This is a cherry-pick of
https://widevine-internal-review.googlesource.com/c/cdm/+/121763
Original commit message from master branch:
This is a security improvement against an L3 exploit b/182584472.
The change is to store RSA private key in two parts instead of one,
and load it separately when the key is needed. This will make it
more difficult to find the entire RSA key.
OEM private key is split into two parts and stored in Haystack in CL:
cl/367515385. Loading RSA key is to be changed to loading part one first
and then part two. Bytes in each part are parsed in sequence.
Only OEM private key has two non-empty parts. For DRM private key the
first part contains the entire key, and second part is empty. For more
details, please find the comments in the head of rsa_load.cpp.
This change slightly increased the size of LoadRSAKey from 6KB to 7KB
due to the macros introduced. It's unlikely to have overall performance
impact.
Bug: 183416973
Bug: 182584472
Test: jenkins/run_level3_static_tests
Test: GTS test
https: //android-build.googleplex.com/builds/forrest/run/L93800000881790143
Change-Id: I34b3b795e6ac2ce9b41e915c1adf8fcdc489d94a
8cb1e102db