Add header functions for GetBCCType

Add new OEMCrypto_GetBCCType() function in v19. Re-generate serialization and test files. Test: opk_ta, opk_linux_ipc_ta, run_fake_l1_tests Bug: 297918188 Change-Id: Id5f422776cd50c71ab483c06bbe3ac399461fb31
2023-10-13 12:06:35 -07:00
parent 417a9c7b77
commit df6d73f021
2 changed files with 54 additions and 2 deletions
--- a/libwvdrmengine/cdm/core/src/oemcrypto_adapter_dynamic.cpp
+++ b/libwvdrmengine/cdm/core/src/oemcrypto_adapter_dynamic.cpp
@@ -193,6 +193,7 @@ typedef OEMCryptoResult (*L1_GetUsageEntryInfo_t)(
    int64_t* seconds_since_license_received,
    int64_t* seconds_since_first_decrypt);
 typedef OEMCrypto_ProvisioningMethod (*L1_GetProvisioningMethod_t)();
+typedef OEMCryptoResult (*L1_GetBCCType_t)(OEMCrypto_BCCType* bcc_type);
 typedef OEMCryptoResult (*L1_GetOEMPublicCertificate_t)(
    uint8_t* public_cert, size_t* public_cert_length);
 typedef OEMCryptoResult (*L1_LoadOEMPrivateKey_t)(OEMCrypto_SESSION session);
@@ -398,6 +399,7 @@ struct FunctionPointers {
  L1_ReportUsage_t ReportUsage;
  L1_GetUsageEntryInfo_t GetUsageEntryInfo;
  L1_GetProvisioningMethod_t GetProvisioningMethod;
+  L1_GetBCCType_t GetBCCType;
  L1_GetOEMPublicCertificate_t GetOEMPublicCertificate;
  L1_LoadOEMPrivateKey_t LoadOEMPrivateKey;
  L1_SupportedCertificates_t SupportedCertificates;
@@ -1004,6 +1006,7 @@ class Adapter {
    LOOKUP_ALL(16, GetOEMPublicCertificate,    OEMCrypto_GetOEMPublicCertificate);
    LOOKUP_ALL(16, LoadOEMPrivateKey,          OEMCrypto_LoadOEMPrivateKey);
    LOOKUP_ALL(12, GetProvisioningMethod,      OEMCrypto_GetProvisioningMethod);
+    LOOKUP_ALL(19, GetBCCType,                 OEMCrypto_GetBCCType);
    LOOKUP_ALL( 8, GetRandom,                  OEMCrypto_GetRandom);
    LOOKUP_ALL( 8, InstallKeyboxOrOEMCert,     OEMCrypto_InstallKeyboxOrOEMCert);
    LOOKUP_ALL(18, FactoryInstallBCCSignature, OEMCrypto_FactoryInstallBCCSignature);
@@ -1558,6 +1561,14 @@ OEMCrypto_ProvisioningMethod OEMCrypto_GetProvisioningMethod(
  return fcn->GetProvisioningMethod();
 }

+OEMCryptoResult OEMCrypto_GetBCCType(OEMCrypto_GetBCCType* bcc_type) {
+  if (!gAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
+  const FunctionPointers* fcn = gAdapter->GetFunctionPointers(kLevelDefault);
+  if (!fcn) return OEMCrypto_ERROR_INVALID_SESSION;
+  if (fcn->GetBCCType == nullptr) return OEMCrypto_ERROR_NOT_IMPLEMENTED;
+  return fcn->GetBCCType(bcc_type);
+}
+
 OEMCryptoResult OEMCrypto_GetDeviceID(uint8_t* deviceID, size_t* idLength,
                                      wvcdm::RequestedSecurityLevel level) {
  if (!gAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
--- a/libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h
+++ b/libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h
@@ -513,9 +513,19 @@ typedef enum OEMCrypto_ProvisioningMethod {
  // Device has factory installed OEM certificate.
  OEMCrypto_OEMCertificate = 3,
  // Device has Boot Certificate Chain (BCC).
-  OEMCrypto_BootCertificateChain = 4
+  OEMCrypto_BootCertificateChain = 4,
 } OEMCrypto_ProvisioningMethod;

+/**
+   Return value for OEMCrypto_GetBCCType().
+ */
+typedef enum OEMCrypto_BCCType {
+  // Boot certificate chain in CBOR format.
+  OEMCrypto_CBOR = 0,
+  // Boot certificate chain in X509 format.
+  OEMCrypto_X509 = 1,
+} OEMCrypto_BCCType;
+
 /**
   Return value for OEMCrypto_GetWatermarkingSupport().
 */
@@ -721,6 +731,7 @@ typedef enum OEMCrypto_SignatureHashAlgorithm {
 #define OEMCrypto_LoadProvisioningCast        _oecc146
 #define OEMCrypto_PrepAndSignLicenseRelease   _oecc147
 #define OEMCrypto_GetUsageEntryInfo           _oecc148
+#define OEMCrypto_GetBCCType                  _oecc149
 // clang-format on

 /// @addtogroup initcontrol
@@ -2996,6 +3007,37 @@ OEMCryptoResult OEMCrypto_FactoryInstallBCCSignature(const uint8_t* signature,
 */
 OEMCrypto_ProvisioningMethod OEMCrypto_GetProvisioningMethod(void);

+/**
+ * This function is for OEMCrypto to tell the layer above what type of Boot
+ * Certificate Chain it uses. This is for devices that use Provisioning 4.0.
+ *
+ * Valid values for OEMCrypto_BCCType are:
+ *
+ * OEMCrypto_CBOR means the device has a boot certificate chain of CBOR type,
+ * which shall follow the IETF CBOR Web Token (CWT) specification, and the CBOR
+ * Object Signing and Encryption (COSE) specification. Android requires CBOR.
+ * OEMCrypto_X509 means the device has a boot certificate chain of X509 type.
+ * Please work with your Widevine Partner Engineer if you plan to support X509.
+ *
+ * @param[out] bcc_type: the type of the boot certificate chain.
+ *
+ * @retval OEMCrypto_SUCCESS
+ * @retval OEMCrypto_ERROR_INVALID_CONTEXT if any pointer is NULL.
+ * @retval OEMCrypto_ERROR_NOT_IMPLEMENTED: this function is for
+ *         Provisioning 4.0 only.
+ * @retval OEMCrypto_ERROR_UNKNOWN_FAILURE any other failure.
+ *
+ * @threading
+ *   This is a "Property Function" and may be called simultaneously with any
+ *   other property function or session function, but not any initialization or
+ *   usage table function, as if the CDM holds a read lock on the OEMCrypto
+ *   system.
+ *
+ * @version
+ *   This method is new API version 19.
+ */
+OEMCryptoResult OEMCrypto_GetBCCType(OEMCrypto_BCCType* bcc_type);
+
 /**
 * If the device has a keybox, this validates the Widevine Keybox loaded into
 * the security processor device. This method verifies two fields in the
@@ -3987,7 +4029,6 @@ OEMCryptoResult OEMCrypto_LoadProvisioning(
    size_t signature_length, uint8_t* wrapped_private_key,
    size_t* wrapped_private_key_length);

-
 /**
 * Load and parse a provisioning response, and then rewrap the private key. We
 * recommend that the OEM use a strong encryption key and signing key algorithm.