[DO NOT MERGE] Revert "Restructed reference root of trust (3/3 OEM Cert)"
This reverts commit 9f7e2c4413.
Reason for revert: Feature missed deadline
Bug: 135283522
Change-Id: I63eb0431762fd13c64bef926fb1e64b6edacb156
This commit is contained in:
Alex Dale
@@ -15,7 +15,6 @@
|
||||
#include "OEMCryptoCENC.h" // Needed for enums only.
|
||||
#include "disallow_copy_and_assign.h"
|
||||
#include "oemcrypto_keybox_ref.h"
|
||||
#include "oemcrypto_oem_cert.h"
|
||||
#include "oemcrypto_rsa_key.h"
|
||||
|
||||
namespace wvoec_ref {
|
||||
@@ -68,12 +67,12 @@ class AuthenticationRoot {
|
||||
// Returns the shared RSA private key from the built-in DRM
|
||||
// Certificate.
|
||||
std::shared_ptr<RsaPrivateKey> ShareDrmCertKey() {
|
||||
return test_drm_cert_key_ ? test_drm_cert_key_ : drm_cert_key_;
|
||||
return test_rsa_key_ ? test_rsa_key_ : rsa_key_;
|
||||
}
|
||||
RsaPrivateKey* DrmCertKey() const {
|
||||
return test_drm_cert_key_ ? test_drm_cert_key_.get() : drm_cert_key_.get();
|
||||
return test_rsa_key_ ? test_rsa_key_.get() : rsa_key_.get();
|
||||
}
|
||||
bool HasDrmCertKey() const { return test_drm_cert_key_ || drm_cert_key_; }
|
||||
bool HasDrmCertKey() const { return test_rsa_key_ || rsa_key_; }
|
||||
|
||||
// Loads the system's built-in RSA key. Only implemented for
|
||||
// devices that are that pre-provisioned with a built-in DRM
|
||||
@@ -83,7 +82,7 @@ class AuthenticationRoot {
|
||||
OEMCryptoResult LoadTestRsaKey();
|
||||
|
||||
// Removes any installed test RSA key.
|
||||
void RemoveTestRsaKey() { test_drm_cert_key_.reset(); }
|
||||
void RemoveTestRsaKey() { test_rsa_key_.reset(); }
|
||||
|
||||
// Keybox-based root of trust API.
|
||||
|
||||
@@ -125,14 +124,6 @@ class AuthenticationRoot {
|
||||
|
||||
// OEM Certificate-base root of trust API.
|
||||
|
||||
// Installs an OEM certificate as the root of trust. The provided
|
||||
// private key and public cert are parsed, but not validated. The
|
||||
// private key will be made available for sessions to load.
|
||||
OEMCryptoResult InstallOemCertificate(const uint8_t* private_key,
|
||||
size_t private_key_size,
|
||||
const uint8_t* public_cert,
|
||||
size_t public_cert_size);
|
||||
|
||||
// For OEM Cert-based devices, returns the OEM Public Certificate
|
||||
// component of the OEM Certificate.
|
||||
// This method implements the expected behavior of
|
||||
@@ -144,9 +135,7 @@ class AuthenticationRoot {
|
||||
// the OEM private key into a session.
|
||||
// Should only be called for devices that use OEM Certificates
|
||||
// for provisioning.
|
||||
std::shared_ptr<RsaPrivateKey> ShareOemCertKey() { return oem_cert_key_; }
|
||||
RsaPrivateKey* OemCertKey() const { return oem_cert_key_.get(); }
|
||||
bool HasOemCertKey() const { return static_cast<bool>(oem_cert_key_); }
|
||||
const std::vector<uint8_t>& GetOemPrivateKey() const;
|
||||
|
||||
private:
|
||||
OEMCrypto_ProvisioningMethod prov_method_ = OEMCrypto_ProvisioningError;
|
||||
@@ -154,17 +143,13 @@ class AuthenticationRoot {
|
||||
// DRM certificate.
|
||||
// If no keybox, this is the private key of the baked-in DRM
|
||||
// Certificate.
|
||||
std::shared_ptr<RsaPrivateKey> drm_cert_key_;
|
||||
std::shared_ptr<RsaPrivateKey> test_drm_cert_key_;
|
||||
std::shared_ptr<RsaPrivateKey> rsa_key_;
|
||||
std::shared_ptr<RsaPrivateKey> test_rsa_key_;
|
||||
|
||||
// Keybox data.
|
||||
std::unique_ptr<WvKeybox> keybox_;
|
||||
std::unique_ptr<WvKeybox> test_keybox_;
|
||||
|
||||
// OEM certificate.
|
||||
std::unique_ptr<OemCertificate> oem_cert_;
|
||||
std::shared_ptr<RsaPrivateKey> oem_cert_key_;
|
||||
|
||||
CORE_DISALLOW_COPY_AND_ASSIGN(AuthenticationRoot);
|
||||
};
|
||||
} // namespace wvoec_ref
|
||||
|
||||
Reference in New Issue
Block a user