diff --git a/libwvdrmengine/cdm/core/include/crypto_session.h b/libwvdrmengine/cdm/core/include/crypto_session.h index 139bb466..b9a56391 100644 --- a/libwvdrmengine/cdm/core/include/crypto_session.h +++ b/libwvdrmengine/cdm/core/include/crypto_session.h @@ -325,14 +325,6 @@ class CryptoSession { CdmResponseType SelectKey(const std::string& key_id, CdmCipherMode cipher_mode); - static const OEMCrypto_Algorithm kInvalidAlgorithm = - static_cast(-1); - - OEMCrypto_Algorithm GenericSigningAlgorithm(CdmSigningAlgorithm algorithm); - OEMCrypto_Algorithm GenericEncryptionAlgorithm( - CdmEncryptionAlgorithm algorithm); - size_t GenericEncryptionBlockSize(CdmEncryptionAlgorithm algorithm); - // These methods fall back into each other in the order given, depending on // how much data they were given and how much data OEMCrypto can accept in one // call. @@ -408,10 +400,6 @@ class CryptoSession { static bool IsInitialized(); - // Constants - static const size_t kAes128BlockSize = 16; // Block size for AES_CBC_128 - static const size_t kSignatureSize = 32; // size for HMAC-SHA256 signature - // The locking methods above should be used in preference to taking these // mutexes directly. If code takes these manually and needs to take more // than one, it must *always* take them in the order they are defined here. diff --git a/libwvdrmengine/cdm/core/src/crypto_session.cpp b/libwvdrmengine/cdm/core/src/crypto_session.cpp index e5e468ac..21ad78a7 100644 --- a/libwvdrmengine/cdm/core/src/crypto_session.cpp +++ b/libwvdrmengine/cdm/core/src/crypto_session.cpp @@ -57,6 +57,7 @@ constexpr size_t MiB = 1024 * 1024; constexpr uint32_t kRsaSignatureLength = 256; constexpr size_t kEstimatedInitialUsageTableHeader = 40; +const size_t kAes128BlockSize = 16; // Constants and utility objects relating to OEM Certificates constexpr const char* kWidevineSystemIdExtensionOid = "1.3.6.1.4.1.11129.4.1.1"; @@ -128,6 +129,36 @@ void AdvanceDestBuffer(OEMCrypto_DestBufferDesc* dest_buffer, size_t bytes) { LOGE("Unrecognized OEMCryptoBufferType %u - doing nothing", dest_buffer->type); } + +bool GetGenericSigningAlgorithm(CdmSigningAlgorithm algorithm, + OEMCrypto_Algorithm* oec_algorithm) { + RETURN_IF_NULL(oec_algorithm, false); + if (kSigningAlgorithmHmacSha256 != algorithm) { + LOGW("Unrecognized signing algorithm: %d", algorithm); + return false; + } + *oec_algorithm = OEMCrypto_HMAC_SHA256; + return true; +} + +bool GetGenericEncryptionAlgorithm(CdmEncryptionAlgorithm algorithm, + OEMCrypto_Algorithm* oec_algorithm) { + RETURN_IF_NULL(oec_algorithm, false); + if (kEncryptionAlgorithmAesCbc128 != algorithm) { + LOGW("Unrecognized encryption algorithm: %d", algorithm); + return false; + } + *oec_algorithm = OEMCrypto_AES_CBC_128_NO_PADDING; + return true; +} + +size_t GenericEncryptionBlockSize(CdmEncryptionAlgorithm algorithm) { + if (kEncryptionAlgorithmAesCbc128 != algorithm) { + LOGW("Unrecognized encryption algorithm: %d", algorithm); + return 0; + } + return kAes128BlockSize; +} } // namespace shared_mutex CryptoSession::static_field_mutex_; @@ -2121,9 +2152,9 @@ CdmResponseType CryptoSession::GenericEncrypt(const std::string& in_buffer, LOGV("Generic encrypt: id = %u", oec_session_id_); RETURN_IF_NULL(out_buffer, PARAMETER_NULL); - OEMCrypto_Algorithm oec_algorithm = GenericEncryptionAlgorithm(algorithm); + OEMCrypto_Algorithm oec_algorithm = OEMCrypto_AES_CBC_128_NO_PADDING; if (iv.size() != GenericEncryptionBlockSize(algorithm) || - oec_algorithm == kInvalidAlgorithm) { + !GetGenericEncryptionAlgorithm(algorithm, &oec_algorithm)) { return INVALID_PARAMETERS_ENG_13; } @@ -2182,9 +2213,9 @@ CdmResponseType CryptoSession::GenericDecrypt(const std::string& in_buffer, LOGV("Generic decrypt: id = %u", oec_session_id_); RETURN_IF_NULL(out_buffer, PARAMETER_NULL); - OEMCrypto_Algorithm oec_algorithm = GenericEncryptionAlgorithm(algorithm); + OEMCrypto_Algorithm oec_algorithm = OEMCrypto_AES_CBC_128_NO_PADDING; if (iv.size() != GenericEncryptionBlockSize(algorithm) || - oec_algorithm == kInvalidAlgorithm) { + !GetGenericEncryptionAlgorithm(algorithm, &oec_algorithm)) { return INVALID_PARAMETERS_ENG_14; } @@ -2242,8 +2273,8 @@ CdmResponseType CryptoSession::GenericSign(const std::string& message, LOGV("Generic sign: id = %u", oec_session_id_); RETURN_IF_NULL(signature, PARAMETER_NULL); - OEMCrypto_Algorithm oec_algorithm = GenericSigningAlgorithm(algorithm); - if (oec_algorithm == kInvalidAlgorithm) { + OEMCrypto_Algorithm oec_algorithm = OEMCrypto_HMAC_SHA256; + if (!GetGenericSigningAlgorithm(algorithm, &oec_algorithm)) { return INVALID_PARAMETERS_ENG_15; } @@ -2308,8 +2339,8 @@ CdmResponseType CryptoSession::GenericVerify(const std::string& message, const std::string& signature) { LOGV("Generic verify: id = %u", oec_session_id_); - OEMCrypto_Algorithm oec_algorithm = GenericSigningAlgorithm(algorithm); - if (oec_algorithm == kInvalidAlgorithm) { + OEMCrypto_Algorithm oec_algorithm = OEMCrypto_HMAC_SHA256; + if (!GetGenericSigningAlgorithm(algorithm, &oec_algorithm)) { return INVALID_PARAMETERS_ENG_16; } @@ -2660,33 +2691,6 @@ bool CryptoSession::GetAnalogOutputCapabilities(bool* can_support_output, return true; } -OEMCrypto_Algorithm CryptoSession::GenericSigningAlgorithm( - CdmSigningAlgorithm algorithm) { - if (kSigningAlgorithmHmacSha256 == algorithm) { - return OEMCrypto_HMAC_SHA256; - } else { - return kInvalidAlgorithm; - } -} - -OEMCrypto_Algorithm CryptoSession::GenericEncryptionAlgorithm( - CdmEncryptionAlgorithm algorithm) { - if (kEncryptionAlgorithmAesCbc128 == algorithm) { - return OEMCrypto_AES_CBC_128_NO_PADDING; - } else { - return kInvalidAlgorithm; - } -} - -size_t CryptoSession::GenericEncryptionBlockSize( - CdmEncryptionAlgorithm algorithm) { - if (kEncryptionAlgorithmAesCbc128 == algorithm) { - return kAes128BlockSize; - } else { - return 0; - } -} - // OEMCryptoResult OEMCrypto_DecryptCENC( // OEMCrypto_SESSION session, // const OEMCrypto_SampleDescription* samples, // an array of samples.