widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Separate OEMCrypto DASH from Legacy OEMCrypto"

Browse Source
This commit is contained in:
Fred Gylys-Colwell
2012-12-04 14:32:34 -08:00
committed by Android (Google) Code Review
parent eebba73ce1 4529037bd8
commit 03d43a5d2d
3 changed files with 127 additions and 406 deletions
Download Patch File Download Diff File Expand all files Collapse all files

401
libwvdrmengine/oemcrypto/include/OEMCrypto.h → libwvdrmengine/oemcrypto/include/OEMCryptoDASH.h
View File

@@ -1,13 +1,13 @@
/********************************************************************* /*********************************************************************
* OEMCrypto.h * OEMCryptoDASH.h
* *
* (c) Copyright 2011-2012 Google, Inc. * (c) Copyright 2011-2012 Google, Inc.
* *
* Reference APIs needed to support Widevine's crypto algorithms. * Reference APIs needed to support Widevine's crypto algorithms.
*********************************************************************/ *********************************************************************/
#ifndef WV_OEMCRYPTO_H_ #ifndef OEMCRYPTO_DASH_H_
#define WV_OEMCRYPTO_H_ #define OEMCRYPTO_DASH_H_
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@@ -16,10 +16,9 @@ extern "C" {
#define OEMCRYPTO_VERSION "4.0" #define OEMCRYPTO_VERSION "4.0"
static const char oec_version[] = OEMCRYPTO_VERSION; static const char oec_version[] = OEMCRYPTO_VERSION;
typedef unsigned char OEMCrypto_UINT8; #include<stdint.h>
typedef char OEMCrypto_INT8;
typedef unsigned long OEMCrypto_UINT32; typedef uint32_t OEMCrypto_SESSION;
typedef unsigned long OEMCrypto_SESSION;
typedef enum OEMCryptoResult { typedef enum OEMCryptoResult {
OEMCrypto_SUCCESS = 0, OEMCrypto_SUCCESS = 0,
@@ -101,13 +100,12 @@ typedef struct {
OEMCryptoBufferType type; OEMCryptoBufferType type;
union { union {
struct { // type == OEMCrypto_BufferType_Clear struct { // type == OEMCrypto_BufferType_Clear
bool is_protected; uint8_t* address;
OEMCrypto_UINT8* address; size_t max_length;
OEMCrypto_UINT32 max_length; } clear;
} memory;
struct { // type == OEMCrypto_BufferType_Secure struct { // type == OEMCrypto_BufferType_Secure
void* handle; void* handle;
OEMCrypto_UINT32 max_length; size_t max_length;
} secure; } secure;
struct { // type == OEMCrypto_BufferType_Direct struct { // type == OEMCrypto_BufferType_Direct
bool is_video; bool is_video;
@@ -135,11 +133,11 @@ typedef struct {
* by the caller of OEMCrypto_LoadKeys(). * by the caller of OEMCrypto_LoadKeys().
*/ */
typedef struct { typedef struct {
const OEMCrypto_UINT8* key_id; const uint8_t* key_id;
const OEMCrypto_UINT8* key_data_iv; const uint8_t* key_data_iv;
const OEMCrypto_UINT8* key_data; const uint8_t* key_data;
const OEMCrypto_UINT8* key_control_iv; const uint8_t* key_control_iv;
const OEMCrypto_UINT8* key_control; const uint8_t* key_control;
} OEMCrypto_KeyObject; } OEMCrypto_KeyObject;
/* /*
@@ -162,9 +160,9 @@ typedef struct {
* by the caller of OEMCrypto_RefreshKeys(). * by the caller of OEMCrypto_RefreshKeys().
*/ */
typedef struct { typedef struct {
const OEMCrypto_UINT8* key_id; const uint8_t* key_id;
const OEMCrypto_UINT8* key_control_iv; const uint8_t* key_control_iv;
const OEMCrypto_UINT8* key_control; const uint8_t* key_control;
} OEMCrypto_KeyRefreshObject; } OEMCrypto_KeyRefreshObject;
#define OEMCrypto_Initialize _oec01 #define OEMCrypto_Initialize _oec01
@@ -226,8 +224,6 @@ OEMCryptoResult OEMCrypto_Terminate(void);
/* /*
* OEMCrypto_OpenSession * OEMCrypto_OpenSession
* *
* AES CTR Mode only, Levels 1 and 2 only
*
* Description: * Description:
* The API provides for session based crypto initialization for AES CTR mode. * The API provides for session based crypto initialization for AES CTR mode.
* *
@@ -243,8 +239,6 @@ OEMCryptoResult OEMCrypto_OpenSession(OEMCrypto_SESSION *session);
/* /*
* OEMCrypto_CloseSession * OEMCrypto_CloseSession
* *
* AES CTR Mode only, Levels 1 and 2 only
*
* Description: * Description:
* The API provides for session based crypto termination for AES CTR mode. * The API provides for session based crypto termination for AES CTR mode.
* *
@@ -260,8 +254,6 @@ OEMCryptoResult OEMCrypto_CloseSession(OEMCrypto_SESSION session);
/* /*
* OEMCrypto_GenerateDerivedKeys * OEMCrypto_GenerateDerivedKeys
* *
* AES CTR Mode only, Levels 1 and 2 only
*
* Description: * Description:
* Generates a pair of secondary keys, mac_key and encrypt_key, for handling * Generates a pair of secondary keys, mac_key and encrypt_key, for handling
* signing and content key decryption under the license server protocol * signing and content key decryption under the license server protocol
@@ -284,14 +276,12 @@ OEMCryptoResult OEMCrypto_CloseSession(OEMCrypto_SESSION session);
*/ */
OEMCryptoResult OEMCrypto_GenerateDerivedKeys( OEMCryptoResult OEMCrypto_GenerateDerivedKeys(
OEMCrypto_SESSION session, OEMCrypto_SESSION session,
const OEMCrypto_UINT8 *context, const uint8_t *context,
OEMCrypto_UINT32 context_length); size_t context_length);
/* /*
* OEMCrypto_GenerateNonce * OEMCrypto_GenerateNonce
* *
* AES CTR Mode only, Levels 1 and 2 only
*
* Description: * Description:
* Generates a 32-bit nonce to detect possible replay attack on the key * Generates a 32-bit nonce to detect possible replay attack on the key
* control block. * control block.
@@ -316,13 +306,11 @@ OEMCryptoResult OEMCrypto_GenerateDerivedKeys(
*/ */
OEMCryptoResult OEMCrypto_GenerateNonce( OEMCryptoResult OEMCrypto_GenerateNonce(
OEMCrypto_SESSION session, OEMCrypto_SESSION session,
OEMCrypto_UINT32* nonce); uint32_t* nonce);
/* /*
* OEMCrypto_GenerateSignature * OEMCrypto_GenerateSignature
* *
* AES CTR Mode only, Levels 1 and 2 only
*
* Description: * Description:
* Generates a HMAC-SHA256 signature for license request signing under the * Generates a HMAC-SHA256 signature for license request signing under the
* license server protocol for AES CTR mode. * license server protocol for AES CTR mode.
@@ -349,16 +337,14 @@ OEMCryptoResult OEMCrypto_GenerateNonce(
*/ */
OEMCryptoResult OEMCrypto_GenerateSignature( OEMCryptoResult OEMCrypto_GenerateSignature(
OEMCrypto_SESSION session, OEMCrypto_SESSION session,
const OEMCrypto_UINT8* message, const uint8_t* message,
OEMCrypto_UINT32 message_length, size_t message_length,
OEMCrypto_UINT8* signature, uint8_t* signature,
OEMCrypto_UINT32* signature_length); size_t* signature_length);
/* /*
* OEMCrypto_LoadKeys * OEMCrypto_LoadKeys
* *
* AES CTR Mode only, Levels 1 and 2 only
*
* Description: * Description:
* Installs a set of keys for performing decryption in the current session. * Installs a set of keys for performing decryption in the current session.
* *
@@ -398,20 +384,18 @@ OEMCryptoResult OEMCrypto_GenerateSignature(
* OEMCrypto_ERROR_SIGNATURE_FAILURE * OEMCrypto_ERROR_SIGNATURE_FAILURE
*/ */
OEMCryptoResult OEMCrypto_LoadKeys(OEMCrypto_SESSION session, OEMCryptoResult OEMCrypto_LoadKeys(OEMCrypto_SESSION session,
const OEMCrypto_UINT8* message, const uint8_t* message,
OEMCrypto_UINT32 message_length, size_t message_length,
const OEMCrypto_UINT8* signature, const uint8_t* signature,
OEMCrypto_UINT32 signature_length, size_t signature_length,
const OEMCrypto_UINT8* enc_mac_key_iv, const uint8_t* enc_mac_key_iv,
const OEMCrypto_UINT8* enc_mac_key, const uint8_t* enc_mac_key,
OEMCrypto_UINT32 num_keys, size_t num_keys,
const OEMCrypto_KeyObject* key_array); const OEMCrypto_KeyObject* key_array);
/* /*
* OEMCrypto_RefreshKeys * OEMCrypto_RefreshKeys
* *
* AES CTR Mode only, Levels 1 and 2 only
*
* Description: * Description:
* Updates an existing set of keys for continuing decryption in the * Updates an existing set of keys for continuing decryption in the
* current session. * current session.
@@ -447,171 +431,16 @@ OEMCryptoResult OEMCrypto_LoadKeys(OEMCrypto_SESSION session,
*/ */
OEMCryptoResult OEMCryptoResult
OEMCrypto_RefreshKeys(OEMCrypto_SESSION session, OEMCrypto_RefreshKeys(OEMCrypto_SESSION session,
const OEMCrypto_UINT8* message, const uint8_t* message,
OEMCrypto_UINT32 message_length, size_t message_length,
const OEMCrypto_UINT8* signature, const uint8_t* signature,
OEMCrypto_UINT32 signature_length, size_t signature_length,
OEMCrypto_UINT32 num_keys, size_t num_keys,
const OEMCrypto_KeyRefreshObject* key_array); const OEMCrypto_KeyRefreshObject* key_array);
/*
* OEMCrypto_EnterSecurePlayback
*
* Level 1 only
*
* Description:
* Configures the security processor for secure decryption. This may involve
* setting up firewall regions. It is called when the decrypt session for an
* asset is established.
*
* For Non-Level1 API, return OEMCrypto_ERROR_NOT_IMPLEMENTED
*
* Parameters:
* N/A
*
* Returns:
* OEMCrypto_SUCCESS success
* OEMCrypto_ERROR_ENTER_SECURE_PLAYBACK_FAILED
*/
OEMCryptoResult OEMCrypto_EnterSecurePlayback(void);
/*
* OEMCrypto_ExitSecurePlayback
*
* Level 1 only
*
* Description:
* Exit the secure playback mode. This may involve releasing the firewall
* regions. It is called when the decrypt session for an asset is closed.
*
* For Non-Level1 API, return OEMCrypto_ERROR_NOT_IMPLEMENTED
*
* Parameters:
* N/A
*
* Returns:
* OEMCrypto_SUCCESS success
* OEMCrypto_ERROR_EXIT_SECURE_PLAYBACK_FAILED
*/
OEMCryptoResult OEMCrypto_ExitSecurePlayback(void);
/*
* OEMCrypto_SetEntitlementKey
*
* AES CTS Mode only, Levels 1 and 2 only
*
* Description:
* Decrypt the entitlement (EMM) key, also known as the asset key,
* using the encrypted device key (Device Key field) in the Widevine Keybox.
*
* Step 1: use the OEM root key to decrypt (AES-128-ECB) the Device Key
* in the Keybox; latch the result in the hardware key ladder.
*
* Step 2: use the latched clear device key to decrypt (AES-128-ECB)
* the entitlement key passed in as the *emmKey parameter. Latch
* the resulting clear entitlement key in the key ladder for the
* next operation.
*
* Parameters:
* emmKey (in) - pointer to the encrypted entitlement key
* emmKeyLength (in) - length of entitlement key in bytes
*
* Returns:
* OEMCrypto_SUCCESS success
* OEMCrypto_ERROR_NO_DEVICE_KEY failed to decrypt device key
* OEMCrypto_ERROR_NO_ASSET_KEY failed to decrypt asset key
* OEMCrypto_ERROR_KEYBOX_INVALID cannot decrypt and read from Keybox
*/
OEMCryptoResult OEMCrypto_SetEntitlementKey(const OEMCrypto_UINT8* emmKey,
const OEMCrypto_UINT32 emmKeyLength);
/*
* OEMCrypto_DeriveControlWord
*
* AES CTS Mode only, Levels 1 and 2 only
*
* Description:
* Using the active key ladder key from OEMCrypto_SetEntitlementKey(),
* decrypt (AES-128-CBC, iv=0) the 32-byte ECM referenced by the *ecm
* parameter; returns in *flags the first clear 4 bytes data. Latch the
* clear bytes [4..20] as the clear control word for subsequent payload
* decryption operation.
*
* Parameters:
* ecm (in) - points to encrypted ECM data
* length (in) - length of encrypted ECM data in bytes
* flags (out) - points to buffer to receive 4 byte clear flag value
*
* Returns:
* OEMCrypto_SUCCESS success
* OEMCrypto_ERROR_NO_CW cannot decrypt control word
*/
OEMCryptoResult OEMCrypto_DeriveControlWord(const OEMCrypto_UINT8* ecm,
const OEMCrypto_UINT32 length,
OEMCrypto_UINT32* flags);
/*
* OEMCrypto_SetContentKey
*
* AES CTR Mode only, Levels 1 and 2 only
*
* For CDM implementations, this call is replaced by OEMCrypto_Loadkeys(),
* and OEMCrypto_RefreshKeys(), and OEMCrypto_SelectKey()
*
* Description:
* Place a new content key in the hardware key ladder for subsequent
* decryption operations. Also accept control data and apply it to
* configure the session.
*
* This operation is supported only while performing CTR mode decryption
* (see OEMCrypto_DecryptCTR).
*
* Control data is associated with the session and the key, and is used
* to configure the session context. If no control data is required,
* controlLength will be zero, and control should be ignored.
*
* Currently, no control data is defined. ControlLength will be zero.
* If controlLength is not zero, return OEMCrypto_ERROR_CONTROL_INVALID.
*
* Step 1: use the OEM root key to decrypt (AES-128-ECB) the Device Key
* in the Widevine Keybox; latch the result in the hardware key
* ladder.
*
* Step 2: use the latched clear device key to decrypt (AES-128-ECB)
* the control parameter data. Verify the control data and apply
* it to the current session.
*
* Step 2: use the latched clear device key to decrypt (AES-128-ECB)
* the content key passed in as the *contentKey parameter.
* Latch the resulting clear content key in the key ladder for
* the next operation.
*
* Parameters:
* session (in) - crypto session identifier
* contentKey (in) - pointer to the encrypted content key
* contentKeyLength (in) - length of content key in bytes
* control (in) - pointer to server-supplied control information
* controlLength (in) - length of control memory (bytes)
*
* Returns:
* OEMCrypto_SUCCESS success
* OEMCrypto_ERROR_INVALID_SESSION crypto session ID invalid or not open
* OEMCrypto_ERROR_NO_DEVICE_KEY failed to decrypt device key
* OEMCrypto_ERROR_NO_CONTENT_KEY failed to decrypt content key
* OEMCrypto_ERROR_CONTROL_INVALID invalid or unsupported control input
* OEMCrypto_ERROR_KEYBOX_INVALID cannot decrypt and read from Keybox
*/
OEMCryptoResult OEMCrypto_SetContentKey(const OEMCrypto_SESSION session,
const OEMCrypto_UINT8* contentKey,
const OEMCrypto_UINT32 contentKeyLength,
const OEMCrypto_UINT8* control,
const OEMCrypto_UINT32 controlLength);
/* /*
* OEMCrypto_SelectKey * OEMCrypto_SelectKey
* *
* AES CTR Mode only, Levels 1 and 2 only (for CDM implementations)
*
* Description: * Description:
* Select a content key and install it in the hardware key ladder for * Select a content key and install it in the hardware key ladder for
* subsequent decryption operations (OEMCrypto_DecryptCTR()). * subsequent decryption operations (OEMCrypto_DecryptCTR()).
@@ -657,93 +486,12 @@ OEMCryptoResult OEMCrypto_SetContentKey(const OEMCrypto_SESSION session,
* OEMCrypto_ERROR_KEYBOX_INVALID cannot decrypt and read from Keybox * OEMCrypto_ERROR_KEYBOX_INVALID cannot decrypt and read from Keybox
*/ */
OEMCryptoResult OEMCrypto_SelectKey(const OEMCrypto_SESSION session, OEMCryptoResult OEMCrypto_SelectKey(const OEMCrypto_SESSION session,
const OEMCrypto_UINT8* key_id, const uint8_t* key_id,
const OEMCrypto_UINT32 key_id_length); const size_t key_id_length);
/*
* OEMCrypto_DecryptVideo
*
* AES CTS Mode only, Levels 1 and 2 only
*
* Description:
*
* The API decrypts (AES-128-CBC) the video payload in the buffer referenced by
* the *input parameter into the secure buffer referenced by the output
* parameter, using the control word latched in the active hardware key
* ladder. If inputLength is not a multiple of the crypto block size (16 bytes),
* the API handles the residual bytes using CipherText Stealing (CTS).
*
* For Non-Level1 API, return OEMCrypto_ERROR_NOT_IMPLEMENTED
*
* Parameters:
* iv (in/out) - If iv is NULL, then no decryption is required, i.e. the
* packets are already clear. Otherwise, iv references the
* AES initialization vector. Note that the updated IV after
* processing the final crypto block must be passed back out in
* *iv.
* input (in) - buffer containing the encrypted data
* inputLength (in) - number of bytes in the input payload.
* output (in) - reference to the secure buffer which will receive the
* decrypted data
* outputLength (out) - number of bytes written into the secure buffer
*
*
* Returns:
* OEMCrypto_SUCCESS success
* OEMCrypto_ERROR_DECRYPT_FAILED failed decryption
*/
OEMCryptoResult OEMCrypto_DecryptVideo(const OEMCrypto_UINT8* iv,
const OEMCrypto_UINT8* input,
const OEMCrypto_UINT32 inputLength,
OEMCrypto_UINT32 output_handle,
OEMCrypto_UINT32 output_offset,
OEMCrypto_UINT32 *outputLength);
/*
* OEMCrypto_DecryptAudio
*
* AES CTS Mode only, Levels 1 and 2 only
*
* Description:
* The API decrypts (AES-128-CBC) the audio payload in the buffer referenced
* by the *input parameter into the non-secure buffer referenced by the output
* parameter, using the control word latched in the active hardware key
* ladder. If inputLength is not a multiple of the crypto block size (16 bytes),
* the API handles the residual bytes using CipherText Stealing (CTS).
*
* OEMCrypto_DecryptAudio must make sure that it cannot be used to decrypt a
* video stream into non-firewalled buffers, by verifying that no video
* packets are processed.
*
* For Non-Level1 API, return OEMCrypto_ERROR_NOT_IMPLEMENTED
*
* Parameters:
* iv (in/out) - If iv is NULL, then no decryption is required, i.e. the
* packets are already clear. Otherwise, iv references the
* AES initialization vector. Note that the updated IV after
* processing the final crypto block must be passed back out
* in *iv.
* input (in) - buffer containing the encrypted data
* inputLength (in) - number of bytes in the input payload.
* output (in) - reference to the non-secure buffer which will receive the
* decrypted data
* outputLength (out) - number of bytes written into the non-secure buffer
*
* Returns:
* OEMCrypto_SUCCESS success
* OEMCrypto_ERROR_DECRYPT_FAILED failed decryption
*/
OEMCryptoResult OEMCrypto_DecryptAudio(const OEMCrypto_UINT8* iv,
const OEMCrypto_UINT8* input,
const OEMCrypto_UINT32 inputLength,
OEMCrypto_UINT8 *output,
OEMCrypto_UINT32 *outputLength);
/* /*
* OEMCrypto_DecryptCTR * OEMCrypto_DecryptCTR
* *
* AES CTR Mode only, Levels 1 and 2 only
*
* Description: * Description:
* *
* The API decrypts (AES-CTR) the payload in the buffer referenced by * The API decrypts (AES-CTR) the payload in the buffer referenced by
@@ -806,12 +554,12 @@ OEMCryptoResult OEMCrypto_DecryptAudio(const OEMCrypto_UINT8* iv,
* OEMCrypto_ERROR_DECRYPT_FAILED * OEMCrypto_ERROR_DECRYPT_FAILED
*/ */
OEMCryptoResult OEMCryptoResult
OEMCrypto_DecryptCTR(OEMCrypto_SESSION session_id, OEMCrypto_DecryptCTR(OEMCrypto_SESSION session,
const OEMCrypto_UINT8 *data_addr, const uint8_t *data_addr,
OEMCrypto_UINT32 data_length, size_t data_length,
bool is_encrypted, bool is_encrypted,
const OEMCrypto_UINT8 *iv, const uint8_t *iv,
OEMCrypto_UINT32 offset, size_t offset,
const OEMCrypto_DestBufferDesc* out_buffer); const OEMCrypto_DestBufferDesc* out_buffer);
/* /*
@@ -834,8 +582,8 @@ OEMCrypto_DecryptCTR(OEMCrypto_SESSION session_id,
* OEMCrypto_SUCCESS success * OEMCrypto_SUCCESS success
* OEMCrypto_ERROR_WRITE_KEYBOX failed to handle and store Keybox * OEMCrypto_ERROR_WRITE_KEYBOX failed to handle and store Keybox
*/ */
OEMCryptoResult OEMCrypto_InstallKeybox(OEMCrypto_UINT8 *keybox, OEMCryptoResult OEMCrypto_InstallKeybox(uint8_t *keybox,
OEMCrypto_UINT32 keyBoxLength); size_t keyBoxLength);
/* /*
* OEMCrypto_IsKeyboxValid * OEMCrypto_IsKeyboxValid
@@ -875,8 +623,8 @@ OEMCryptoResult OEMCrypto_IsKeyboxValid(void);
* OEMCrypto_ERROR_SHORT_BUFFER buffer is too small to return the device ID * OEMCrypto_ERROR_SHORT_BUFFER buffer is too small to return the device ID
* OEMCrypto_ERROR_NO_DEVICEID failed to return Device Id * OEMCrypto_ERROR_NO_DEVICEID failed to return Device Id
*/ */
OEMCryptoResult OEMCrypto_GetDeviceID(OEMCrypto_UINT8* deviceID, OEMCryptoResult OEMCrypto_GetDeviceID(uint8_t* deviceID,
OEMCrypto_UINT32 *idLength); size_t *idLength);
/* /*
* OEMCrypto_GetKeyData * OEMCrypto_GetKeyData
@@ -901,8 +649,8 @@ OEMCryptoResult OEMCrypto_GetDeviceID(OEMCrypto_UINT8* deviceID,
* OEMCrypto_ERROR_SHORT_BUFFER the buffer is too small to return the KeyData * OEMCrypto_ERROR_SHORT_BUFFER the buffer is too small to return the KeyData
* OEMCrypto_ERROR_NO_KEYDATA failed to return KeyData * OEMCrypto_ERROR_NO_KEYDATA failed to return KeyData
*/ */
OEMCryptoResult OEMCrypto_GetKeyData(OEMCrypto_UINT8* keyData, OEMCryptoResult OEMCrypto_GetKeyData(uint8_t* keyData,
OEMCrypto_UINT32 *keyDataLength); size_t *keyDataLength);
/* /*
* OEMCrypto_GetRandom * OEMCrypto_GetRandom
@@ -921,8 +669,8 @@ OEMCryptoResult OEMCrypto_GetKeyData(OEMCrypto_UINT8* keyData,
* OEMCrypto_ERROR_RNG_FAILED failed to generate random number * OEMCrypto_ERROR_RNG_FAILED failed to generate random number
* OEMCrypto_ERROR_RNG_NOT_SUPPORTED function not supported * OEMCrypto_ERROR_RNG_NOT_SUPPORTED function not supported
*/ */
OEMCryptoResult OEMCrypto_GetRandom(OEMCrypto_UINT8* randomData, OEMCryptoResult OEMCrypto_GetRandom(uint8_t* randomData,
OEMCrypto_UINT32 dataLength); size_t dataLength);
/* /*
* OEMCrypto_WrapKeybox * OEMCrypto_WrapKeybox
@@ -931,7 +679,8 @@ OEMCryptoResult OEMCrypto_GetRandom(OEMCrypto_UINT8* randomData,
* Wrap the Keybox with a key derived for the device key. If transportKey * Wrap the Keybox with a key derived for the device key. If transportKey
* is not NULL, the input keybox is encrypted with transportKey. If so, * is not NULL, the input keybox is encrypted with transportKey. If so,
* decrypt the input keybox before wrapping it, using transportKey in AES-CBC * decrypt the input keybox before wrapping it, using transportKey in AES-CBC
* mode with an IV of all zeroes. * mode with an IV of all zeroes. This function is only needed if the
* if the provisioning method involves saving the keybox to the file system.
* *
* Parameters: * Parameters:
* keybox (in) - Pointer to keybox data. * keybox (in) - Pointer to keybox data.
@@ -948,43 +697,15 @@ OEMCryptoResult OEMCrypto_GetRandom(OEMCrypto_UINT8* randomData,
* OEMCrypto_SUCCESS success * OEMCrypto_SUCCESS success
* OEMCrypto_ERROR_WRAP_KEYBOX failed to wrap Keybox * OEMCrypto_ERROR_WRAP_KEYBOX failed to wrap Keybox
*/ */
OEMCryptoResult OEMCrypto_WrapKeybox(OEMCrypto_UINT8 *keybox, OEMCryptoResult OEMCrypto_WrapKeybox(uint8_t *keybox,
OEMCrypto_UINT32 keyBoxLength, size_t keyBoxLength,
OEMCrypto_UINT8 *wrappedKeybox, uint8_t *wrappedKeybox,
OEMCrypto_UINT32 *wrappedKeyBoxLength, size_t *wrappedKeyBoxLength,
OEMCrypto_UINT8 *transportKey, uint8_t *transportKey,
OEMCrypto_UINT32 transportKeyLength); size_t transportKeyLength);
/*
* OEMCrypto_DecryptCTS
*
* AES CTS Mode only, Level 2 only
*
* Description:
* Decrypt the contents of the supplied buffer.
*
* This entry point is provided for compatibility with existing Level 2
* implementations.
*
* Parameters:
* pSrcBuf (in) - Pointer to buffer of encrypted data
* pDestBuf (in) - Pointer to buffer to receive decrypted data
* length (in) - Length of the input/output buffers
* bInitIvFlg (in) - Set to true to indicate that a new IV (all zeroes)
* should be used. If false, the IV result from the
* previous decryption should be use.
*
* Returns:
* OEMCrypto_SUCCESS success
* OEMCrypto_ERROR_DECRYPT_FAILED,
*/
OEMCryptoResult OEMCrypto_DecryptCTS(OEMCrypto_UINT8 *pSrcBuf,
OEMCrypto_UINT8 *pDestBuf,
const OEMCrypto_UINT32 length,
const OEMCrypto_UINT8 bInitIvFlg);
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif // WV_OEMCRYPTO_H_ #endif // OEMCRYPTO_DASH_H_

130
libwvdrmengine/oemcrypto/mock/MockOEMCrypto.cpp
View File

@@ -3,7 +3,7 @@
* *
* (c) Copyright 2011-2012 Google, Inc. * (c) Copyright 2011-2012 Google, Inc.
* *
* Mock implementation of OEMCrypto.h used for testing. * Mock implementation of OEMCryptoDASH.h used for testing.
*********************************************************************/ *********************************************************************/
#include <stdlib.h> #include <stdlib.h>
@@ -11,7 +11,7 @@
#define LOG_TAG "WV.MockOEMCrypto" #define LOG_TAG "WV.MockOEMCrypto"
#include <utils/Log.h> #include <utils/Log.h>
#include "OEMCrypto.h" #include "OEMCryptoDASH.h"
#include "MockOEMCrypto.h" #include "MockOEMCrypto.h"
void initializeMockOEMCrypto() { void initializeMockOEMCrypto() {
@@ -118,8 +118,8 @@ OEMCryptoResult OEMCrypto_CloseSession(OEMCrypto_SESSION session) {
*/ */
OEMCryptoResult OEMCrypto_GenerateDerivedKeys( OEMCryptoResult OEMCrypto_GenerateDerivedKeys(
OEMCrypto_SESSION session, OEMCrypto_SESSION session,
const OEMCrypto_UINT8 *context, const uint8_t *context,
OEMCrypto_UINT32 context_length) { size_t context_length) {
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }
/* /*
@@ -153,10 +153,10 @@ OEMCryptoResult OEMCrypto_GenerateDerivedKeys(
*/ */
OEMCryptoResult OEMCrypto_GenerateSignature( OEMCryptoResult OEMCrypto_GenerateSignature(
OEMCrypto_SESSION session, OEMCrypto_SESSION session,
const OEMCrypto_UINT8* message, const uint8_t* message,
OEMCrypto_UINT32 message_length, size_t message_length,
OEMCrypto_UINT8* signature, uint8_t* signature,
OEMCrypto_UINT32* signature_length) { size_t* signature_length) {
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }
@@ -194,13 +194,13 @@ OEMCryptoResult OEMCrypto_GenerateSignature(
*/ */
OEMCryptoResult OEMCrypto_LoadKeys( OEMCryptoResult OEMCrypto_LoadKeys(
OEMCrypto_SESSION session, OEMCrypto_SESSION session,
const OEMCrypto_UINT8* message, const uint8_t* message,
OEMCrypto_UINT32 message_length, size_t message_length,
const OEMCrypto_UINT8* signature, const uint8_t* signature,
OEMCrypto_UINT32 signature_length, size_t signature_length,
OEMCrypto_UINT32 enc_mac_key_iv_offset, size_t enc_mac_key_iv_offset,
OEMCrypto_UINT32 enc_mac_key_offset, size_t enc_mac_key_offset,
OEMCrypto_UINT32 num_keys, size_t num_keys,
const OEMCrypto_KeyObject* key_array) { const OEMCrypto_KeyObject* key_array) {
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }
@@ -238,11 +238,11 @@ OEMCryptoResult OEMCrypto_LoadKeys(
*/ */
OEMCryptoResult OEMCrypto_RefreshKeys( OEMCryptoResult OEMCrypto_RefreshKeys(
OEMCrypto_SESSION session, OEMCrypto_SESSION session,
const OEMCrypto_UINT8* message, const uint8_t* message,
OEMCrypto_UINT32 message_length, size_t message_length,
const OEMCrypto_UINT8* signature, const uint8_t* signature,
OEMCrypto_UINT32 signature_length, size_t signature_length,
OEMCrypto_UINT32 num_keys, size_t num_keys,
const OEMCrypto_KeyRefreshObject* key_array) { const OEMCrypto_KeyRefreshObject* key_array) {
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }
@@ -319,8 +319,8 @@ OEMCryptoResult OEMCrypto_ExitSecurePlayback(void) {
* OEMCrypto_ERROR_NO_ASSET_KEY failed to decrypt asset key * OEMCrypto_ERROR_NO_ASSET_KEY failed to decrypt asset key
* OEMCrypto_ERROR_KEYBOX_INVALID cannot decrypt and read from Keybox * OEMCrypto_ERROR_KEYBOX_INVALID cannot decrypt and read from Keybox
*/ */
OEMCryptoResult OEMCrypto_SetEntitlementKey(const OEMCrypto_UINT8* emmKey, OEMCryptoResult OEMCrypto_SetEntitlementKey(const uint8_t* emmKey,
const OEMCrypto_UINT32 emmKeyLength) { const size_t emmKeyLength) {
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }
@@ -344,9 +344,9 @@ OEMCryptoResult OEMCrypto_SetEntitlementKey(const OEMCrypto_UINT8* emmKey,
* OEMCrypto_SUCCESS success * OEMCrypto_SUCCESS success
* OEMCrypto_ERROR_NO_CW cannot decrypt control word * OEMCrypto_ERROR_NO_CW cannot decrypt control word
*/ */
OEMCryptoResult OEMCrypto_DeriveControlWord(const OEMCrypto_UINT8* ecm, OEMCryptoResult OEMCrypto_DeriveControlWord(const uint8_t* ecm,
const OEMCrypto_UINT32 length, const size_t length,
OEMCrypto_UINT32* flags) { uint32_t* flags) {
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }
@@ -402,10 +402,10 @@ OEMCryptoResult OEMCrypto_DeriveControlWord(const OEMCrypto_UINT8* ecm,
* OEMCrypto_ERROR_KEYBOX_INVALID cannot decrypt and read from Keybox * OEMCrypto_ERROR_KEYBOX_INVALID cannot decrypt and read from Keybox
*/ */
OEMCryptoResult OEMCrypto_SetContentKey(const OEMCrypto_SESSION session, OEMCryptoResult OEMCrypto_SetContentKey(const OEMCrypto_SESSION session,
const OEMCrypto_UINT8* contentKey, const uint8_t* contentKey,
const OEMCrypto_UINT32 contentKeyLength, const size_t contentKeyLength,
const OEMCrypto_UINT8* control, const uint8_t* control,
const OEMCrypto_UINT32 controlLength) { const size_t controlLength) {
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }
@@ -439,12 +439,12 @@ OEMCryptoResult OEMCrypto_SetContentKey(const OEMCrypto_SESSION session,
* OEMCrypto_SUCCESS success * OEMCrypto_SUCCESS success
* OEMCrypto_ERROR_DECRYPT_FAILED failed decryption * OEMCrypto_ERROR_DECRYPT_FAILED failed decryption
*/ */
OEMCryptoResult OEMCrypto_DecryptVideo(const OEMCrypto_UINT8* iv, OEMCryptoResult OEMCrypto_DecryptVideo(const uint8_t* iv,
const OEMCrypto_UINT8* input, const uint8_t* input,
const OEMCrypto_UINT32 inputLength, const size_t inputLength,
OEMCrypto_UINT32 output_handle, uint32_t output_handle,
OEMCrypto_UINT32 output_offset, size_t output_offset,
OEMCrypto_UINT32 *outputLength) { size_t *outputLength) {
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }
@@ -481,11 +481,11 @@ OEMCryptoResult OEMCrypto_DecryptVideo(const OEMCrypto_UINT8* iv,
* OEMCrypto_SUCCESS success * OEMCrypto_SUCCESS success
* OEMCrypto_ERROR_DECRYPT_FAILED failed decryption * OEMCrypto_ERROR_DECRYPT_FAILED failed decryption
*/ */
OEMCryptoResult OEMCrypto_DecryptAudio(const OEMCrypto_UINT8* iv, OEMCryptoResult OEMCrypto_DecryptAudio(const uint8_t* iv,
const OEMCrypto_UINT8* input, const uint8_t* input,
const OEMCrypto_UINT32 inputLength, const size_t inputLength,
OEMCrypto_UINT8 *output, uint8_t *output,
OEMCrypto_UINT32 *outputLength) { size_t *outputLength) {
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }
@@ -564,14 +564,14 @@ OEMCryptoResult OEMCrypto_DecryptAudio(const OEMCrypto_UINT8* iv,
*/ */
OEMCryptoResult OEMCrypto_DecryptCTR(OEMCrypto_SESSION session_id, OEMCryptoResult OEMCrypto_DecryptCTR(OEMCrypto_SESSION session_id,
bool is_video, bool is_video,
const OEMCrypto_UINT8 *buffer_addr, const uint8_t *buffer_addr,
OEMCrypto_UINT32 buffer_length, size_t buffer_length,
bool is_encrypted, bool is_encrypted,
const OEMCrypto_UINT8 *key_id, const uint8_t *key_id,
OEMCrypto_UINT32 key_id_length, size_t key_id_length,
const OEMCrypto_UINT8 *iv, const uint8_t *iv,
OEMCrypto_UINT32 offset, size_t offset,
OEMCrypto_UINT32 data_length) { size_t data_length) {
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }
@@ -595,8 +595,8 @@ OEMCryptoResult OEMCrypto_DecryptCTR(OEMCrypto_SESSION session_id,
* OEMCrypto_SUCCESS success * OEMCrypto_SUCCESS success
* OEMCrypto_ERROR_WRITE_KEYBOX failed to handle and store Keybox * OEMCrypto_ERROR_WRITE_KEYBOX failed to handle and store Keybox
*/ */
OEMCryptoResult OEMCrypto_InstallKeybox(OEMCrypto_UINT8 *keybox, OEMCryptoResult OEMCrypto_InstallKeybox(uint8_t *keybox,
OEMCrypto_UINT32 keyBoxLength) { size_t keyBoxLength) {
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }
@@ -640,8 +640,8 @@ OEMCryptoResult OEMCrypto_IsKeyboxValid(void) {
* OEMCrypto_ERROR_SHORT_BUFFER if the buffer is too small to return the device ID * OEMCrypto_ERROR_SHORT_BUFFER if the buffer is too small to return the device ID
* OEMCrypto_ERROR_NO_DEVICEID failed to return Device Id * OEMCrypto_ERROR_NO_DEVICEID failed to return Device Id
*/ */
OEMCryptoResult OEMCrypto_GetDeviceID(OEMCrypto_UINT8* deviceID, OEMCryptoResult OEMCrypto_GetDeviceID(uint8_t* deviceID,
OEMCrypto_UINT32 *idLength) { size_t *idLength) {
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }
@@ -667,8 +667,8 @@ OEMCryptoResult OEMCrypto_GetDeviceID(OEMCrypto_UINT8* deviceID,
* OEMCrypto_ERROR_SHORT_BUFFER if the buffer is too small to return the KeyData * OEMCrypto_ERROR_SHORT_BUFFER if the buffer is too small to return the KeyData
* OEMCrypto_ERROR_NO_KEYDATA failed to return KeyData * OEMCrypto_ERROR_NO_KEYDATA failed to return KeyData
*/ */
OEMCryptoResult OEMCrypto_GetKeyData(OEMCrypto_UINT8* keyData, OEMCryptoResult OEMCrypto_GetKeyData(uint8_t* keyData,
OEMCrypto_UINT32 *keyDataLength) { size_t *keyDataLength) {
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }
@@ -688,8 +688,8 @@ OEMCryptoResult OEMCrypto_GetKeyData(OEMCrypto_UINT8* keyData,
* OEMCrypto_ERROR_RNG_FAILED failed to generate random number * OEMCrypto_ERROR_RNG_FAILED failed to generate random number
* OEMCrypto_ERROR_RNG_NOT_SUPPORTED function not supported * OEMCrypto_ERROR_RNG_NOT_SUPPORTED function not supported
*/ */
OEMCryptoResult OEMCrypto_GetRandom(OEMCrypto_UINT8* randomData, OEMCryptoResult OEMCrypto_GetRandom(uint8_t* randomData,
OEMCrypto_UINT32 dataLength) { size_t dataLength) {
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }
@@ -716,12 +716,12 @@ OEMCryptoResult OEMCrypto_GetRandom(OEMCrypto_UINT8* randomData,
* OEMCrypto_SUCCESS success * OEMCrypto_SUCCESS success
* OEMCrypto_ERROR_WRAP_KEYBOX failed to wrap Keybox * OEMCrypto_ERROR_WRAP_KEYBOX failed to wrap Keybox
*/ */
OEMCryptoResult OEMCrypto_WrapKeybox(OEMCrypto_UINT8 *keybox, OEMCryptoResult OEMCrypto_WrapKeybox(uint8_t *keybox,
OEMCrypto_UINT32 keyBoxLength, size_t keyBoxLength,
OEMCrypto_UINT8 *wrappedKeybox, uint8_t *wrappedKeybox,
OEMCrypto_UINT32 *wrappedKeyBoxLength, size_t *wrappedKeyBoxLength,
OEMCrypto_UINT8 *transportKey, uint8_t *transportKey,
OEMCrypto_UINT32 transportKeyLength) { size_t transportKeyLength) {
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }
@@ -748,9 +748,9 @@ OEMCryptoResult OEMCrypto_WrapKeybox(OEMCrypto_UINT8 *keybox,
* OEMCrypto_SUCCESS success * OEMCrypto_SUCCESS success
* OEMCrypto_ERROR_DECRYPT_FAILED, * OEMCrypto_ERROR_DECRYPT_FAILED,
*/ */
OEMCryptoResult OEMCrypto_DecryptCTS(OEMCrypto_UINT8 *pSrcBuf, OEMCryptoResult OEMCrypto_DecryptCTS(uint8_t *pSrcBuf,
OEMCrypto_UINT8 *pDestBuf, uint8_t *pDestBuf,
const OEMCrypto_UINT32 length, const size_t length,
const OEMCrypto_UINT8 bInitIvFlg) { const uint8_t bInitIvFlg) {
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }

2
libwvdrmengine/oemcrypto/test/TestOEMCrypto.cpp
View File

@@ -15,7 +15,7 @@
#define LOG_TAG "WV.TestOEMCrypto" #define LOG_TAG "WV.TestOEMCrypto"
#include <utils/Log.h> #include <utils/Log.h>
#include "OEMCrypto.h" // Unit Test 1: The header file must compile. #include "OEMCryptoDASH.h" // Unit Test 1: The header file must compile.
#include "MockOEMCrypto.h" #include "MockOEMCrypto.h"
int main( int argc, char *argv[] ) int main( int argc, char *argv[] )