widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Correct AES bit size for generic crypto

Browse Source 
Merge from Widevine repo of http://go/wvgerrit/42402

This changes the AES key size back to 128 for keys that are not
entitlment keys.

bug: 72904259
test: unit tests
Change-Id: I07cc56050cafb82c65b67c56df3f18d375047eb8
This commit is contained in:
Fred Gylys-Colwell
2018-02-05 11:49:22 -08:00
parent 51212b1505
commit 8ae3759a7d
4 changed files with 22 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
libwvdrmengine/oemcrypto/mock/src/oemcrypto_session.cpp
View File

@@ -715,7 +715,7 @@ OEMCryptoResult SessionContext::LoadEntitledContentKeys(
key_data->content_key_id,
key_data->content_key_id + key_data->content_key_id_length);
if (!DecryptMessage(*entitlement_key, iv, encrypted_content_key,
&content_key)) {
&content_key, 256 /* key size */)) {
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
if (!session_keys_->SetContentKey(entitlement_key_id, content_key_id,
@@ -735,7 +735,8 @@ OEMCryptoResult SessionContext::InstallKey(
std::vector<uint8_t> content_key;
std::vector<uint8_t> key_control_str;
if (!DecryptMessage(encryption_key_, key_data_iv, key_data, &content_key)) {
if (!DecryptMessage(encryption_key_, key_data_iv, key_data, &content_key,
128 /* key size */)) {
LOGE("[Installkey(): Could not decrypt key data]");
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
@@ -758,7 +759,7 @@ OEMCryptoResult SessionContext::InstallKey(
return OEMCrypto_ERROR_INVALID_CONTEXT;
}
if (!DecryptMessage(content_key, key_control_iv, key_control,
&key_control_str)) {
&key_control_str, 128 /* key size */)) {
LOGE("[Installkey(): ERROR: Could not decrypt content key]");
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
@@ -890,7 +891,7 @@ OEMCryptoResult SessionContext::RefreshKey(
LOGD("Key control block is encrypted.");
}
if (!DecryptMessage(content_key_value, key_control_iv, key_control,
&control)) {
&control, 128 /* key size */)) {
if (LogCategoryEnabled(kLoggingDumpKeyControlBlocks)) {
LOGD("Error decrypting key control block.");
}
@@ -1179,7 +1180,8 @@ bool SessionContext::UpdateMacKeys(const std::vector<uint8_t>& enc_mac_keys,
const std::vector<uint8_t>& iv) {
// Decrypt mac key from enc_mac_key using device_keya
std::vector<uint8_t> mac_keys;
if (!DecryptMessage(encryption_key_, iv, enc_mac_keys, &mac_keys)) {
if (!DecryptMessage(encryption_key_, iv, enc_mac_keys, &mac_keys,
128 /* key size */)) {
return false;
}
mac_key_server_ = std::vector<uint8_t>(
@@ -1327,7 +1329,8 @@ OEMCryptoResult SessionContext::CopyOldUsageEntry(
bool SessionContext::DecryptMessage(const std::vector<uint8_t>& key,
const std::vector<uint8_t>& iv,
const std::vector<uint8_t>& message,
std::vector<uint8_t>* decrypted) {
std::vector<uint8_t>* decrypted,
uint32_t key_size) {
if (key.empty() || iv.empty() || message.empty() || !decrypted) {
LOGE("[DecryptMessage(): OEMCrypto_ERROR_INVALID_CONTEXT]");
return false;
@@ -1336,7 +1339,7 @@ bool SessionContext::DecryptMessage(const std::vector<uint8_t>& key,
uint8_t iv_buffer[16];
memcpy(iv_buffer, &iv[0], 16);
AES_KEY aes_key;
AES_set_decrypt_key(&key[0], key.size() * 8, &aes_key);
AES_set_decrypt_key(&key[0], key_size, &aes_key);
AES_cbc_encrypt(&message[0], &(decrypted->front()), message.size(), &aes_key,
iv_buffer, AES_DECRYPT);
return true;

3
libwvdrmengine/oemcrypto/mock/src/oemcrypto_session.h
View File

@@ -189,7 +189,8 @@ class SessionContext {
bool DecryptMessage(const std::vector<uint8_t>& key,
const std::vector<uint8_t>& iv,
const std::vector<uint8_t>& message,
std::vector<uint8_t>* decrypted);
std::vector<uint8_t>* decrypted,
uint32_t key_size); // AES key size, in bits.
// Either verify the nonce or usage entry, as required by the key control
// block.
OEMCryptoResult CheckNonceOrEntry(const KeyControlBlock& key_control_block);

10
libwvdrmengine/oemcrypto/test/oec_session_util.cpp
View File

@@ -105,8 +105,9 @@ Session::Session()
enc_key_(wvcdm::KEY_SIZE),
public_rsa_(0),
message_size_(sizeof(MessageData)),
num_keys_(4) { // Most tests only use 4 keys.
// Other tests will explicitly call set_num_keys.
num_keys_(4), // Most tests only use 4 keys.
// Other tests will explicitly call set_num_keys.
has_entitlement_license_(false) {
// Stripe the padded message.
for (size_t i = 0; i < sizeof(padded_message_.padding); i++) {
padded_message_.padding[i] = i % 0x100;
@@ -310,6 +311,7 @@ void Session::LoadEnitlementTestKeys(const std::string& pst,
}
void Session::FillEntitledKeyArray() {
has_entitlement_license_ = true;
for (size_t i = 0; i < num_keys_; ++i) {
EntitledContentKeyData* key_data = &entitled_key_data_[i];
@@ -594,10 +596,10 @@ void Session::EncryptAndSign() {
AES_cbc_encrypt(&license_.mac_keys[0], &encrypted_license().mac_keys[0],
2 * wvcdm::MAC_KEY_SIZE, &aes_key, iv_buffer, AES_ENCRYPT);
int key_size = has_entitlement_license() ? 256 : 128;
for (unsigned int i = 0; i < num_keys_; i++) {
memcpy(iv_buffer, &license_.keys[i].control_iv[0], wvcdm::KEY_IV_SIZE);
AES_set_encrypt_key(&license_.keys[i].key_data[0],
license_.keys[i].key_data_length * 8, &aes_key);
AES_set_encrypt_key(&license_.keys[i].key_data[0], key_size, &aes_key);
AES_cbc_encrypt(
reinterpret_cast<const uint8_t*>(&license_.keys[i].control),
reinterpret_cast<uint8_t*>(&encrypted_license().keys[i].control),

4
libwvdrmengine/oemcrypto/test/oec_session_util.h
View File

@@ -370,6 +370,9 @@ class Session {
// The size of the encrypted message.
size_t message_size() { return message_size_; }
// If this session has an entitlement license.
bool has_entitlement_license() const { return has_entitlement_license_; }
private:
// Generate mac and enc keys give the master key.
void DeriveKeys(const uint8_t* master_key,
@@ -399,6 +402,7 @@ class Session {
vector<uint8_t> encrypted_usage_entry_;
uint32_t usage_entry_number_;
string pst_;
bool has_entitlement_license_;
// Clear Entitlement key data. This is the backing data for
// |entitled_key_array_|.