Source release 17.1.2

core/src/crypto_session.cpp

@@ -176,6 +176,12 @@ size_t GenericEncryptionBlockSize(CdmEncryptionAlgorithm algorithm) {
   }
   return kAes128BlockSize;
 }
+
+uint8_t* MutableStringDataPointer(std::string* s) {
+  if (s == nullptr) return nullptr;
+  if (s->empty()) return nullptr;
+  return reinterpret_cast<uint8_t*>(&s->front());
+}
 }  // namespace
 
 // CryptoSession variables allocation.
@@ -1387,18 +1393,18 @@ CdmResponseType CryptoSession::GetBootCertificateChain(
 
   size_t bcc_length = 0;
   size_t additional_signature_length = 0;
-  OEMCryptoResult sts;
-  WithOecReadLock("GetBootCertificateChain Attempt 1", [&] {
-    sts = OEMCrypto_GetBootCertificateChain(nullptr, &bcc_length, nullptr,
-                                            &additional_signature_length);
-  });
+  OEMCryptoResult sts =
+      WithOecReadLock("GetBootCertificateChain Attempt 1", [&] {
+        return OEMCrypto_GetBootCertificateChain(nullptr, &bcc_length, nullptr,
+                                                 &additional_signature_length);
+      });
   if (sts == OEMCrypto_ERROR_SHORT_BUFFER) {
     bcc->resize(bcc_length);
     additional_signature->resize(additional_signature_length);
-    WithOecReadLock("GetBootCertificateChain Attempt 2", [&] {
-      sts = OEMCrypto_GetBootCertificateChain(
-          reinterpret_cast<uint8_t*>(&bcc->front()), &bcc_length,
-          reinterpret_cast<uint8_t*>(&additional_signature->front()),
+    sts = WithOecReadLock("GetBootCertificateChain Attempt 2", [&] {
+      return OEMCrypto_GetBootCertificateChain(
+          MutableStringDataPointer(bcc), &bcc_length,
+          MutableStringDataPointer(additional_signature),
           &additional_signature_length);
     });
   }
@@ -1446,11 +1452,10 @@ CdmResponseType CryptoSession::GenerateCertificateKeyPair(
   WithOecSessionLock("GenerateCertificateKeyPair Attempt 2", [&] {
     M_TIME(
         status = OEMCrypto_GenerateCertificateKeyPair(
-            oec_session_id_, reinterpret_cast<uint8_t*>(&public_key->front()),
-            &public_key_length,
-            reinterpret_cast<uint8_t*>(&public_key_signature->front()),
+            oec_session_id_, MutableStringDataPointer(public_key),
+            &public_key_length, MutableStringDataPointer(public_key_signature),
             &public_key_signature_length,
-            reinterpret_cast<uint8_t*>(&wrapped_private_key->front()),
+            MutableStringDataPointer(wrapped_private_key),
             &wrapped_private_key_length, &oemcrypto_key_type),
         metrics_, oemcrypto_generate_certificate_key_pair_, status);
   });
@@ -1567,7 +1572,8 @@ CdmResponseType CryptoSession::GenerateDerivedKeys(
 }
 
 CdmResponseType CryptoSession::GenerateRsaSignature(const std::string& message,
-                                                    std::string* signature) {
+                                                    std::string* signature,
+                                                    RSA_Padding_Scheme scheme) {
   LOGV("Generating RSA signature: id = %u", oec_session_id_);
   RETURN_IF_NULL(signature, PARAMETER_NULL);
 
@@ -1584,7 +1590,7 @@ CdmResponseType CryptoSession::GenerateRsaSignature(const std::string& message,
               oec_session_id_, reinterpret_cast<const uint8_t*>(message.data()),
               message.size(),
               reinterpret_cast<uint8_t*>(const_cast<char*>(signature->data())),
-              &length, kSign_RSASSA_PSS),
+              &length, scheme),
           metrics_, oemcrypto_generate_rsa_signature_, sts,
           metrics::Pow2Bucket(length));
     });
@@ -3383,4 +3389,5 @@ CryptoSession* CryptoSessionFactory::MakeCryptoSession(
     metrics::CryptoMetrics* crypto_metrics) {
   return new CryptoSession(crypto_metrics);
 }
+
 }  // namespace wvcdm