widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add "bootCertificateChainSignature" to Drm plugin getPropertyByteArray()

Browse Source 
This allows Widevine RKP HAL to query BCC signature via DRM interface
during BCC extraction for remote provisioning phase 3. The query returns
the "additional_signature" field from
OEMCrypto_GetBootCertificateChain().

Test: Manual BCC extraction on Pixel 9
Bug: 355160637
Change-Id: I1a310a80c0cfef82ee3697f06c1293d5c1c3896a
This commit is contained in:
Cong Lin
2024-09-09 11:43:00 -07:00
committed by conglin
parent 4ef3e2cee8
commit d92d3a884d
5 changed files with 42 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp
View File

@@ -1296,6 +1296,18 @@ static WvStatus getDeviceSignedCsrPayload(
} else {
value = StrToVector(boot_certificate_chain);
}
} else if (name == "bootCertificateChainSignature" && isCsrAccessAllowed()) {
std::string boot_certificate_chain_signature;
const CdmResponseType res = mCDM->QueryStatus(wvcdm::kLevelDefault,
wvcdm::QUERY_KEY_DEBUG_BOOT_CERTIFICATE_CHAIN_SIGNATURE,
&boot_certificate_chain_signature);
if (res != wvcdm::NO_ERROR) {
ALOGE("Error querying CDM boot certificate chain signature: %d",
static_cast<int>(res));
status = mapCdmResponseType(res);
} else {
value = StrToVector(boot_certificate_chain_signature);
}
} else if (name == "verifiedDeviceInfo" && isCsrAccessAllowed()) {
std::string verified_device_info;
CdmResponseType res = mCDM->QueryStatus(wvcdm::kLevelDefault,