widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Change ERROR_INVALID_RSA_KEY to ERROR_INVALID_KEY

Browse Source 
[ Merge of http://go/wvgerrit/149269 ]

This mostly affects tests and documentation.

Bug: 201581141
Bug: 236317198
Change-Id: I1bc0ec4c3767106c01dfac9956f83ccfbffc49b7
This commit is contained in:
Alex Dale
2022-06-16 18:12:16 -07:00
parent 173b230588
commit dd2f063254
4 changed files with 15 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h
View File

@@ -1038,7 +1038,7 @@ OEMCryptoResult OEMCrypto_GenerateDerivedKeys(
* *
* @verification * @verification
* If the RSA key's allowed_schemes is not kSign_RSASSA_PSS, then no keys are * If the RSA key's allowed_schemes is not kSign_RSASSA_PSS, then no keys are
* derived and the error OEMCrypto_ERROR_INVALID_RSA_KEY is returned. An RSA * derived and the error OEMCrypto_ERROR_INVALID_KEY is returned. An RSA
* key cannot be used for both deriving session keys and also for PKCS1 * key cannot be used for both deriving session keys and also for PKCS1
* signatures. * signatures.
* *
@@ -3077,7 +3077,7 @@ OEMCrypto_ProvisioningMethod OEMCrypto_GetProvisioningMethod(void);
* @retval OEMCrypto_ERROR_BAD_MAGIC * @retval OEMCrypto_ERROR_BAD_MAGIC
* @retval OEMCrypto_ERROR_BAD_CRC * @retval OEMCrypto_ERROR_BAD_CRC
* @retval OEMCrypto_ERROR_KEYBOX_INVALID * @retval OEMCrypto_ERROR_KEYBOX_INVALID
* @retval OEMCrypto_ERROR_INVALID_RSA_KEY * @retval OEMCrypto_ERROR_INVALID_KEY
* @retval OEMCrypto_ERROR_SYSTEM_INVALIDATED * @retval OEMCrypto_ERROR_SYSTEM_INVALIDATED
* @retval OEMCrypto_ERROR_NEEDS_KEYBOX_PROVISIONING * @retval OEMCrypto_ERROR_NEEDS_KEYBOX_PROVISIONING
* *
@@ -3964,7 +3964,7 @@ OEMCrypto_WatermarkingSupport OEMCrypto_GetWatermarkingSupport(void);
* @retval OEMCrypto_SUCCESS success * @retval OEMCrypto_SUCCESS success
* @retval OEMCrypto_ERROR_NO_DEVICE_KEY * @retval OEMCrypto_ERROR_NO_DEVICE_KEY
* @retval OEMCrypto_ERROR_INVALID_SESSION * @retval OEMCrypto_ERROR_INVALID_SESSION
* @retval OEMCrypto_ERROR_INVALID_RSA_KEY * @retval OEMCrypto_ERROR_INVALID_KEY
* @retval OEMCrypto_ERROR_SIGNATURE_FAILURE * @retval OEMCrypto_ERROR_SIGNATURE_FAILURE
* @retval OEMCrypto_ERROR_INVALID_NONCE * @retval OEMCrypto_ERROR_INVALID_NONCE
* @retval OEMCrypto_ERROR_SHORT_BUFFER * @retval OEMCrypto_ERROR_SHORT_BUFFER
@@ -4029,7 +4029,7 @@ OEMCryptoResult OEMCrypto_LoadProvisioning(
* @retval OEMCrypto_SUCCESS success * @retval OEMCrypto_SUCCESS success
* @retval OEMCrypto_ERROR_NO_DEVICE_KEY * @retval OEMCrypto_ERROR_NO_DEVICE_KEY
* @retval OEMCrypto_ERROR_INVALID_SESSION * @retval OEMCrypto_ERROR_INVALID_SESSION
* @retval OEMCrypto_ERROR_INVALID_RSA_KEY * @retval OEMCrypto_ERROR_INVALID_KEY
* @retval OEMCrypto_ERROR_INSUFFICIENT_RESOURCES * @retval OEMCrypto_ERROR_INSUFFICIENT_RESOURCES
* @retval OEMCrypto_ERROR_UNKNOWN_FAILURE * @retval OEMCrypto_ERROR_UNKNOWN_FAILURE
* @retval OEMCrypto_ERROR_SESSION_LOST_STATE * @retval OEMCrypto_ERROR_SESSION_LOST_STATE
@@ -4108,7 +4108,7 @@ OEMCryptoResult OEMCrypto_LoadTestRSAKey(void);
* @verification * @verification
* Both the padding_scheme and the RSA key's allowed_schemes must be 0x2. If * Both the padding_scheme and the RSA key's allowed_schemes must be 0x2. If
* not, then the signature is not computed and the error * not, then the signature is not computed and the error
* OEMCrypto_ERROR_INVALID_RSA_KEY is returned. * OEMCrypto_ERROR_INVALID_KEY is returned.
* *
* @param[in] session: crypto session identifier. * @param[in] session: crypto session identifier.
* @param[in] message: pointer to memory containing message to be signed. * @param[in] message: pointer to memory containing message to be signed.
@@ -4125,7 +4125,7 @@ OEMCryptoResult OEMCrypto_LoadTestRSAKey(void);
* @retval OEMCrypto_ERROR_SHORT_BUFFER if the signature buffer is too small. * @retval OEMCrypto_ERROR_SHORT_BUFFER if the signature buffer is too small.
* @retval OEMCrypto_ERROR_INVALID_SESSION * @retval OEMCrypto_ERROR_INVALID_SESSION
* @retval OEMCrypto_ERROR_INVALID_CONTEXT * @retval OEMCrypto_ERROR_INVALID_CONTEXT
* @retval OEMCrypto_ERROR_INVALID_RSA_KEY * @retval OEMCrypto_ERROR_INVALID_KEY
* @retval OEMCrypto_ERROR_INSUFFICIENT_RESOURCES * @retval OEMCrypto_ERROR_INSUFFICIENT_RESOURCES
* @retval OEMCrypto_ERROR_UNKNOWN_FAILURE * @retval OEMCrypto_ERROR_UNKNOWN_FAILURE
* @retval OEMCrypto_ERROR_NOT_IMPLEMENTED if algorithm > 0, and the device * @retval OEMCrypto_ERROR_NOT_IMPLEMENTED if algorithm > 0, and the device
@@ -5075,7 +5075,7 @@ OEMCryptoResult OEMCrypto_FreeSecureBuffer(
* @retval OEMCrypto_ERROR_INVALID_CONTEXT * @retval OEMCrypto_ERROR_INVALID_CONTEXT
* @retval OEMCrypto_ERROR_NO_DEVICE_KEY * @retval OEMCrypto_ERROR_NO_DEVICE_KEY
* @retval OEMCrypto_ERROR_INVALID_SESSION * @retval OEMCrypto_ERROR_INVALID_SESSION
* @retval OEMCrypto_ERROR_INVALID_RSA_KEY * @retval OEMCrypto_ERROR_INVALID_KEY
* @retval OEMCrypto_ERROR_INSUFFICIENT_RESOURCES * @retval OEMCrypto_ERROR_INSUFFICIENT_RESOURCES
* @retval OEMCrypto_ERROR_UNKNOWN_FAILURE * @retval OEMCrypto_ERROR_UNKNOWN_FAILURE
* @retval OEMCrypto_ERROR_SESSION_LOST_STATE * @retval OEMCrypto_ERROR_SESSION_LOST_STATE

4
libwvdrmengine/oemcrypto/util/src/oemcrypto_drm_key.cpp
View File

@@ -72,7 +72,7 @@ OEMCryptoResult DrmPrivateKey::GetSessionKey(
if (rsa_key_) { if (rsa_key_) {
if (!(rsa_key_->allowed_schemes() & kSign_RSASSA_PSS)) { if (!(rsa_key_->allowed_schemes() & kSign_RSASSA_PSS)) {
LOGE("RSA key cannot be used for session key decryption"); LOGE("RSA key cannot be used for session key decryption");
return OEMCrypto_ERROR_INVALID_RSA_KEY; return OEMCrypto_ERROR_INVALID_KEY;
} }
size_t session_key_size = rsa_key_->SessionKeyLength(); size_t session_key_size = rsa_key_->SessionKeyLength();
session_key->resize(session_key_size); session_key->resize(session_key_size);
@@ -168,7 +168,7 @@ OEMCryptoResult DrmPrivateKey::GenerateRsaSignature(
size_t* signature_length) const { size_t* signature_length) const {
if (!rsa_key_) { if (!rsa_key_) {
LOGE("Only RSA DRM keys can generate PKCS1 signatures"); LOGE("Only RSA DRM keys can generate PKCS1 signatures");
return OEMCrypto_ERROR_INVALID_RSA_KEY; return OEMCrypto_ERROR_INVALID_KEY;
} }
return rsa_key_->GenerateSignature(message, message_length, kRsaPkcs1Cast, return rsa_key_->GenerateSignature(message, message_length, kRsaPkcs1Cast,
signature, signature_length); signature, signature_length);

4
libwvdrmengine/oemcrypto/util/src/oemcrypto_oem_cert.cpp
View File

@@ -38,11 +38,11 @@ OEMCryptoResult VerifyRsaKey(const RSA* public_key,
RsaPrivateKey::Load(private_key_data); RsaPrivateKey::Load(private_key_data);
if (!private_key) { if (!private_key) {
LOGE("Failed to parse provided RSA private key"); LOGE("Failed to parse provided RSA private key");
return OEMCrypto_ERROR_INVALID_RSA_KEY; return OEMCrypto_ERROR_INVALID_KEY;
} }
if (!RsaKeysAreMatchingPair(public_key, private_key->GetRsaKey())) { if (!RsaKeysAreMatchingPair(public_key, private_key->GetRsaKey())) {
LOGE("OEM certificate keys do not match"); LOGE("OEM certificate keys do not match");
return OEMCrypto_ERROR_INVALID_RSA_KEY; return OEMCrypto_ERROR_INVALID_KEY;
} }
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }

8
libwvdrmengine/oemcrypto/util/src/oemcrypto_rsa_key.cpp
View File

@@ -647,7 +647,7 @@ OEMCryptoResult RsaPublicKey::VerifySignaturePss(
// Step 0: Ensure the signature algorithm is supported by key. // Step 0: Ensure the signature algorithm is supported by key.
if (!(allowed_schemes_ & kSign_RSASSA_PSS)) { if (!(allowed_schemes_ & kSign_RSASSA_PSS)) {
LOGE("RSA key cannot verify using PSS"); LOGE("RSA key cannot verify using PSS");
return OEMCrypto_ERROR_INVALID_RSA_KEY; return OEMCrypto_ERROR_INVALID_KEY;
} }
// Step 1: Create a high-level key from RSA key. // Step 1: Create a high-level key from RSA key.
ScopedEvpPkey pkey(EVP_PKEY_new()); ScopedEvpPkey pkey(EVP_PKEY_new());
@@ -715,7 +715,7 @@ OEMCryptoResult RsaPublicKey::VerifySignaturePkcs1Cast(
// Step 0: Ensure the signature algorithm is supported by key. // Step 0: Ensure the signature algorithm is supported by key.
if (!(allowed_schemes_ & kSign_PKCS1_Block1)) { if (!(allowed_schemes_ & kSign_PKCS1_Block1)) {
LOGE("RSA key cannot verify using PKCS1"); LOGE("RSA key cannot verify using PKCS1");
return OEMCrypto_ERROR_INVALID_RSA_KEY; return OEMCrypto_ERROR_INVALID_KEY;
} }
if (message_length > kRsaPkcs1CastMaxMessageSize) { if (message_length > kRsaPkcs1CastMaxMessageSize) {
LOGE("Message is too large for CAST PKCS1 signature: size = %zu", LOGE("Message is too large for CAST PKCS1 signature: size = %zu",
@@ -1158,7 +1158,7 @@ OEMCryptoResult RsaPrivateKey::GenerateSignaturePss(
// Step 0: Ensure the signature algorithm is supported by key. // Step 0: Ensure the signature algorithm is supported by key.
if (!(allowed_schemes_ & kSign_RSASSA_PSS)) { if (!(allowed_schemes_ & kSign_RSASSA_PSS)) {
LOGE("RSA key cannot sign using PSS"); LOGE("RSA key cannot sign using PSS");
return OEMCrypto_ERROR_INVALID_RSA_KEY; return OEMCrypto_ERROR_INVALID_KEY;
} }
// Step 1: Create a high-level key from RSA key. // Step 1: Create a high-level key from RSA key.
ScopedEvpPkey pkey(EVP_PKEY_new()); ScopedEvpPkey pkey(EVP_PKEY_new());
@@ -1237,7 +1237,7 @@ OEMCryptoResult RsaPrivateKey::GenerateSignaturePkcs1Cast(
// Step 0: Ensure the signature algorithm is supported by key. // Step 0: Ensure the signature algorithm is supported by key.
if (!(allowed_schemes_ & kSign_PKCS1_Block1)) { if (!(allowed_schemes_ & kSign_PKCS1_Block1)) {
LOGE("RSA key cannot sign PKCS1"); LOGE("RSA key cannot sign PKCS1");
return OEMCrypto_ERROR_INVALID_RSA_KEY; return OEMCrypto_ERROR_INVALID_KEY;
} }
if (message_length > kRsaPkcs1CastMaxMessageSize) { if (message_length > kRsaPkcs1CastMaxMessageSize) {
LOGE("Message is too large for CAST PKCS1 signature: size = %zu", LOGE("Message is too large for CAST PKCS1 signature: size = %zu",