widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

OEMCrypto v11 Documentation and Headers

Browse Source 
Merge from widevine repo of http://go/wvgerrit/16186

These are the OEMCrypto v11 documents and header files. I have updated
just enough code so that existing unit tests pass.  New unit tests,
the reference implementation, and the level 3 implementation are in
future CLs.

Change-Id: I9bbf1909e047f63a5877320a2d06740a3c4a3e32
This commit is contained in:
Fred Gylys-Colwell
2015-12-09 13:51:18 -08:00
parent a99825b7aa
commit 0dc746a380
10 changed files with 251 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
libwvdrmengine/cdm/core/include/oemcrypto_adapter.h
View File

@@ -34,6 +34,7 @@ OEMCryptoResult OEMCrypto_GetNumberOfOpenSessions(SecurityLevel level,
size_t* count);
OEMCryptoResult OEMCrypto_GetMaxNumberOfSessions(SecurityLevel level,
size_t* maximum);
uint8_t OEMCrypto_Security_Patch_Level(SecurityLevel level);
} // namespace wvcdm
#endif // WVCDM_CORE_OEMCRYPTO_ADAPTER_H_

5
libwvdrmengine/cdm/core/src/crypto_session.cpp
View File

@@ -683,10 +683,11 @@ CdmResponseType CryptoSession::Decrypt(const CdmDecryptionParameters& params) {
}
}
}
sts = OEMCrypto_DecryptCTR(
// TODO(rfrias): add encrypt pattern parameter.
sts = OEMCrypto_DecryptCENC(
oec_session_id_, params.encrypt_buffer, params.encrypt_length,
params.is_encrypted, &(*params.iv).front(), params.block_offset,
&buffer_descriptor, params.subsample_flags);
&buffer_descriptor, NULL, params.subsample_flags);
}
switch (sts) {

87
libwvdrmengine/cdm/core/src/oemcrypto_adapter_dynamic.cpp
View File

@@ -30,6 +30,17 @@ using wvcdm::kLevel3;
namespace {
// TODO(fredgc): rename to _V10 after removing from level3.h.
typedef struct {
const uint8_t* key_id;
size_t key_id_length;
const uint8_t* key_data_iv;
const uint8_t* key_data;
size_t key_data_length;
const uint8_t* key_control_iv;
const uint8_t* key_control;
} OEMCrypto_KeyObject_TODO;
typedef OEMCryptoResult (*L1_Initialize_t)(void);
typedef OEMCryptoResult (*L1_Terminate_t)(void);
typedef OEMCryptoResult (*L1_OpenSession_t)(OEMCrypto_SESSION* session);
@@ -51,6 +62,12 @@ typedef OEMCryptoResult (*L1_LoadKeys_t)(
const uint8_t* enc_mac_key_iv, const uint8_t* enc_mac_key, size_t num_keys,
const OEMCrypto_KeyObject* key_array, const uint8_t* pst,
size_t pst_length);
typedef OEMCryptoResult (*L1_LoadKeys_V10_t)(
OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
const uint8_t* signature, size_t signature_length,
const uint8_t* enc_mac_key_iv, const uint8_t* enc_mac_key, size_t num_keys,
const OEMCrypto_KeyObject_V10* key_array, const uint8_t* pst,
size_t pst_length);
typedef OEMCryptoResult (*L1_LoadKeys_V8_t)(
OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
const uint8_t* signature, size_t signature_length,
@@ -66,10 +83,15 @@ typedef OEMCryptoResult (*L1_QueryKeyControl_t)(
typedef OEMCryptoResult (*L1_SelectKey_t)(const OEMCrypto_SESSION session,
const uint8_t* key_id,
size_t key_id_length);
typedef OEMCryptoResult (*L1_DecryptCTR_t)(
typedef OEMCryptoResult (*L1_DecryptCTR_V10_t)(
OEMCrypto_SESSION session, const uint8_t* data_addr, size_t data_length,
bool is_encrypted, const uint8_t* iv, size_t offset,
const OEMCrypto_DestBufferDesc* out_buffer, uint8_t subsample_flags);
typedef OEMCryptoResult (*L1_DecryptCENC_t)(
OEMCrypto_SESSION session, const uint8_t* data_addr, size_t data_length,
bool is_encrypted, const uint8_t* iv, size_t offset,
const OEMCrypto_DestBufferDesc* out_buffer,
const OEMCrypto_PatternDesc* pattern, uint8_t subsample_flags);
typedef OEMCryptoResult (*L1_CopyBuffer_t)(const uint8_t* data_addr,
size_t data_length,
OEMCrypto_DestBufferDesc* out_buffer,
@@ -113,6 +135,7 @@ typedef OEMCryptoResult (*L1_DeriveKeysFromSessionKey_t)(
size_t mac_key_context_length, const uint8_t* enc_key_context,
size_t enc_key_context_length);
typedef uint32_t (*L1_APIVersion_t)();
typedef uint8_t (*L1_SecurityPatchLevel_t)();
typedef const char* (*L1_SecurityLevel_t)();
typedef OEMCryptoResult (*L1_GetHDCPCapability_V9_t)(uint8_t* current,
uint8_t* maximum);
@@ -169,7 +192,8 @@ struct FunctionPointers {
L1_RefreshKeys_t RefreshKeys;
L1_QueryKeyControl_t QueryKeyControl;
L1_SelectKey_t SelectKey;
L1_DecryptCTR_t DecryptCTR;
L1_DecryptCTR_V10_t DecryptCTR_V10;
L1_DecryptCENC_t DecryptCENC;
L1_CopyBuffer_t CopyBuffer;
L1_WrapKeybox_t WrapKeybox;
L1_InstallKeybox_t InstallKeybox;
@@ -184,6 +208,7 @@ struct FunctionPointers {
L1_GenerateRSASignature_t GenerateRSASignature;
L1_DeriveKeysFromSessionKey_t DeriveKeysFromSessionKey;
L1_APIVersion_t APIVersion;
L1_SecurityPatchLevel_t SecurityPatchLevel;
L1_SecurityLevel_t SecurityLevel;
L1_GetHDCPCapability_t GetHDCPCapability;
L1_SupportsUsageTable_t SupportsUsageTable;
@@ -204,6 +229,7 @@ struct FunctionPointers {
L1_LoadKeys_V8_t LoadKeys_V8;
L1_GenerateRSASignature_V8_t GenerateRSASignature_V8;
L1_GetHDCPCapability_V9_t GetHDCPCapability_V9;
L1_LoadKeys_V10_t LoadKeys_V10;
};
struct LevelSession {
@@ -277,7 +303,6 @@ class Adapter {
LOOKUP(GenerateSignature, OEMCrypto_GenerateSignature);
LOOKUP(RefreshKeys, OEMCrypto_RefreshKeys);
LOOKUP(SelectKey, OEMCrypto_SelectKey);
LOOKUP(DecryptCTR, OEMCrypto_DecryptCTR);
LOOKUP(InstallKeybox, OEMCrypto_InstallKeybox);
LOOKUP(IsKeyboxValid, OEMCrypto_IsKeyboxValid);
LOOKUP(GetDeviceID, OEMCrypto_GetDeviceID);
@@ -333,6 +358,14 @@ class Adapter {
LOOKUP(GetNumberOfOpenSessions, OEMCrypto_GetNumberOfOpenSessions);
LOOKUP(GetMaxNumberOfSessions, OEMCrypto_GetMaxNumberOfSessions);
LOOKUP(ForceDeleteUsageEntry, OEMCrypto_ForceDeleteUsageEntry);
if (level1_.version == 10) {
LOOKUP(LoadKeys_V10, OEMCrypto_LoadKeys_V10);
LOOKUP(DecryptCTR_V10, OEMCrypto_DecryptCTR_V10);
} else {
LOOKUP(LoadKeys, OEMCrypto_LoadKeys);
LOOKUP(DecryptCENC, OEMCrypto_DecryptCENC);
LOOKUP(SecurityPatchLevel, OEMCrypto_Security_Patch_Level);
}
}
}
if (OEMCrypto_SUCCESS == level1_.IsKeyboxValid()) {
@@ -387,11 +420,11 @@ class Adapter {
level3_.GenerateDerivedKeys = Level3_GenerateDerivedKeys;
level3_.GenerateNonce = Level3_GenerateNonce;
level3_.GenerateSignature = Level3_GenerateSignature;
level3_.LoadKeys = Level3_LoadKeys;
level3_.LoadKeys_V10 = Level3_LoadKeys;
level3_.RefreshKeys = Level3_RefreshKeys;
level3_.QueryKeyControl = Level3_QueryKeyControl;
level3_.SelectKey = Level3_SelectKey;
level3_.DecryptCTR = Level3_DecryptCTR;
level3_.DecryptCTR_V10 = Level3_DecryptCTR;
level3_.CopyBuffer = Level3_CopyBuffer;
level3_.WrapKeybox = Level3_WrapKeybox;
level3_.InstallKeybox = Level3_InstallKeybox;
@@ -572,6 +605,14 @@ uint32_t OEMCrypto_APIVersion(SecurityLevel level) {
return fcn->APIVersion();
}
uint8_t OEMCrypto_Security_Patch_Level(SecurityLevel level) {
if (!kAdapter) return 0;
const FunctionPointers* fcn = kAdapter->get(level);
if (!fcn) return 0;
if (fcn->version < 10) return 0;
return fcn->SecurityPatchLevel();
}
const char* OEMCrypto_SecurityLevel(SecurityLevel level) {
if (!kAdapter) return "";
const FunctionPointers* fcn = kAdapter->get(level);
@@ -705,6 +746,25 @@ extern "C" OEMCryptoResult OEMCrypto_LoadKeys(
return pair.fcn->LoadKeys_V8(pair.session, message, message_length,
signature, signature_length, enc_mac_key_iv,
enc_mac_key, num_keys, key_array);
} else if (pair.fcn->version < 11) {
std::vector<OEMCrypto_KeyObject_V10> key_array_v10(num_keys);
for(int i=0; i< num_keys; i++) {
key_array_v10[i].key_id = key_array[i].key_id;
key_array_v10[i].key_id_length = key_array[i].key_id_length;
key_array_v10[i].key_data_iv = key_array[i].key_data_iv;
key_array_v10[i].key_data = key_array[i].key_data;
key_array_v10[i].key_data_length = key_array[i].key_data_length;
key_array_v10[i].key_control_iv = key_array[i].key_control_iv;
key_array_v10[i].key_control = key_array[i].key_control;
if (key_array[i].cipher_mode == OEMCrypto_CipherMode_CBC) {
LOGE("CBC Mode not supported.");
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
}
return pair.fcn->LoadKeys_V10(pair.session, message, message_length,
signature,
signature_length, enc_mac_key_iv, enc_mac_key,
num_keys, &key_array_v10[0], pst, pst_length);
} else {
return pair.fcn->LoadKeys(pair.session, message, message_length, signature,
signature_length, enc_mac_key_iv, enc_mac_key,
@@ -743,16 +803,23 @@ extern "C" OEMCryptoResult OEMCrypto_SelectKey(const OEMCrypto_SESSION session,
return pair.fcn->SelectKey(pair.session, key_id, key_id_length);
}
extern "C" OEMCryptoResult OEMCrypto_DecryptCTR(
extern "C" OEMCryptoResult OEMCrypto_DecryptCENC(
OEMCrypto_SESSION session, const uint8_t* data_addr, size_t data_length,
bool is_encrypted, const uint8_t* iv, size_t offset,
OEMCrypto_DestBufferDesc* out_buffer, uint8_t subsample_flags) {
OEMCrypto_DestBufferDesc* out_buffer, const OEMCrypto_PatternDesc* pattern,
uint8_t subsample_flags) {
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
LevelSession pair = kAdapter->get(session);
if (!pair.fcn) return OEMCrypto_ERROR_INVALID_SESSION;
return pair.fcn->DecryptCTR(pair.session, data_addr, data_length,
is_encrypted, iv, offset, out_buffer,
subsample_flags);
if (pair.fcn->version < 11) {
return pair.fcn->DecryptCTR_V10(pair.session, data_addr, data_length,
is_encrypted, iv, offset, out_buffer,
subsample_flags);
} else {
return pair.fcn->DecryptCENC(pair.session, data_addr, data_length,
is_encrypted, iv, offset, out_buffer, pattern,
subsample_flags);
}
}
extern "C" OEMCryptoResult OEMCrypto_CopyBuffer(