OEMCrypto Usage Tables

This CL adds usage tables to the OEMCrypto reference implementation (mock) and unit tests. There is also a new parameter called oem_crypto_require_usage_tables that determines if the usage tables are required or not. This is set to true for Android and false for all other platforms. This CL is most of OEMCrypto version 9 updates. This CL is a copy of https://widevine-internal-review.googlesource.com/#/c/9720 https://widevine-internal-review.googlesource.com/#/c/9874 https://widevine-internal-review.googlesource.com/#/c/9873 Change-Id: I78c4f7651306f9f79ba2260c3e04fb1eca7e20e3
2014-04-24 11:30:46 -07:00
parent 951f08c2da
commit 1cd8195d88
25 changed files with 1736 additions and 216 deletions
--- a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h
+++ b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h
@@ -1,13 +1,9 @@
-/*******************************************************************************
- *
- * Copyright 2013 Google Inc. All Rights Reserved.
- *
- * mock implementation of OEMCrypto APIs
- *
- ******************************************************************************/
-
-#ifndef OEMCRYPTO_ENGINE_MOCK_H_
-#define OEMCRYPTO_ENGINE_MOCK_H_
+// Copyright 2013 Google Inc. All Rights Reserved.
+//
+//  Mock implementation of OEMCrypto APIs
+//
+#ifndef WVOEC_MOCK_OEMCRYPTO_ENGINE_MOCK_H_
+#define WVOEC_MOCK_OEMCRYPTO_ENGINE_MOCK_H_

 #include <openssl/rsa.h>
 #include <stdint.h>
@@ -20,9 +16,7 @@
 #include "oemcrypto_keybox_mock.h"
 #include "wv_cdm_types.h"

-// TODO(fredgc,gmorgan): Revisit the need to keep interface separate.
-// For now, we need to include the enum OEMCrypto_Algorithm.
-#include "OEMCryptoCENC.h"
+#include "OEMCryptoCENC.h"  // Needed for enum OEMCrypto_Algorithm.

 namespace wvoec_mock {

@@ -34,6 +28,8 @@ enum BufferType {

 class SessionContext;
 class CryptoEngine;
+class UsageTable;
+class UsageTableEntry;

 typedef uint32_t SessionId;
 typedef std::map<SessionId, SessionContext*> ActiveSessions;
@@ -92,7 +88,8 @@ class SessionContext {
        id_(sid),
        current_content_key_(NULL),
        rsa_key_(NULL),
-        allowed_schemes_(kSign_RSASSA_PSS) {}
+        allowed_schemes_(kSign_RSASSA_PSS),
+        usage_entry_(NULL) {}
  ~SessionContext();

  bool isValid() { return valid_; }
@@ -139,17 +136,12 @@ class SessionContext {
                                 size_t signature_length);
  void StartTimer();
  uint32_t CurrentTimer(); // (seconds).
-  OEMCryptoResult LoadKeys(OEMCrypto_SESSION session,
-                           const uint8_t* message,
-                           size_t message_length,
-                           const uint8_t* signature,
-                           size_t signature_length,
+  OEMCryptoResult LoadKeys(const uint8_t* message, size_t message_length,
+                           const uint8_t* signature, size_t signature_length,
                           const uint8_t* enc_mac_key_iv,
-                           const uint8_t* enc_mac_keys,
-                           size_t num_keys,
+                           const uint8_t* enc_mac_keys, size_t num_keys,
                           const OEMCrypto_KeyObject* key_array,
-                           const uint8_t* pst,
-                           size_t pst_length);
+                           const uint8_t* pst, size_t pst_length);
  bool InstallKey(const KeyId& key_id,
                  const std::vector<uint8_t>& key_data,
                  const std::vector<uint8_t>& key_data_iv,
@@ -195,17 +187,19 @@ class SessionContext {
  void AddNonce(uint32_t nonce);
  bool CheckNonce(uint32_t nonce);
  void FlushNonces();
+  void ReleaseUsageEntry();

 private:
-
-  bool DeriveKey(const std::vector<uint8_t>& key, const std::vector<uint8_t>& context,
+  bool DeriveKey(const std::vector<uint8_t>& key,
+                 const std::vector<uint8_t>& context,
                 int counter, std::vector<uint8_t>* out);
  bool DecryptMessage(const std::vector<uint8_t>& key,
                      const std::vector<uint8_t>& iv,
                      const std::vector<uint8_t>& message,
                      std::vector<uint8_t>* decrypted);
-  bool CheckNonceOrPST(KeyControlBlock& key_control_block,
-                       const std::vector<uint8_t>& pst);
+  bool CheckNonceOrEntry(const KeyControlBlock& key_control_block,
+                         const std::vector<uint8_t>& pst);
+  bool IsUsageEntryValid();

  bool valid_;
  CryptoEngine* ce_;
@@ -220,6 +214,7 @@ class SessionContext {
  RSA* rsa_key_;
  uint32_t allowed_schemes_;  // for RSA signatures.
  time_t timer_start_;
+  UsageTableEntry* usage_entry_;

  CORE_DISALLOW_COPY_AND_ASSIGN(SessionContext);
 };
@@ -227,7 +222,6 @@ class SessionContext {
 class CryptoEngine {

 private:
-
  enum CryptoEngineState {
    CE_ILLEGAL,
    CE_INITIALIZED,
@@ -237,7 +231,6 @@ class CryptoEngine {
  };

 public:
-
  CryptoEngine();
  ~CryptoEngine();

@@ -268,10 +261,10 @@ class CryptoEngine {
    return maximum_hdcp_capability_;
  }

+  UsageTable* usage_table() { return usage_table_; }
  bool local_display() { return local_display_; }

 private:
-
  bool valid_;
  CryptoEngineState ce_state_;
  SessionContext* current_session_;
@@ -281,9 +274,11 @@ class CryptoEngine {
  OEMCrypto_HDCP_Capability current_hdcp_capability_;
  OEMCrypto_HDCP_Capability maximum_hdcp_capability_;
  bool local_display_;
+  UsageTable* usage_table_;

  CORE_DISALLOW_COPY_AND_ASSIGN(CryptoEngine);
 };

-};   // namespace wvoec_eng
-#endif
+};  // namespace wvoec_eng
+
+#endif  // WVOEC_MOCK_OEMCRYPTO_ENGINE_MOCK_H_