widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
865a1ddc3cf8141e20495b7c87890205fb53ea2b
android/libwvdrmengine/factory_upload_tool/src/WidevineRemotelyProvisionedComponent.cpp
Cong Lin 2caa832158 Fix a few Vts failures in factory_upload_tool 
1. Fix getHardwareInfo
2. Allow unused param to be empty
3. Deprecate generateCertificateRequestV1
4. Update Wv IRPC Hal version to 3

Test: run VtsHalRemotelyProvisionedComponentTargetTest
Test: vts_treble_vintf_vendor_test.DeviceManifest SingleAidlTest
Bug: 285527325
Bug: 285289790
Change-Id: Id4080e8630d01ad5540f49ae0d13b707e541b36a
2023-06-23 13:52:45 -07:00

124 lines
4.0 KiB
C++
Raw Blame History

/*
* Copyright (C) 2021 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "WidevineRemotelyProvisionedComponent.h"
#include <assert.h>
#include <cppbor.h>
#include <cppbor_parse.h>
#include <keymaster/cppcose/cppcose.h>
#include <keymaster/keymaster_configuration.h>
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/rand.h>
#include <openssl/x509.h>
#include <variant>
#include "log.h"
namespace aidl::android::hardware::security::keymint {
using ::std::string;
using ::std::unique_ptr;
using ::std::vector;
using bytevec = ::std::vector<uint8_t>;
using ScopedAStatus = ::ndk::ScopedAStatus;
namespace {
constexpr auto STATUS_FAILED = IRemotelyProvisionedComponent::STATUS_FAILED;
struct AStatusDeleter {
void operator()(AStatus* p) { AStatus_delete(p); }
};
class Status {
public:
Status() : status_(AStatus_newOk()) {}
Status(int32_t errCode, const std::string& errMsg)
: status_(AStatus_fromServiceSpecificErrorWithMessage(errCode,
errMsg.c_str())) {}
explicit Status(const std::string& errMsg)
: status_(AStatus_fromServiceSpecificErrorWithMessage(STATUS_FAILED,
errMsg.c_str())) {}
explicit Status(AStatus* status)
: status_(status ? status : AStatus_newOk()) {}
Status(Status&&) = default;
Status(const Status&) = delete;
operator ::ndk::ScopedAStatus() && { // NOLINT(google-explicit-constructor)
return ndk::ScopedAStatus(status_.release());
}
bool isOk() const { return AStatus_isOk(status_.get()); }
const char* getMessage() const { return AStatus_getMessage(status_.get()); }
private:
std::unique_ptr<AStatus, AStatusDeleter> status_;
};
} // namespace
ScopedAStatus WidevineRemotelyProvisionedComponent::getHardwareInfo(
RpcHardwareInfo* info) {
info->versionNumber = 3;
info->rpcAuthorName = "Google";
info->supportedEekCurve = RpcHardwareInfo::CURVE_NONE;
info->supportedNumKeysInCsr = RpcHardwareInfo::MIN_SUPPORTED_NUM_KEYS_IN_CSR;
info->uniqueId = "Widevine Implementation";
return ScopedAStatus::ok();
}
ScopedAStatus WidevineRemotelyProvisionedComponent::generateEcdsaP256KeyPair(
bool /* testMode */, MacedPublicKey* /* macedPublicKey */,
bytevec* /* privateKeyHandle */) {
return Status(
"Invalid operation: generateEcdsaP256KeyPair() is not supported.");
}
ScopedAStatus WidevineRemotelyProvisionedComponent::generateCertificateRequest(
bool /* testMode */, const vector<MacedPublicKey>& /* keysToSign */,
const bytevec& /* endpointEncCertChain */, const bytevec& /* challenge */,
DeviceInfo* /* deviceInfo */, ProtectedData* /* protectedData */,
bytevec* /* keysToSignMac */) {
return Status(IRemotelyProvisionedComponent::STATUS_REMOVED,
"generateCertificateRequestV1 not supported.");
}
ScopedAStatus
WidevineRemotelyProvisionedComponent::generateCertificateRequestV2(
const std::vector<MacedPublicKey>& keysToSign,
const std::vector<uint8_t>& challenge, std::vector<uint8_t>* csr) {
if (!keysToSign.empty()) {
LOGW("Keys to sign should be empty.");
}
if (csr == nullptr) {
return Status("Parameter csr must not be null.");
}
if (provisioner_ == nullptr) {
provisioner_ = std::make_unique<widevine::WidevineProvisioner>();
}
if (!provisioner_->GenerateCertificateRequestV2(challenge, csr)) {
return Status("Failed to generate certificate request V2.");
}
return ScopedAStatus::ok();
}
} // namespace aidl::android::hardware::security::keymint
Reference in New Issue View Git Blame Copy Permalink