Restructed reference root of trust (1/3 Keybox)

[ Merge of http://go/wvgerrit/115550 ] This change is the first part of a three part change for restructing the root of trust used by the reference implementation. The API of the AuthenticationRoot class has been updated to reflect the OEMCrypto functions that relate to the root of trust. This involves changing the keybox and DRM Cert methods and adding in new stubs for OEM Certificates. The WvKeybox now uses a RAII-like interface to ensure that keyboxes are provisioned correctly or not at all. Bug: 135283522 Test: oemcrypto_unittests ce_cdm_tests Change-Id: I3f2baf29c1022e1806b6196fa6650d761785c626
2021-02-18 19:33:33 -08:00
parent 8c6ce2e4c9
commit e4ee4eb404
8 changed files with 524 additions and 199 deletions
--- a/libwvdrmengine/oemcrypto/ref/src/oemcrypto_auth_ref.h
+++ b/libwvdrmengine/oemcrypto/ref/src/oemcrypto_auth_ref.h
@@ -21,61 +21,141 @@
 #include "oemcrypto_types.h"

 namespace wvoec_ref {
-
+// The AuthenticationRoot class contains the OEMCrypto information
+// which makes up the "root of trust" of a device.
 class AuthenticationRoot {
 public:
-  explicit AuthenticationRoot(OEMCrypto_ProvisioningMethod method);
+  AuthenticationRoot() {}
  ~AuthenticationRoot() {}

-  bool Validate();
+  // Initializes the root of authentication for the provided
+  // |method|.  This will clear any previously initialied data.
+  bool Initialize(OEMCrypto_ProvisioningMethod method);

-  KeyboxError ValidateKeybox();
+  // General root of trust API.

-  bool InstallKeybox(const uint8_t* keybox_data, size_t keybox_length) {
-    return keybox().InstallKeybox(keybox_data, keybox_length);
+  // Checks that the auth root has been properly initialized and can
+  // be used by the rest of OEMCrypto for the current provisioning
+  // method.
+  bool IsValid() const;
+
+  // Checks the validity of the underlying Keybox or OEM Certificate
+  // depending on the provisioning method.
+  // Similar to the expected behavior of OEMCrypto_IsKeyboxOrOEMCertValid().
+  OEMCryptoResult IsKeyboxOrOemCertValid() const;
+
+  // Gets the device ID from the root of trust.
+  // Similar to the expected behavior of OEMCrypto_GetDeviceID().
+  OEMCryptoResult GetDeviceId(uint8_t* device_id,
+                              size_t* device_id_length) const;
+
+  // Returns the device ID from the root of trust.  Intended to be used
+  // for core message generation.
+  std::vector<uint8_t> DeviceId() const;
+
+  // Returns the device key from the root of trust.  For keybox-based
+  // devices, this is the device key from the keybox (or test keybox
+  // if installed).  For devices that use a non-keybox provisioning
+  // method, this will be a device specific key.
+  std::vector<uint8_t> DeviceKey() const;
+
+  // Check for the existence of a device key.
+  bool HasDeviceKey() const;
+
+  // Clears any test data inside this root of trust.
+  void Clear();
+
+  // DRM Certificate-based root of trust API.
+
+  // Returns the shared RSA private key from the built-in DRM
+  // Certificate.
+  RSA_shared_ptr& SharedRsaKey() {
+    return test_rsa_key_.get() != nullptr ? test_rsa_key_ : rsa_key_;
+  }
+  RSA* rsa_key() {
+    return test_rsa_key_.get() != nullptr ? test_rsa_key_.get()
+                                          : rsa_key_.get();
  }

-  const std::vector<uint8_t>& DeviceKey(bool use_real_keybox = false) {
-    return use_real_keybox ? real_keybox().device_key() :
-                             keybox().device_key();
+  // Loads the system's built-in RSA key.  Only implemented for
+  // devices that are that pre-provisioned with a built-in DRM
+  // Certificate,
+  // This method implements the expected behavior of
+  // OEMCrypto_LoadTestRSAKey().
+  OEMCryptoResult LoadTestRsaKey();
+
+  // Removes any installed test RSA key.
+  void RemoveTestRsaKey() { test_rsa_key_.reset(); }
+
+  // Keybox-based root of trust API.
+
+  // Returns the currently installed keybox (or test keybox) if any
+  // present.  The test keybox takes priority over the standard.
+  WvKeybox* keybox() const {
+    return test_keybox_ ? test_keybox_.get() : keybox_.get();
  }

-  const std::vector<uint8_t>& DeviceId() {
-    return keybox().device_id();
-  }
+  // Checks the validity of the keybox regardless of the provisioning
+  // method.
+  OEMCryptoResult IsKeyboxValid() const;

-  size_t DeviceTokenLength() {
-    return keybox().key_data_length();
-  }
+  // Installs a clear WV keybox as the root of trust.
+  // A keybox can only be installed once, however, the provisioning
+  // method stated at initialization remains the same.
+  //
+  // This method is similar to the expected behavior of
+  // OEMCrypto_InstallKeyboxOrOEMCert() for keybox devices except
+  // that the keybox provided here must be decrypted before installing.
+  OEMCryptoResult InstallKeybox(const uint8_t* keybox_data,
+                                size_t keybox_length);

-  const uint8_t* DeviceToken() {
-    return keybox().key_data();
-  }
+  // Installs a clear test WV keybox.  Only settable for devices that
+  // uses a keybox for provisioning.
+  //
+  // This method is similar to the expected behavior of
+  // OEMCrypto_LoadTestKeybox() for keybox devices except that
+  // the keybox provided here must be decrypted before installing.
+  OEMCryptoResult InstallTestKeybox(const uint8_t* keybox_data,
+                                    size_t keybox_length);

-  WvKeybox& keybox() { return use_test_keybox_ ? test_keybox_ : keybox_; }
-  bool UseTestKeybox(const uint8_t* keybox_data, size_t keybox_length) {
-    use_test_keybox_ = true;
-    return test_keybox_.InstallKeybox(keybox_data, keybox_length);
-  }
+  // Removes any installed test keybox.
+  void RemoveTestKeybox() { test_keybox_.reset(); }

-  RSA_shared_ptr& SharedRsaKey() { return rsa_key_; }
-  RSA* rsa_key() { return rsa_key_.get(); }
-  bool LoadTestRsaKey();
-  void Clear() { use_test_keybox_ = false; }
+  // Gets the keybox key data.
+  // Implements the expected behavior of OEMCrypto_GetKeyData().
+  OEMCryptoResult GetKeyData(uint8_t* key_data, size_t* key_data_length) const;
+
+  // OEM Certificate-base root of trust API.
+
+  // For OEM Cert-based devices, returns the OEM Public Certificate
+  // component of the OEM Certificate.
+  // This method implements the expected behavior of
+  // OEMCrypto_GetOEMPublicCertificate().
+  OEMCryptoResult GetOemPublicCertificate(uint8_t* public_cert,
+                                          size_t* public_cert_length) const;
+
+  // Returns the OEM private key.  Intended to be used when loading
+  // the OEM private key into a session.
+  // Should only be called for devices that use OEM Certificates
+  // for provisioning.
+  const std::vector<uint8_t>& GetOemPrivateKey() const;

 private:
-  OEMCrypto_ProvisioningMethod provisioning_method_;
-  WvKeybox& real_keybox() { return keybox_; }
-
-  WvKeybox keybox_;
-  WvKeybox test_keybox_;
-  bool use_test_keybox_;
+  OEMCrypto_ProvisioningMethod prov_method_ = OEMCrypto_ProvisioningError;

+  // DRM certificate.
+  // TODO(b/168544740): Remove |rsa_key_set_| when RSA_shared_ptr has
+  // been replaced with scoped RsaPrivateKey.
+  bool rsa_key_set_ = false;
  RSA_shared_ptr rsa_key_;  // If no keybox, this is baked in certificate.
+  RSA_shared_ptr test_rsa_key_;
+
+  // Keybox data.
+  std::unique_ptr<WvKeybox> keybox_;
+  std::unique_ptr<WvKeybox> test_keybox_;

  CORE_DISALLOW_COPY_AND_ASSIGN(AuthenticationRoot);
 };
-
 }  // namespace wvoec_ref

 #endif  // OEMCRYPTO_AUTH_REF_H_