Add OEMCrypto_FactoryInstallBCCSignature API

This was requested by OEM and SOCs to support Prov 4 signing model in the factory. Bug: 275567037 Merged from https://widevine-internal-review.googlesource.com/176310 Change-Id: I2907841c4a16f37ae9a2241a6c9eaad73ff616af
2023-06-02 17:11:41 -07:00
parent dd1c01c9dd
commit f6c1879b4c
2 changed files with 51 additions and 1 deletions
--- a/libwvdrmengine/cdm/core/src/oemcrypto_adapter_dynamic.cpp
+++ b/libwvdrmengine/cdm/core/src/oemcrypto_adapter_dynamic.cpp
@@ -122,6 +122,8 @@ typedef OEMCryptoResult (*L1_WrapKeybox_t)(const uint8_t* keybox,
                                           size_t transportKeyLength);
 typedef OEMCryptoResult (*L1_InstallKeyboxOrOEMCert_t)(const uint8_t* keybox,
                                                       size_t keyBoxLength);
+typedef OEMCryptoResult (*L1_FactoryInstallBCCSignature_t)(
+    const uint8_t* signature, size_t signature_length);
 typedef OEMCryptoResult (*L1_LoadTestKeybox_t)(const uint8_t* buffer,
                                               size_t length);
 typedef OEMCryptoResult (*L1_IsKeyboxOrOEMCertValid_t)();
@@ -339,6 +341,7 @@ struct FunctionPointers {
  L1_CopyBuffer_t CopyBuffer;
  L1_WrapKeybox_t WrapKeybox;
  L1_InstallKeyboxOrOEMCert_t InstallKeyboxOrOEMCert;
+  L1_FactoryInstallBCCSignature_t FactoryInstallBCCSignature;
  L1_LoadTestKeybox_t LoadTestKeybox;
  L1_IsKeyboxOrOEMCertValid_t IsKeyboxOrOEMCertValid;
  L1_GetDeviceID_t GetDeviceID;
@@ -967,6 +970,7 @@ class Adapter {
    LOOKUP_ALL(12, GetProvisioningMethod,      OEMCrypto_GetProvisioningMethod);
    LOOKUP_ALL( 8, GetRandom,                  OEMCrypto_GetRandom);
    LOOKUP_ALL( 8, InstallKeyboxOrOEMCert,     OEMCrypto_InstallKeyboxOrOEMCert);
+    LOOKUP_ALL(18, FactoryInstallBCCSignature, OEMCrypto_FactoryInstallBCCSignature);
    LOOKUP_ALL(10, IsAntiRollbackHwPresent,    OEMCrypto_IsAntiRollbackHwPresent);
    LOOKUP_ALL( 8, IsKeyboxOrOEMCertValid,     OEMCrypto_IsKeyboxOrOEMCertValid);
    LOOKUP( 8, 15, LoadDeviceRSAKey,           OEMCrypto_LoadDeviceRSAKey);
@@ -2252,6 +2256,16 @@ extern "C" OEMCryptoResult OEMCrypto_InstallKeyboxOrOEMCert(
  return OEMCrypto_InstallKeyboxOrOEMCert(keybox, keyBoxLength, kLevelDefault);
 }

+extern "C" OEMCryptoResult OEMCrypto_FactoryInstallBCCSignature(
+    const uint8_t* signature, size_t signature_length) {
+  if (!gAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
+  const FunctionPointers* fcn = gAdapter->GetFunctionPointers(kLevelDefault);
+  if (!fcn) return OEMCrypto_ERROR_INVALID_SESSION;
+  if (fcn->FactoryInstallBCCSignature == nullptr)
+    return OEMCrypto_ERROR_NOT_IMPLEMENTED;
+  return fcn->FactoryInstallBCCSignature(signature, signature_length);
+}
+
 extern "C" OEMCryptoResult OEMCrypto_LoadTestKeybox(const uint8_t* buffer,
                                                    size_t length) {
  if (!gAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
--- a/libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h
+++ b/libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h
@@ -3,7 +3,7 @@
 // License Agreement.

 /**
- * @mainpage OEMCrypto API v18.2
+ * @mainpage OEMCrypto API v18.3
 *
 * OEMCrypto is the low level library implemented by the OEM to provide key and
 * content protection, usually in a separate secure memory or process space. The
@@ -712,6 +712,7 @@ typedef enum OEMCrypto_SignatureHashAlgorithm {
 #define OEMCrypto_GetSignatureHashAlgorithm   _oecc139
 #define OEMCrypto_EnterTestMode               _oecc140
 #define OEMCrypto_GetDeviceSignedCsrPayload   _oecc141
+#define OEMCrypto_FactoryInstallBCCSignature  _oecc142
 // clang-format on

 /// @addtogroup initcontrol
@@ -2996,6 +2997,41 @@ OEMCryptoResult OEMCrypto_WrapKeyboxOrOEMCert(
 OEMCryptoResult OEMCrypto_InstallKeyboxOrOEMCert(const uint8_t* keybox_or_cert,
                                                 size_t keybox_or_cert_length);

+/**
+ * Install a factory generated signature for the BCC. This is for devices that
+ * use Provisioning 4.0, with the signing option in the factory. With the
+ * signing option, the BCC is extracted from the device in the factory. Instead
+ * of being uploaded to the Widevine server, the BCC is signed by a certificate
+ * that the manufacturer shares with Widevine. The signature is then installed
+ * on the device is a secure location. The signature must not be erased during
+ * factory reset.
+ *
+ * This signature should be returned as `addition_signature` in a call to the
+ * function `OEMCrypto_GetBootCertificateChain()`.
+ *
+ * Devices that do not support Provisioning 4.0, or only support Provisioning
+ * 4.0 Option 1 should return OEMCrypto_ERROR_NOT_IMPLEMENTED.
+ *
+ *
+ * @param[in] signature: pointer to data as input
+ * @param[in] signature_length: length of the data in bytes
+ *
+ * @retval OEMCrypto_SUCCESS success
+ * @retval OEMCrypto_ERROR_INSUFFICIENT_RESOURCES
+ * @retval OEMCrypto_ERROR_NOT_IMPLEMENTED
+ * @retval OEMCrypto_ERROR_SYSTEM_INVALIDATED
+ *
+ * @threading
+ *   This is an "Initialization and Termination Function" and will not be
+ *   called simultaneously with any other function, as if the CDM holds a write
+ *   lock on the OEMCrypto system.
+ *
+ * @version
+ *   This method is new in API version 18.3.
+ */
+OEMCryptoResult OEMCrypto_FactoryInstallBCCSignature(const uint8_t* signature,
+                                                     size_t signature_length);
+
 /**
 * This function is for OEMCrypto to tell the layer above what provisioning
 * method it uses: keybox or OEM certificate.