From b8003f12b4572dc0c4a299ed5294de2ea488a421 Mon Sep 17 00:00:00 2001 From: Fred Gylys-Colwell Date: Mon, 14 Jul 2014 17:08:28 -0700 Subject: [PATCH] Streamline cast certificate loading This CL adds special code to create a session and sign a message with an RSA key without initializing the full session. This is to fix: b/16130551 Molly does not show up in CAST device list Change-Id: I4a14b312ef67e666c7c9504fe8135c6924be4c0d --- libwvdrmengine/mediadrm/Android.mk | 1 + .../include/WVGenericCryptoInterface.h | 10 ++++ libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp | 44 ++--------------- .../mediadrm/src/WVGenericCryptoInterface.cpp | 49 +++++++++++++++++++ 4 files changed, 65 insertions(+), 39 deletions(-) create mode 100644 libwvdrmengine/mediadrm/src/WVGenericCryptoInterface.cpp diff --git a/libwvdrmengine/mediadrm/Android.mk b/libwvdrmengine/mediadrm/Android.mk index 074f1e76..cbc2dd49 100644 --- a/libwvdrmengine/mediadrm/Android.mk +++ b/libwvdrmengine/mediadrm/Android.mk @@ -3,6 +3,7 @@ include $(CLEAR_VARS) LOCAL_SRC_FILES := \ src/WVDrmPlugin.cpp \ + src/WVGenericCryptoInterface.cpp \ LOCAL_C_INCLUDES := \ bionic \ diff --git a/libwvdrmengine/mediadrm/include/WVGenericCryptoInterface.h b/libwvdrmengine/mediadrm/include/WVGenericCryptoInterface.h index 9424ea03..614b04b1 100644 --- a/libwvdrmengine/mediadrm/include/WVGenericCryptoInterface.h +++ b/libwvdrmengine/mediadrm/include/WVGenericCryptoInterface.h @@ -8,6 +8,8 @@ #include #include "OEMCryptoCENC.h" +#include "media/stagefright/foundation/ABase.h" +#include "utils/Vector.h" namespace wvdrm { @@ -57,6 +59,14 @@ class WVGenericCryptoInterface { algorithm, signature, signature_length); } + virtual OEMCryptoResult signRSA(const uint8_t* wrapped_rsa_key, + size_t wrapped_rsa_key_length, + const uint8_t* message, + size_t message_length, + android::Vector& signature, + RSA_Padding_Scheme padding_scheme); + + virtual OEMCryptoResult loadDeviceRSAKey(OEMCrypto_SESSION session, const uint8_t* wrapped_rsa_key, size_t wrapped_rsa_key_length) { diff --git a/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp b/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp index 4d2bb2d5..eec6a4d6 100644 --- a/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp +++ b/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp @@ -803,14 +803,6 @@ status_t WVDrmPlugin::signRSA(const Vector& sessionId, const Vector& message, const Vector& wrappedKey, Vector& signature) { - CdmSessionId cdmSessionId(sessionId.begin(), sessionId.end()); - - if (!mCryptoSessions.count(cdmSessionId)) { - return android::ERROR_DRM_SESSION_NOT_OPENED; - } - - const CryptoSession& cryptoSession = mCryptoSessions[cdmSessionId]; - RSA_Padding_Scheme padding_scheme; if (algorithm == "RSASSA-PSS-SHA1") { padding_scheme = kSign_RSASSA_PSS; @@ -820,37 +812,11 @@ status_t WVDrmPlugin::signRSA(const Vector& sessionId, ALOGE("Unknown RSA Algorithm %s", algorithm.string()); return android::ERROR_DRM_CANNOT_HANDLE; } - - OEMCryptoResult res = mCrypto->loadDeviceRSAKey(cryptoSession.oecSessionId(), - wrappedKey.array(), - wrappedKey.size()); - if (res != OEMCrypto_SUCCESS) { - ALOGE("OEMCrypto_LoadDeviceRSAKey failed with %u", res); - return mapOEMCryptoResult(res); - } - - size_t signatureSize = 0; - - res = mCrypto->generateRSASignature(cryptoSession.oecSessionId(), - message.array(), message.size(), - NULL, &signatureSize, padding_scheme); - - if (res != OEMCrypto_ERROR_SHORT_BUFFER) { - ALOGE("OEMCrypto_GenerateRSASignature failed with %u when requesting " - "signature size", res); - if (res != OEMCrypto_SUCCESS) { - return mapOEMCryptoResult(res); - } else { - return android::ERROR_DRM_UNKNOWN; - } - } - - signature.resize(signatureSize); - - res = mCrypto->generateRSASignature(cryptoSession.oecSessionId(), - message.array(), message.size(), - signature.editArray(), &signatureSize, - padding_scheme); + OEMCryptoResult res = mCrypto->signRSA(wrappedKey.array(), + wrappedKey.size(), + message.array(), message.size(), + signature, + padding_scheme); if (res != OEMCrypto_SUCCESS) { ALOGE("OEMCrypto_GenerateRSASignature failed with %u", res); diff --git a/libwvdrmengine/mediadrm/src/WVGenericCryptoInterface.cpp b/libwvdrmengine/mediadrm/src/WVGenericCryptoInterface.cpp new file mode 100644 index 00000000..8b81f313 --- /dev/null +++ b/libwvdrmengine/mediadrm/src/WVGenericCryptoInterface.cpp @@ -0,0 +1,49 @@ +// +// Copyright 2013 Google Inc. All Rights Reserved. +// + +//#define LOG_NDEBUG 0 +#define LOG_TAG "WVCdm" +#include + +#include "WVGenericCryptoInterface.h" + +#include "wv_cdm_constants.h" + +namespace wvdrm { + +using namespace android; +using namespace std; +using namespace wvcdm; + +OEMCryptoResult WVGenericCryptoInterface::signRSA(const uint8_t* wrapped_rsa_key, + size_t wrapped_rsa_key_length, + const uint8_t* message, + size_t message_length, + Vector& signature, + RSA_Padding_Scheme padding_scheme) { + OEMCrypto_SESSION session; + OEMCryptoResult sts = OEMCrypto_OpenSession(&session); + if (sts != OEMCrypto_SUCCESS) return sts; + sts = OEMCrypto_LoadDeviceRSAKey(session, wrapped_rsa_key, + wrapped_rsa_key_length); + if (sts == OEMCrypto_SUCCESS) { + size_t signatureSize = 0; + sts = OEMCrypto_GenerateRSASignature(session, message, message_length, + NULL, &signatureSize, + padding_scheme); + if (sts == OEMCrypto_SUCCESS) { + // Should be short buffer. + sts = OEMCrypto_ERROR_UNKNOWN_FAILURE; + } else if (sts == OEMCrypto_ERROR_SHORT_BUFFER) { + signature.resize(signatureSize); + sts = OEMCrypto_GenerateRSASignature(session, message, message_length, + signature.editArray(), &signatureSize, + padding_scheme); + } + } + OEMCrypto_CloseSession(session); + return sts; +} + +} // namespace wvdrm