widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Restore OpenSSL Compatibility

Browse Source 
(This is a merge of http://go/wvgerrit/96226.)

This patch does a number of different things in order to re-enable the
CDM to use OpenSSL 1.1.0+ out of the box, instead of just BoringSSL:

* To support https://cryptography.io/, BoringSSL has reimplemented just
  enough of the OpenSSL PKCS7 API that we can fulfill our purposes with
  code that works on either library. This patch replaces code in
  privacy_crypto_boringssl.cpp and oec_session_util.cpp that was only
  compatible with BoringSSL with code that also works in OpenSSL.

* Replaces code in oec_session_util.cpp that used the deprecated OpenSSL
  1.0.0 API with OpenSSL 1.1.0-compatible code. This code previously
  worked on BoringSSL because they have not yet removed the OpenSSL
  1.0.0 functions, even though they also implemented the 1.1.0 API.

* Replaces openssl/mem.h (which does not work in OpenSSL 1.1.0 and
  higher) with openssl/crypto.h. (which works in all OpenSSL and
  BoringSSL releases) This does not require any function code changes.

* The OID-comparison code in privacy_crypto_boringssl.cpp was using
  BoringSSL-exclusive functions to convert OBJ-format OIDs to text.
  Conversion functions that work on either library exist. However, the
  new code uses a different technique instead, pre-converting the
  passed-in OID to OBJ format. This allows it to be compared to the
  certificate directly, avoiding converting every certificate extension
  OID to text.

* Allows the selection of "openssl" as the privacy_crypto_impl and adds
  a variable to configure OpenSSL. More will follow in future patches
  as more configurations of OpenSSL are supported.

Bug: 140053043
Test: CE CDM Unit Tests
Test: CE CDM Unit Tests w/ the x86-64 Platform Reconfigured to OpenSSL
Test: Android Unit Tests
Change-Id: I57cebbbfb59e0bcab85b589b98fb9ffd18885415
This commit is contained in:
John W. Bruce
2020-03-26 13:20:15 -07:00
parent c0d7f16b78
commit d21d70f533
5 changed files with 53 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libwvdrmengine/oemcrypto/ref/src/oemcrypto_ref.cpp
View File

@@ -8,9 +8,9 @@
#include <assert.h>
#include <openssl/cmac.h>
#include <openssl/crypto.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/mem.h>
#include <openssl/rand.h>
#include <openssl/sha.h>
#include <stddef.h>

2
libwvdrmengine/oemcrypto/ref/src/oemcrypto_session.cpp
View File

@@ -15,10 +15,10 @@
#include <openssl/aes.h>
#include <openssl/bio.h>
#include <openssl/cmac.h>
#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/mem.h>
#include <openssl/rand.h>
#include <openssl/rsa.h>
#include <openssl/sha.h>

2
libwvdrmengine/oemcrypto/ref/src/oemcrypto_usage_table_ref.cpp
View File

@@ -13,8 +13,8 @@
#include <vector>
#include <openssl/aes.h>
#include <openssl/crypto.h>
#include <openssl/hmac.h>
#include <openssl/mem.h>
#include <openssl/rand.h>
#include <openssl/sha.h>