Add Provisioning 4 support

Widevine provisioning 4 support is added in this patch.
2025-02-25 13:49:37 -08:00
parent 5f209e6980
commit 41829ca1e5
37 changed files with 2915 additions and 356 deletions
--- a/plugin/include/crypto_session.h
+++ b/plugin/include/crypto_session.h
@@ -13,6 +13,7 @@
 #include "OEMCryptoCENC.h"
 #include "cas_status.h"
 #include "cas_types.h"
+#include "crypto_wrapped_key.h"
 #include "oemcrypto_interface.h"
 #include "rw_lock.h"

@@ -36,7 +37,7 @@ typedef OEMCrypto_HDCP_Capability HdcpCapability;

 class CryptoLock {
 public:
-  CryptoLock(){};
+  CryptoLock() {};
  // These methods should be used to take the various CryptoSession mutexes in
  // preference to taking the mutexes directly.
  //
@@ -175,7 +176,21 @@ class CryptoInterface {
      OEMCrypto_SESSION key_session, uint8_t* key_token,
      size_t* key_token_length);
  virtual OEMCryptoResult OEMCrypto_GetSignatureHashAlgorithm(
-    OEMCrypto_SESSION session, OEMCrypto_SignatureHashAlgorithm* algorithm);
+      OEMCrypto_SESSION session, OEMCrypto_SignatureHashAlgorithm* algorithm);
+  virtual OEMCryptoResult OEMCrypto_GetBootCertificateChain(
+      uint8_t* bcc, size_t* bcc_length, uint8_t* additional_signature,
+      size_t* additional_signature_length);
+  virtual OEMCryptoResult OEMCrypto_GenerateCertificateKeyPair(
+      OEMCrypto_SESSION session, uint8_t* public_key, size_t* public_key_length,
+      uint8_t* public_key_signature, size_t* public_key_signature_length,
+      uint8_t* wrapped_private_key, size_t* wrapped_private_key_length,
+      OEMCrypto_PrivateKeyType* key_type);
+  virtual OEMCryptoResult OEMCrypto_InstallOemPrivateKey(
+      OEMCrypto_SESSION session, OEMCrypto_PrivateKeyType key_type,
+      const uint8_t* wrapped_private_key, size_t wrapped_private_key_length);
+  virtual uint8_t OEMCrypto_Security_Patch_Level();
+  virtual OEMCryptoResult OEMCrypto_BuildInformation(char* buffer,
+                                                     size_t* buffer_length);

  // This is the factory method used to enable the oemcrypto interface.
  static OEMCryptoResult create(std::unique_ptr<CryptoInterface>* init) {
@@ -252,8 +267,6 @@ class CryptoSession {
                                     std::string* wrapped_private_key);
  virtual CasStatus GetOEMPublicCertificate(uint8_t* public_cert,
                                            size_t* public_cert_length);
-  virtual CasStatus LoadDeviceRSAKey(const uint8_t* wrapped_rsa_key,
-                                     size_t wrapped_rsa_key_length);
  virtual CasStatus GenerateRSASignature(const uint8_t* message,
                                         size_t message_length,
                                         uint8_t* signature,
@@ -291,6 +304,17 @@ class CryptoSession {
  virtual CasStatus APIVersion(uint32_t* api_version);
  virtual CasStatus GetOEMKeyToken(OEMCrypto_SESSION entitled_key_session_id,
                                   std::vector<uint8_t>& token);
+  virtual CasStatus GetBootCertificateChain(std::string* bcc,
+                                            std::string* additional_signature);
+  virtual CasStatus GenerateCertificateKeyPair(
+      std::string* public_key, std::string* public_key_signature,
+      std::string* wrapped_private_key, CryptoWrappedKey::Type* key_type);
+  virtual CasStatus LoadOemCertificatePrivateKey(
+      const CryptoWrappedKey& private_key);
+  virtual CasStatus LoadCertificatePrivateKey(
+      const CryptoWrappedKey& private_key);
+  virtual uint8_t GetSecurityPatchLevel();
+  virtual bool GetBuildInformation(std::string* info);

  CryptoSession(const CryptoSession&) = delete;
  CryptoSession& operator=(const CryptoSession&) = delete;