1->DeactivateUsageEntry_V12) {
sts = fcn1->DeactivateUsageEntry_V12(pst, pst_length);
} else {
LOGE("TODO(fredgc): Fred screwed up temporary code for v12!\n");
}
} else {
if (fcn1->DeactivateUsageEntry) {
sts = fcn1->DeactivateUsageEntry(0, pst, pst_length);
} else {
LOGE("TODO(fredgc): Fred screwed up temporary code for v13!\n");
}
}
}
if (OEMCrypto_SUCCESS != sts) {
if (fcn3 && fcn1 != fcn3) {
if(fcn3->version < 13) {
if (fcn3->DeactivateUsageEntry_V12) {
sts = fcn3->DeactivateUsageEntry_V12(pst, pst_length);
} else {
LOGE("TODO(fredgc): Fred screwed up temporary code for L3 v12!\n");
}
} else {
if (fcn3->DeactivateUsageEntry) {
sts = fcn3->DeactivateUsageEntry(0, pst, pst_length);
} else {
LOGE("TODO(fredgc): Fred screwed up temporary code for L3 v13!\n");
}
}
}
}
return sts;
// All of the hacky code above should be removed once the unit tests and
// cdm codde use the new deactivate usage entry.
}
if (OEMCrypto_SUCCESS != sts) {
if (fcn3 && fcn1 != fcn3 && fcn3->version > 8) {
sts = fcn3->DeactivateUsageEntry(pst, pst_length);
if (pair.fcn->version < 9) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
if(pair.fcn->version < 13) {
if (pair.fcn->DeactivateUsageEntry_V12 ) {
return pair.fcn->DeactivateUsageEntry_V12(pst, pst_length);
} else {
LOGE("TODO(fredgc): problem picking function!\n");
return OEMCrypto_ERROR_INVALID_SESSION;
}
}
return sts;
if (pair.fcn->DeactivateUsageEntry) {
return pair.fcn->DeactivateUsageEntry(pair.session, pst, pst_length);
} else {
LOGE("TODO(fredgc): problem picking function!\n");
return OEMCrypto_ERROR_INVALID_SESSION;
}
}
extern "C" OEMCryptoResult OEMCrypto_ReportUsage(OEMCrypto_SESSION session,
@@ -1255,6 +1460,7 @@ extern "C" OEMCryptoResult OEMCrypto_DeleteUsageEntry(
OEMCrypto_SESSION session, const uint8_t* pst, size_t pst_length,
const uint8_t* message, size_t message_length, const uint8_t* signature,
size_t signature_length) {
LOGE("TODO(fredgc): remove DeleteUsageEntry.");
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
LevelSession pair = kAdapter->get(session);
if (!pair.fcn) return OEMCrypto_ERROR_INVALID_SESSION;
@@ -1269,6 +1475,7 @@ extern "C" OEMCryptoResult OEMCrypto_DeleteUsageEntry(
extern "C" OEMCryptoResult OEMCrypto_ForceDeleteUsageEntry(
const uint8_t* pst, size_t pst_length) {
LOGE("TODO(fredgc): remove ForceDeleteUsageEntry.");
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
const FunctionPointers* fcn1 = kAdapter->get(kLevelDefault);
const FunctionPointers* fcn3 = kAdapter->get(kLevel3);
@@ -1285,12 +1492,143 @@ extern "C" OEMCryptoResult OEMCrypto_ForceDeleteUsageEntry(
return sts;
}
extern "C" OEMCryptoResult OEMCrypto_DeleteUsageTable() {
extern "C" OEMCryptoResult OEMCrypto_DeleteOldUsageTable() {
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
const FunctionPointers* fcn1 = kAdapter->get(kLevelDefault);
const FunctionPointers* fcn3 = kAdapter->get(kLevel3);
OEMCryptoResult sts = OEMCrypto_ERROR_NOT_IMPLEMENTED;
if (fcn3 && fcn3->version > 8) sts = fcn3->DeleteUsageTable();
if (fcn1 && fcn1 != fcn3 && fcn1->version > 8) sts = fcn1->DeleteUsageTable();
if (fcn3 && fcn3->version > 8) sts = fcn3->DeleteOldUsageTable();
if (fcn1 && fcn1 != fcn3 && fcn1->version > 8) sts = fcn1->DeleteOldUsageTable();
return sts;
}
extern "C"
bool OEMCrypto_IsSRMUpdateSupported() {
if (!kAdapter) return false;
// Level 3 can't load an SRM, so this just checkes Level 1.
const FunctionPointers* fcn = kAdapter->get(kLevelDefault);
if (!fcn) return false;
if (fcn->version < 13) return false;
return fcn->IsSRMUpdateSupported();
}
extern "C"
OEMCryptoResult OEMCrypto_GetCurrentSRMVersion(uint16_t* version) {
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
// Level 3 can't load an SRM, so this just checkes Level 1.
const FunctionPointers* fcn = kAdapter->get(kLevelDefault);
if (!fcn) return OEMCrypto_ERROR_NOT_IMPLEMENTED;
if (fcn->version < 13) return OEMCrypto_ERROR_NOT_IMPLEMENTED;
return fcn->GetCurrentSRMVersion(version);
}
extern "C"
OEMCryptoResult OEMCrypto_LoadSRM(const uint8_t* buffer,
size_t buffer_length) {
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
// Level 3 can't load an SRM, so this just checkes Level 1.
const FunctionPointers* fcn = kAdapter->get(kLevelDefault);
if (!fcn) return OEMCrypto_ERROR_NOT_IMPLEMENTED;
if (fcn->version < 13) return OEMCrypto_ERROR_NOT_IMPLEMENTED;
return fcn->LoadSRM(buffer, buffer_length);
}
extern "C"
OEMCryptoResult OEMCrypto_RemoveSRM() {
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
// Level 3 can't load an SRM, so this just checkes Level 1.
const FunctionPointers* fcn = kAdapter->get(kLevelDefault);
if (!fcn) return OEMCrypto_ERROR_NOT_IMPLEMENTED;
if (fcn->version < 13) return OEMCrypto_ERROR_NOT_IMPLEMENTED;
return fcn->RemoveSRM();
}
extern "C"
OEMCryptoResult OEMCrypto_CreateUsageTableHeader() {
return OEMCrypto_CreateUsageTableHeader(kLevelDefault);
}
extern "C"
OEMCryptoResult OEMCrypto_LoadUsageTableHeader(const uint8_t* buffer,
size_t buffer_length) {
return OEMCrypto_LoadUsageTableHeader(kLevelDefault, buffer, buffer_length);
}
extern "C"
OEMCryptoResult OEMCrypto_CreateNewUsageEntry(OEMCrypto_SESSION session,
uint32_t *usage_entry_number) {
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
LevelSession pair = kAdapter->get(session);
if (!pair.fcn) return OEMCrypto_ERROR_INVALID_SESSION;
if (pair.fcn->version < 13) return OEMCrypto_ERROR_NOT_IMPLEMENTED;
return pair.fcn->CreateNewUsageEntry(pair.session, usage_entry_number);
}
extern "C"
OEMCryptoResult OEMCrypto_LoadUsageEntry(OEMCrypto_SESSION session,
uint32_t index,
const uint8_t *buffer,
size_t buffer_size) {
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
LevelSession pair = kAdapter->get(session);
if (!pair.fcn) return OEMCrypto_ERROR_INVALID_SESSION;
if (pair.fcn->version < 13) return OEMCrypto_ERROR_NOT_IMPLEMENTED;
return pair.fcn->LoadUsageEntry(pair.session, index, buffer, buffer_size);
}
extern "C"
OEMCryptoResult OEMCrypto_UpdateUsageEntry(OEMCrypto_SESSION session,
uint8_t* header_buffer,
size_t* header_buffer_length,
uint8_t* entry_buffer,
size_t* entry_buffer_length) {
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
LevelSession pair = kAdapter->get(session);
if (!pair.fcn) return OEMCrypto_ERROR_INVALID_SESSION;
if (pair.fcn->version < 13) return OEMCrypto_ERROR_NOT_IMPLEMENTED;
return pair.fcn->UpdateUsageEntry(pair.session, header_buffer,
header_buffer_length, entry_buffer,
entry_buffer_length);
}
extern "C"
OEMCryptoResult OEMCrypto_ShrinkUsageTableHeader(uint32_t new_table_size,
uint8_t* header_buffer,
size_t* header_buffer_length) {
return OEMCrypto_ShrinkUsageTableHeader(kLevelDefault, new_table_size,
header_buffer, header_buffer_length);
}
extern "C"
OEMCryptoResult OEMCrypto_MoveEntry(OEMCrypto_SESSION session,
uint32_t new_index) {
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
LevelSession pair = kAdapter->get(session);
if (!pair.fcn) return OEMCrypto_ERROR_INVALID_SESSION;
if (pair.fcn->version < 13) return OEMCrypto_ERROR_NOT_IMPLEMENTED;
return pair.fcn->MoveEntry(pair.session, new_index);
}
extern "C"
OEMCryptoResult OEMCrypto_CopyOldUsageEntry(OEMCrypto_SESSION session,
const uint8_t*pst,
size_t pst_length) {
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
LevelSession pair = kAdapter->get(session);
if (!pair.fcn) return OEMCrypto_ERROR_INVALID_SESSION;
if (pair.fcn->version < 13) return OEMCrypto_ERROR_NOT_IMPLEMENTED;
return pair.fcn->CopyOldUsageEntry(pair.session, pst, pst_length);
}
extern "C"
OEMCryptoResult Level3_CreateOldUsageEntry(uint64_t time_since_license_received,
uint64_t time_since_first_decrypt,
uint64_t time_since_last_decrypt,
OEMCrypto_Usage_Entry_Status status,
uint8_t *server_mac_key,
uint8_t *client_mac_key,
const uint8_t* pst,
size_t pst_length) {
// TODO(fredgc): add this.
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}

BIN
libwvdrmengine/docs/WidevineModularDRMSecurityIntegrationGuideforCENC.pdf
View File

Binary file not shown.

BIN
libwvdrmengine/docs/WidevineSecurityIntegrationGuideforCENCAndroidSupplement.pdf
View File

Binary file not shown.

BIN
libwvdrmengine/level3/arm/libwvlevel3.a
View File

Binary file not shown.

BIN
libwvdrmengine/level3/mips/libwvlevel3.a
View File

Binary file not shown.

BIN
libwvdrmengine/level3/x86/libwvlevel3.a
View File

Binary file not shown.

166
libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h
View File

@@ -6,9 +6,9 @@
* Reference APIs needed to support Widevine's crypto algorithms.
*
* See the document "WV Modular DRM Security Integration Guide for Common
* Encryption (CENC) -- version 12" for a description of this API. You
* Encryption (CENC) -- version 13" for a description of this API. You
* can find this document in the widevine repository as
* docs/WidevineModularDRMSecurityIntegrationGuideforCENC.pdf
* docs/WidevineModularDRMSecurityIntegrationGuideforCENC_v13.pdf
* Changes between different versions of this API are documented in the files
* docs/Widevine_Modular_DRM_Version_*_Delta.pdf
*
@@ -33,10 +33,10 @@ typedef enum OEMCryptoResult {
OEMCrypto_ERROR_TERMINATE_FAILED = 2,
OEMCrypto_ERROR_OPEN_FAILURE = 3,
OEMCrypto_ERROR_CLOSE_FAILURE = 4,
OEMCrypto_ERROR_ENTER_SECURE_PLAYBACK_FAILED = 5,
OEMCrypto_ERROR_EXIT_SECURE_PLAYBACK_FAILED = 6,
OEMCrypto_ERROR_ENTER_SECURE_PLAYBACK_FAILED = 5, // deprecated
OEMCrypto_ERROR_EXIT_SECURE_PLAYBACK_FAILED = 6, // deprecated
OEMCrypto_ERROR_SHORT_BUFFER = 7,
OEMCrypto_ERROR_NO_DEVICE_KEY = 8,
OEMCrypto_ERROR_NO_DEVICE_KEY = 8, // no keybox device key.
OEMCrypto_ERROR_NO_ASSET_KEY = 9,
OEMCrypto_ERROR_KEYBOX_INVALID = 10,
OEMCrypto_ERROR_NO_KEYDATA = 11,
@@ -68,6 +68,13 @@ typedef enum OEMCryptoResult {
OEMCrypto_ERROR_INSUFFICIENT_RESOURCES = 37,
OEMCrypto_ERROR_INSUFFICIENT_HDCP = 38,
OEMCrypto_ERROR_BUFFER_TOO_LARGE = 39,
OEMCrypto_WARNING_GENERATION_SKEW = 40, // Warning, not an error.
OEMCrypto_ERROR_GENERATION_SKEW = 41,
OEMCrypto_LOCAL_DISPLAY_ONLY = 42, // Info, not an error.
OEMCrypto_ERROR_ANALOG_OUTPUT = 43,
OEMCrypto_ERROR_WRONG_PST = 44,
OEMCrypto_ERROR_WRONG_KEYS = 45,
OEMCrypto_ERROR_MISSING_MASTER = 46,
} OEMCryptoResult;
/*
@@ -235,7 +242,7 @@ typedef struct {
typedef enum OEMCrypto_Usage_Entry_Status {
kUnused = 0,
kActive = 1,
kInactive = 2
kInactive = 2 // TODO(fredgc): http://b/32714323. used and unused.
} OEMCrypto_Usage_Entry_Status;
/*
@@ -274,12 +281,12 @@ typedef enum RSA_Padding_Scheme {
* level, and in GetHDCPCapability for reporting.
*/
typedef enum OEMCrypto_HDCP_Capability {
HDCP_NONE = 0, // No HDCP supported, no secure data path.
HDCP_V1 = 1, // HDCP version 1.0
HDCP_V2 = 2, // HDCP version 2.0
HDCP_V2_1 = 3, // HDCP version 2.1
HDCP_V2_2 = 4, // HDCP version 2.2 Type 1.
HDCP_NO_DIGITAL_OUTPUT = 0xff // No digital output.
HDCP_NONE = 0, // No HDCP supported, no secure data path.
HDCP_V1 = 1, // HDCP version 1.0
HDCP_V2 = 2, // HDCP version 2.0 Type 1.
HDCP_V2_1 = 3, // HDCP version 2.1 Type 1.
HDCP_V2_2 = 4, // HDCP version 2.2 Type 1.
HDCP_NO_DIGITAL_OUTPUT = 0xff // No digital output.
} OEMCrypto_HDCP_Capability;
/* Return value for OEMCrypto_GetProvisioningMethod(). */
@@ -291,6 +298,19 @@ typedef enum OEMCrypto_ProvisioningMethod {
OEMCrypto_OEMCertificate = 3 // Device has factory installed OEM certificate.
} OEMCrypto_ProvisioningMethod;
/*
* Flags indicating RSA keys supported.
*/
#define OEMCrypto_Supports_RSA_2048bit 0x1
#define OEMCrypto_Supports_RSA_3072bit 0x2
#define OEMCrypto_Supports_RSA_CAST 0x10
/*
* Flags indicating full decrypt path hash supported.
*/
#define OEMCrypto_Hash_Not_Supported 0
#define OEMCrypto_HMAC_Clear_Buffer 1
/*
* Obfuscation Renames.
*/
@@ -324,10 +344,10 @@ typedef enum OEMCrypto_ProvisioningMethod {
#define OEMCrypto_GetHDCPCapability_V9 _oecc28
#define OEMCrypto_SupportsUsageTable _oecc29
#define OEMCrypto_UpdateUsageTable _oecc30
#define OEMCrypto_DeactivateUsageEntry _oecc31
#define OEMCrypto_DeactivateUsageEntry_V12 _oecc31
#define OEMCrypto_ReportUsage _oecc32
#define OEMCrypto_DeleteUsageEntry _oecc33
#define OEMCrypto_DeleteUsageTable _oecc34
#define OEMCrypto_DeleteOldUsageTable _oecc34
#define OEMCrypto_LoadKeys_V9_or_V10 _oecc35
#define OEMCrypto_GenerateRSASignature _oecc36
#define OEMCrypto_GetMaxNumberOfSessions _oecc37
@@ -340,11 +360,30 @@ typedef enum OEMCrypto_ProvisioningMethod {
#define OEMCrypto_GetHDCPCapability _oecc44
#define OEMCrypto_LoadTestRSAKey _oecc45
#define OEMCrypto_Security_Patch_Level _oecc46
#define OEMCrypto_LoadKeys _oecc47
#define OEMCrypto_LoadKeys_V12 _oecc47
#define OEMCrypto_DecryptCENC _oecc48
#define OEMCrypto_GetProvisioningMethod _oecc49
#define OEMCrypto_GetOEMPublicCertificate _oecc50
#define OEMCrypto_RewrapDeviceRSAKey30 _oecc51
#define OEMCrypto_SupportedCertificates _oecc52
#define OEMCrypto_IsSRMUpdateSupported _oecc53
#define OEMCrypto_GetCurrentSRMVersion _oecc54
#define OEMCrypto_LoadSRM _oecc55
#define OEMCrypto_LoadKeys _oecc56
#define OEMCrypto_RemoveSRM _oecc57
#define OEMCrypto_SupportsDecryptHash _oecc58
#define OEMCrypto_SetDecryptHash _oecc59
#define OEMCrypto_VerifyDecryptHash _oecc60
#define OEMCrypto_CreateUsageTableHeader _oecc61
#define OEMCrypto_LoadUsageTableHeader _oecc62
#define OEMCrypto_CreateNewUsageEntry _oecc63
#define OEMCrypto_LoadUsageEntry _oecc64
#define OEMCrypto_UpdateUsageEntry _oecc65
#define OEMCrypto_DeactivateUsageEntry _oecc66
#define OEMCrypto_ShrinkUsageTableHeader _oecc67
#define OEMCrypto_MoveEntry _oecc68
#define OEMCrypto_CopyOldUsageEntry _oecc69
#define OEMCrypto_CreateOldUsageEntry _oecc70
/*
@@ -442,6 +481,7 @@ OEMCryptoResult OEMCrypto_OpenSession(OEMCrypto_SESSION* session);
* Version:
* This method changed in API version 5.
*/
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_CloseSession(OEMCrypto_SESSION session);
/*
@@ -774,12 +814,14 @@ OEMCryptoResult OEMCrypto_GenerateSignature(OEMCrypto_SESSION session,
* Version:
* This method changed in API version 11.
*/
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_LoadKeys(
OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
const uint8_t* signature, size_t signature_length,
const uint8_t* enc_mac_keys_iv, const uint8_t* enc_mac_keys,
size_t num_keys, const OEMCrypto_KeyObject* key_array, const uint8_t* pst,
size_t pst_length);
size_t pst_length, const uint8_t* srm_requirement);
/*
* OEMCrypto_RefreshKeys
@@ -1001,6 +1043,7 @@ OEMCryptoResult OEMCrypto_QueryKeyControl(OEMCrypto_SESSION session,
* Version:
* This method changed in API version 8.
*/
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_SelectKey(OEMCrypto_SESSION session,
const uint8_t* key_id,
size_t key_id_length);
@@ -1177,6 +1220,7 @@ OEMCryptoResult OEMCrypto_SelectKey(OEMCrypto_SESSION session,
* This method changed in API version 11.
* This method changed its name in API version 11.
*/
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_DecryptCENC(
OEMCrypto_SESSION session, const uint8_t* data_addr, size_t data_length,
bool is_encrypted, const uint8_t* iv, size_t block_offset,
@@ -1252,6 +1296,7 @@ OEMCryptoResult OEMCrypto_DecryptCENC(
* Version
* This method is added in API version 10.
*/
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_CopyBuffer(const uint8_t* data_addr,
size_t data_length,
OEMCrypto_DestBufferDesc* out_buffer,
@@ -2237,6 +2282,9 @@ OEMCryptoResult OEMCrypto_GetNumberOfOpenSessions(size_t* count);
*/
OEMCryptoResult OEMCrypto_GetMaxNumberOfSessions(size_t* max);
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
uint32_t OEMCrypto_SupportedCertificates();
/*
* OEMCrypto_Generic_Encrypt
*
@@ -2508,7 +2556,8 @@ OEMCryptoResult OEMCrypto_Generic_Verify(OEMCrypto_SESSION session,
* OEMCrypto_ERROR_UNKNOWN_FAILURE
*
* Version:
* This method changed in API version 9.
* This method is deprecated in API version 13.
* TODO(fredgc): remove this.
*/
OEMCryptoResult OEMCrypto_UpdateUsageTable();
@@ -2548,9 +2597,15 @@ OEMCryptoResult OEMCrypto_UpdateUsageTable();
* too large.
*
* Version:
* This method changed in API version 9.
* This method is deprecated in API version 13.
* TODO(fredgc): remove this.
*/
OEMCryptoResult OEMCrypto_DeactivateUsageEntry(const uint8_t* pst,
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_DeactivateUsageEntry_12(const uint8_t* pst,
size_t pst_length);
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_DeactivateUsageEntry(OEMCrypto_SESSION session,
const uint8_t* pst,
size_t pst_length);
/*
@@ -2576,7 +2631,8 @@ OEMCryptoResult OEMCrypto_DeactivateUsageEntry(const uint8_t* pst,
* Valid values for status are:
* 0 = kUnused -- the keys have not been used to decrypt.
* 1 = kActive -- the keys have been used, and have not been deactivated.
* 2 = kInactive -- the keys have been marked inactive.
* 2 = kInactiveUsed -- the keys have been marked inactive after a decrypt.
* 3 = kInactiveUnused -- the keys have been marked inactive, no decrypt.
*
* The clock_security_level is reported as follows:
* 0 = Insecure Clock - clock just uses system time.
@@ -2634,6 +2690,7 @@ OEMCryptoResult OEMCrypto_DeactivateUsageEntry(const uint8_t* pst,
* Version:
* This method changed in API version 9.
*/
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_ReportUsage(OEMCrypto_SESSION session,
const uint8_t* pst, size_t pst_length,
OEMCrypto_PST_Report* buffer,
@@ -2700,6 +2757,8 @@ OEMCryptoResult OEMCrypto_ReportUsage(OEMCrypto_SESSION session,
* Version:
* This method changed in API version 9.
*/
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
/* TODO(fredgc): remove this. */
OEMCryptoResult OEMCrypto_DeleteUsageEntry(
OEMCrypto_SESSION session, const uint8_t* pst, size_t pst_length,
const uint8_t* message, size_t message_length, const uint8_t* signature,
@@ -2746,6 +2805,8 @@ OEMCryptoResult OEMCrypto_DeleteUsageEntry(
* Version
* This method changed in API version 10.
*/
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
/* TODO(fredgc): remove this. */
OEMCryptoResult OEMCrypto_ForceDeleteUsageEntry(const uint8_t* pst,
size_t pst_length);
@@ -2772,7 +2833,70 @@ OEMCryptoResult OEMCrypto_ForceDeleteUsageEntry(const uint8_t* pst,
* Version:
* This method changed in API version 9.
*/
OEMCryptoResult OEMCrypto_DeleteUsageTable();
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_DeleteOldUsageTable();
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_CreateOldUsageEntry(uint64_t time_since_license_received,
uint64_t time_since_first_decrypt,
uint64_t time_since_last_decrypt,
OEMCrypto_Usage_Entry_Status status,
uint8_t *server_mac_key,
uint8_t *client_mac_key,
const uint8_t* pst,
size_t pst_length);
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
bool OEMCrypto_IsSRMUpdateSupported();
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_GetCurrentSRMVersion(uint16_t* version);
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_LoadSRM(const uint8_t* buffer,
size_t buffer_length);
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_RemoveSRM();
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_CreateUsageTableHeader();
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_LoadUsageTableHeader(const uint8_t* buffer,
size_t buffer_length);
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_CreateNewUsageEntry(OEMCrypto_SESSION session,
uint32_t* usage_entry_number);
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_LoadUsageEntry(OEMCrypto_SESSION session,
uint32_t index,
const uint8_t* buffer,
size_t buffer_size);
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_UpdateUsageEntry(OEMCrypto_SESSION session,
uint8_t* header_buffer,
size_t* header_buffer_length,
uint8_t* entry_buffer,
size_t* entry_buffer_length);
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_ShrinkUsageTableHeader(uint32_t new_entry_count,
uint8_t* header_buffer,
size_t* header_buffer_length);
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_MoveEntry(OEMCrypto_SESSION session,
uint32_t new_index);
/* TODO(fredgc): copy text from http://go/wvgerrit/22887 */
OEMCryptoResult OEMCrypto_CopyOldUsageEntry(OEMCrypto_SESSION session,
const uint8_t*pst,
size_t pst_length);
#ifdef __cplusplus
}

86
libwvdrmengine/oemcrypto/include/level3.h
View File

@@ -31,7 +31,6 @@ namespace wvoec3 {
#define Level3_GenerateDerivedKeys _lcc12
#define Level3_GenerateSignature _lcc13
#define Level3_GenerateNonce _lcc14
#define Level3_LoadKeys _lcc15
#define Level3_RefreshKeys _lcc16
#define Level3_SelectKey _lcc17
#define Level3_RewrapDeviceRSAKey _lcc18
@@ -50,7 +49,7 @@ namespace wvoec3 {
#define Level3_DeactivateUsageEntry _lcc31
#define Level3_ReportUsage _lcc32
#define Level3_DeleteUsageEntry _lcc33
#define Level3_DeleteUsageTable _lcc34
#define Level3_DeleteOldUsageTable _lcc34
#define Level3_GetMaxNumberOfSessions _lcc37
#define Level3_GetNumberOfOpenSessions _lcc38
#define Level3_IsAntiRollbackHwPresent _lcc39
@@ -63,7 +62,24 @@ namespace wvoec3 {
#define Level3_GetProvisioningMethod _lcc49
#define Level3_GetOEMPublicCertificate _lcc50
#define Level3_RewrapDeviceRSAKey30 _lcc51
#define Level3_SupportedCertificates _lcc52
#define Level3_IsSRMUpdateSupported _lcc53
#define Level3_GetCurrentSRMVersion _lcc54
#define Level3_LoadSRM _lcc55
#define Level3_LoadKeys _lcc56
#define Level3_RemoveSRM _lcc57
#define Level3_SupportsDecryptHash _lcc58
#define Level3_SetDecryptHash _lcc59
#define Level3_VerifyDecryptHash _lcc60
#define Level3_CreateUsageTableHeader _lcc61
#define Level3_LoadUsageTableHeader _lcc62
#define Level3_CreateNewUsageEntry _lcc63
#define Level3_LoadUsageEntry _lcc64
#define Level3_UpdateUsageEntry _lcc65
#define Level3_ShrinkUsageTableHeader _lcc67
#define Level3_MoveEntry _lcc68
#define Level3_CopyOldUsageEntry _lcc69
#define Level3_CreateOldUsageEntry _lcc70
extern "C" {
bool Level3_IsInApp(const char* path);
@@ -83,17 +99,12 @@ OEMCryptoResult Level3_GenerateSignature(OEMCrypto_SESSION session,
size_t message_length,
uint8_t* signature,
size_t* signature_length);
OEMCryptoResult Level3_LoadKeys(OEMCrypto_SESSION session,
const uint8_t* message,
size_t message_length,
const uint8_t* signature,
size_t signature_length,
const uint8_t* enc_mac_key_iv,
const uint8_t* enc_mac_key,
size_t num_keys,
const OEMCrypto_KeyObject* key_array,
const uint8_t* pst,
size_t pst_length);
OEMCryptoResult Level3_LoadKeys(
OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
const uint8_t* signature, size_t signature_length,
const uint8_t* enc_mac_keys_iv, const uint8_t* enc_mac_keys,
size_t num_keys, const OEMCrypto_KeyObject* key_array, const uint8_t* pst,
size_t pst_length, const uint8_t* srm_requirement);
OEMCryptoResult Level3_RefreshKeys(OEMCrypto_SESSION session,
const uint8_t* message,
size_t message_length,
@@ -188,6 +199,7 @@ bool Level3_SupportsUsageTable();
bool Level3_IsAntiRollbackHwPresent();
OEMCryptoResult Level3_GetNumberOfOpenSessions(size_t* count);
OEMCryptoResult Level3_GetMaxNumberOfSessions(size_t* maximum);
uint32_t Level3_SupportedCertificates();
OEMCryptoResult Level3_Generic_Encrypt(OEMCrypto_SESSION session,
const uint8_t* in_buffer,
size_t buffer_length,
@@ -213,7 +225,8 @@ OEMCryptoResult Level3_Generic_Verify(OEMCrypto_SESSION session,
const uint8_t* signature,
size_t signature_length);
OEMCryptoResult Level3_UpdateUsageTable();
OEMCryptoResult Level3_DeactivateUsageEntry(const uint8_t *pst,
OEMCryptoResult Level3_DeactivateUsageEntry(OEMCrypto_SESSION session,
const uint8_t *pst,
size_t pst_length);
OEMCryptoResult Level3_ReportUsage(OEMCrypto_SESSION session,
const uint8_t *pst,
@@ -229,7 +242,48 @@ OEMCryptoResult Level3_DeleteUsageEntry(OEMCrypto_SESSION session,
size_t signature_length);
OEMCryptoResult Level3_ForceDeleteUsageEntry(const uint8_t* pst,
size_t pst_length);
OEMCryptoResult Level3_DeleteUsageTable();
OEMCryptoResult Level3_DeleteOldUsageTable();
bool Level3_IsSRMUpdateSupported();
OEMCryptoResult Level3_GetCurrentSRMVersion(uint16_t* version);
OEMCryptoResult Level3_LoadSRM(const uint8_t* buffer,
size_t buffer_length);
OEMCryptoResult Level3_RemoveSRM();
uint32_t Level3_SupportsDecryptHash();
OEMCryptoResult Level3_SetDecryptHash(OEMCrypto_SESSION session,
const uint8_t* hash,
size_t hash_length);
OEMCryptoResult Level3_VerifyDecryptHash(OEMCrypto_SESSION session,
uint64_t* failure_data);
OEMCryptoResult Level3_CreateUsageTableHeader();
OEMCryptoResult Level3_LoadUsageTableHeader(const uint8_t* buffer,
size_t buffer_length);
OEMCryptoResult Level3_CreateNewUsageEntry(OEMCrypto_SESSION session,
uint32_t *usage_entry_number);
OEMCryptoResult Level3_LoadUsageEntry(OEMCrypto_SESSION session,
uint32_t index,
const uint8_t *buffer,
size_t buffer_size);
OEMCryptoResult Level3_UpdateUsageEntry(OEMCrypto_SESSION session,
uint8_t* header_buffer,
size_t* header_buffer_length,
uint8_t* entry_buffer,
size_t* entry_buffer_length);
OEMCryptoResult Level3_ShrinkUsageTableHeader(uint32_t new_table_size,
uint8_t* header_buffer,
size_t* header_buffer_length);
OEMCryptoResult Level3_MoveEntry(OEMCrypto_SESSION session,
uint32_t new_index);
OEMCryptoResult Level3_CopyOldUsageEntry(OEMCrypto_SESSION session,
const uint8_t*pst,
size_t pst_length);
OEMCryptoResult Level3_CreateOldUsageEntry(uint64_t time_since_license_received,
uint64_t time_since_first_decrypt,
uint64_t time_since_last_decrypt,
OEMCrypto_Usage_Entry_Status status,
uint8_t *server_mac_key,
uint8_t *client_mac_key,
const uint8_t* pst,
size_t pst_length);
} // extern "C"
} // namespace wvoec3

3
libwvdrmengine/oemcrypto/mock/src/oemcrypto_key_mock.cpp
View File

@@ -18,7 +18,8 @@ bool KeyControlBlock::Validate() {
memcmp(verification_, "kc09", 4) && // add in version 9 api
memcmp(verification_, "kc10", 4) && // add in version 10 api
memcmp(verification_, "kc11", 4) && // add in version 11 api
memcmp(verification_, "kc12", 4)) { // add in version 12 api
memcmp(verification_, "kc12", 4) && // add in version 11 api
memcmp(verification_, "kc13", 4)) { // add in version 13 api
LOGE("KCB: BAD verification string: %4.4s", verification_);
valid_ = false;
} else {

95
libwvdrmengine/oemcrypto/mock/src/oemcrypto_mock.cpp
View File

@@ -305,7 +305,8 @@ OEMCryptoResult OEMCrypto_LoadKeys(OEMCrypto_SESSION session,
size_t num_keys,
const OEMCrypto_KeyObject* key_array,
const uint8_t* pst,
size_t pst_length) {
size_t pst_length,
const uint8_t* srm_requirement) {
if (!crypto_engine) {
LOGE("OEMCrypto_LoadKeys: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
@@ -1380,7 +1381,7 @@ OEMCryptoResult OEMCrypto_DeriveKeysFromSessionKey(
extern "C"
uint32_t OEMCrypto_APIVersion() {
return 12;
return 13;
}
extern "C"
@@ -1471,6 +1472,12 @@ bool OEMCrypto_IsAntiRollbackHwPresent() {
return anti_rollback_hw_present;
}
extern "C"
uint32_t OEMCrypto_SupportedCertificates() {
return OEMCrypto_Supports_RSA_2048bit | OEMCrypto_Supports_RSA_3072bit
| OEMCrypto_Supports_RSA_CAST;
}
extern "C"
OEMCryptoResult OEMCrypto_Generic_Encrypt(OEMCrypto_SESSION session,
const uint8_t* in_buffer,
@@ -1660,7 +1667,8 @@ OEMCryptoResult OEMCrypto_UpdateUsageTable() {
}
extern "C"
OEMCryptoResult OEMCrypto_DeactivateUsageEntry(const uint8_t *pst,
OEMCryptoResult OEMCrypto_DeactivateUsageEntry(OEMCrypto_SESSION session,
const uint8_t *pst,
size_t pst_length) {
if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) {
LOGI("-- OEMCryptoResult OEMCrypto_DeactivateUsageEntry(\n");
@@ -1795,12 +1803,12 @@ OEMCryptoResult OEMCrypto_ForceDeleteUsageEntry(const uint8_t* pst,
}
extern "C"
OEMCryptoResult OEMCrypto_DeleteUsageTable() {
OEMCryptoResult OEMCrypto_DeleteOldUsageTable() {
if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) {
LOGI("-- OEMCryptoResult OEMCrypto_DeleteUsageTable()\n");
LOGI("-- OEMCryptoResult OEMCrypto_DeleteOldUsageTable()\n");
}
if (!crypto_engine) {
LOGE("OEMCrypto_DeleteUsageTable: OEMCrypto Not Initialized.");
LOGE("OEMCrypto_DeleteOldUsageTable: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
if (!crypto_engine->config_supports_usage_table()) {
@@ -1811,4 +1819,79 @@ OEMCryptoResult OEMCrypto_DeleteUsageTable() {
return OEMCrypto_SUCCESS;
}
extern "C"
bool OEMCrypto_IsSRMUpdateSupported() {
return false;
}
extern "C"
OEMCryptoResult OEMCrypto_GetCurrentSRMVersion(uint16_t* version) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
extern "C"
OEMCryptoResult OEMCrypto_LoadSRM(const uint8_t* buffer,
size_t buffer_length) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
extern "C"
OEMCryptoResult OEMCrypto_RemoveSRM() {
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
extern "C"
OEMCryptoResult OEMCrypto_CreateUsageTableHeader() {
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
extern "C"
OEMCryptoResult OEMCrypto_LoadUsageTableHeader(const uint8_t* buffer,
size_t buffer_length) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
extern "C"
OEMCryptoResult OEMCrypto_CreateNewUsageEntry(OEMCrypto_SESSION session,
uint32_t *usage_entry_number) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
extern "C"
OEMCryptoResult OEMCrypto_LoadUsageEntry(OEMCrypto_SESSION session,
uint32_t index,
const uint8_t *buffer,
size_t buffer_size) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
extern "C"
OEMCryptoResult OEMCrypto_UpdateUsageEntry(OEMCrypto_SESSION session,
uint8_t* header_buffer,
size_t* header_buffer_length,
uint8_t* entry_buffer,
size_t* entry_buffer_length) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
extern "C"
OEMCryptoResult OEMCrypto_ShrinkUsageTableHeader(uint32_t new_table_size,
uint8_t* header_buffer,
size_t* header_buffer_length) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
extern "C"
OEMCryptoResult OEMCrypto_MoveEntry(OEMCrypto_SESSION session,
uint32_t new_index) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
extern "C"
OEMCryptoResult OEMCrypto_CopyOldUsageEntry(OEMCrypto_SESSION session,
const uint8_t* pst,
size_t pst_length) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
} // namespace wvoec_mock

6
libwvdrmengine/oemcrypto/test/oec_session_util.cpp
View File

@@ -222,7 +222,8 @@ void Session::LoadTestKeys(const std::string& pst, bool new_mac_keys) {
&signature_[0], signature_.size(),
encrypted_license().mac_key_iv,
encrypted_license().mac_keys, num_keys_,
key_array_, pst_ptr, pst.length()));
key_array_, pst_ptr, pst.length(),
NULL));
// Update new generated keys.
memcpy(&mac_key_server_[0], license_.mac_keys, wvcdm::MAC_KEY_SIZE);
memcpy(&mac_key_client_[0], license_.mac_keys + wvcdm::MAC_KEY_SIZE,
@@ -231,7 +232,8 @@ void Session::LoadTestKeys(const std::string& pst, bool new_mac_keys) {
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_LoadKeys(session_id(), message_ptr(), message_size_,
&signature_[0], signature_.size(), NULL, NULL,
num_keys_, key_array_, pst_ptr, pst.length()));
num_keys_, key_array_, pst_ptr, pst.length(),
NULL));
}
VerifyTestKeys();
}

92
libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp
View File

@@ -90,7 +90,7 @@ TEST_F(OEMCryptoClientTest, VersionNumber) {
cout << " OEMCrypto does not support usage tables." << endl;
}
ASSERT_GE(version, 8u);
ASSERT_LE(version, 12u);
ASSERT_LE(version, 13u);
}
TEST_F(OEMCryptoClientTest, ProvisioningDeclaredAPI12) {
@@ -592,7 +592,7 @@ class OEMCryptoSessionTests : public OEMCryptoClientTest {
virtual void SetUp() {
OEMCryptoClientTest::SetUp();
EnsureTestKeys();
if (global_features.usage_table) OEMCrypto_DeleteUsageTable();
if (global_features.usage_table) OEMCrypto_DeleteOldUsageTable();
}
void EnsureTestKeys() {
@@ -938,7 +938,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange1) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
&mac_keys[0], // Not pointing into buffer.
s.num_keys(), s.key_array(), NULL, 0);
s.num_keys(), s.key_array(), NULL, 0, NULL);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -956,7 +956,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange2) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(),
&mac_key_iv[0], // bad.
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -974,7 +975,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange3) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -993,7 +995,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange4) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1010,7 +1013,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange5) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1029,7 +1033,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange6) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1048,7 +1053,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange7) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1063,7 +1069,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadNonce) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1088,7 +1095,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithRepeatNonce) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1103,7 +1111,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadVerification) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1137,7 +1146,8 @@ TEST_P(SessionTestAlternateVerification, LoadKeys) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
// If this is a future API, then LoadKeys should fail.
if (global_features.api_version < target_api_) {
ASSERT_NE(OEMCrypto_SUCCESS, sts);
@@ -1163,7 +1173,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeysBadSignature) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1176,7 +1187,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeysWithNoDerivedKeys) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1193,7 +1205,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyNoKeys) {
OEMCrypto_SUCCESS,
OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), s.message_size(),
&s.signature()[0], s.signature().size(), NULL, NULL,
kNoKeys, s.key_array(), NULL, 0));
kNoKeys, s.key_array(), NULL, 0,
NULL));
}
TEST_F(OEMCryptoSessionTests, LoadKeyNoKeyWithNonce) {
@@ -1208,7 +1221,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyNoKeyWithNonce) {
OEMCrypto_SUCCESS,
OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), s.message_size(),
&s.signature()[0], s.signature().size(), NULL, NULL,
kNoKeys, s.key_array(), NULL, 0));
kNoKeys, s.key_array(), NULL, 0,
NULL));
}
TEST_F(OEMCryptoSessionTests, QueryKeyControl) {
@@ -1248,7 +1262,8 @@ TEST_F(OEMCryptoSessionTests, AntiRollbackHardwareRequired) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
if (OEMCrypto_IsAntiRollbackHwPresent()) {
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
} else {
@@ -1271,7 +1286,8 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) {
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), NULL, 0));
s.key_array(), NULL, 0,
NULL));
if (patch_level < 0x3F) {
Session s;
ASSERT_NO_FATAL_FAILURE(s.open());
@@ -1286,7 +1302,8 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) {
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), NULL, 0));
s.key_array(), NULL, 0,
NULL));
}
if (patch_level > 0) {
Session s;
@@ -1302,7 +1319,8 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) {
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), NULL, 0));
s.key_array(), NULL, 0,
NULL));
}
}
@@ -4280,7 +4298,7 @@ class UsageTableTest : public GenericCryptoTest {
void DeactivatePST(const std::string& pst) {
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_DeactivateUsageEntry(
OEMCrypto_DeactivateUsageEntry(0,
reinterpret_cast<const uint8_t*>(pst.c_str()), pst.length()));
}
@@ -4457,7 +4475,8 @@ TEST_F(UsageTableTest, RepeatOnlineLicense) {
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), pst_ptr, pst.length()));
s.key_array(), pst_ptr, pst.length(),
NULL));
ASSERT_NO_FATAL_FAILURE(s2.close());
}
@@ -4474,7 +4493,8 @@ TEST_F(UsageTableTest, OnlineEmptyPST) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
ASSERT_NO_FATAL_FAILURE(s.close());
}
@@ -4492,7 +4512,7 @@ TEST_F(UsageTableTest, EmptyTable) {
ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, new_mac_keys_));
s.GenerateReport(pst);
ASSERT_NO_FATAL_FAILURE(s.close());
OEMCrypto_DeleteUsageTable();
OEMCrypto_DeleteOldUsageTable();
Session s2;
ASSERT_NO_FATAL_FAILURE(s2.open());
s2.GenerateReport(pst, false);
@@ -4803,11 +4823,11 @@ TEST_P(UsageTableTestWithMAC, DeleteEntryBadRange) {
TEST_P(UsageTableTestWithMAC, DeactivateBadPST) {
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable());
std::string pst = "nonexistant pst";
OEMCryptoResult sts = OEMCrypto_DeactivateUsageEntry(
OEMCryptoResult sts = OEMCrypto_DeactivateUsageEntry(0,
reinterpret_cast<const uint8_t*>(pst.c_str()), pst.length());
EXPECT_EQ(OEMCrypto_ERROR_INVALID_CONTEXT, sts);
std::string null_pst = "";
sts = OEMCrypto_DeactivateUsageEntry(
sts = OEMCrypto_DeactivateUsageEntry(0,
reinterpret_cast<const uint8_t*>(null_pst.c_str()), null_pst.length());
EXPECT_EQ(OEMCrypto_ERROR_INVALID_CONTEXT, sts);
}
@@ -5160,7 +5180,8 @@ TEST_P(UsageTableTestWithMAC, BadReloadOfflineLicense) {
&s2.signature()[0], s2.signature().size(),
s2.encrypted_license().mac_key_iv,
s2.encrypted_license().mac_keys, s.num_keys(),
s2.key_array(), pst_ptr, pst.length()));
s2.key_array(), pst_ptr, pst.length(),
NULL));
ASSERT_NO_FATAL_FAILURE(s2.close());
// Offline license with same mac keys should still be OK.
@@ -5186,7 +5207,8 @@ TEST_P(UsageTableTestWithMAC, OfflineBadNonce) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), pst_ptr,
pst.length());
pst.length(),
NULL);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
ASSERT_NO_FATAL_FAILURE(s.close());
}
@@ -5203,7 +5225,8 @@ TEST_P(UsageTableTestWithMAC, OfflineEmptyPST) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
ASSERT_NO_FATAL_FAILURE(s.close());
}
@@ -5241,7 +5264,8 @@ TEST_P(UsageTableTestWithMAC, DeactivateOfflineLicense) {
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), pst_ptr, pst.length()));
s.key_array(), pst_ptr, pst.length(),
NULL));
// But we can still generate a report.
Session s3;
ASSERT_NO_FATAL_FAILURE(s3.open());
@@ -5265,7 +5289,8 @@ TEST_P(UsageTableTestWithMAC, BadRange) {
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), pst_ptr, pst.length()));
s.key_array(), pst_ptr, pst.length(),
NULL));
}
TEST_F(UsageTableTest, TimingTest) {
@@ -5530,7 +5555,8 @@ TEST_F(UsageTableTest, PSTLargeBuffer) {
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), pst_ptr, pst.length()));
s.key_array(), pst_ptr, pst.length(),
NULL));
// But we can still generate a report.
Session s3;
ASSERT_NO_FATAL_FAILURE(s3.open());