Correct AES bit size for generic crypto
Merge from Widevine repo of http://go/wvgerrit/42402 This changes the AES key size back to 128 for keys that are not entitlment keys. bug: 72904259 test: unit tests Change-Id: I07cc56050cafb82c65b67c56df3f18d375047eb8
This commit is contained in:
Fred Gylys-Colwell
@@ -715,7 +715,7 @@ OEMCryptoResult SessionContext::LoadEntitledContentKeys(
|
|||||||
key_data->content_key_id,
|
key_data->content_key_id,
|
||||||
key_data->content_key_id + key_data->content_key_id_length);
|
key_data->content_key_id + key_data->content_key_id_length);
|
||||||
if (!DecryptMessage(*entitlement_key, iv, encrypted_content_key,
|
if (!DecryptMessage(*entitlement_key, iv, encrypted_content_key,
|
||||||
&content_key)) {
|
&content_key, 256 /* key size */)) {
|
||||||
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
|
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
|
||||||
}
|
}
|
||||||
if (!session_keys_->SetContentKey(entitlement_key_id, content_key_id,
|
if (!session_keys_->SetContentKey(entitlement_key_id, content_key_id,
|
||||||
@@ -735,7 +735,8 @@ OEMCryptoResult SessionContext::InstallKey(
|
|||||||
std::vector<uint8_t> content_key;
|
std::vector<uint8_t> content_key;
|
||||||
std::vector<uint8_t> key_control_str;
|
std::vector<uint8_t> key_control_str;
|
||||||
|
|
||||||
if (!DecryptMessage(encryption_key_, key_data_iv, key_data, &content_key)) {
|
if (!DecryptMessage(encryption_key_, key_data_iv, key_data, &content_key,
|
||||||
|
128 /* key size */)) {
|
||||||
LOGE("[Installkey(): Could not decrypt key data]");
|
LOGE("[Installkey(): Could not decrypt key data]");
|
||||||
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
|
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
|
||||||
}
|
}
|
||||||
@@ -758,7 +759,7 @@ OEMCryptoResult SessionContext::InstallKey(
|
|||||||
return OEMCrypto_ERROR_INVALID_CONTEXT;
|
return OEMCrypto_ERROR_INVALID_CONTEXT;
|
||||||
}
|
}
|
||||||
if (!DecryptMessage(content_key, key_control_iv, key_control,
|
if (!DecryptMessage(content_key, key_control_iv, key_control,
|
||||||
&key_control_str)) {
|
&key_control_str, 128 /* key size */)) {
|
||||||
LOGE("[Installkey(): ERROR: Could not decrypt content key]");
|
LOGE("[Installkey(): ERROR: Could not decrypt content key]");
|
||||||
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
|
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
|
||||||
}
|
}
|
||||||
@@ -890,7 +891,7 @@ OEMCryptoResult SessionContext::RefreshKey(
|
|||||||
LOGD("Key control block is encrypted.");
|
LOGD("Key control block is encrypted.");
|
||||||
}
|
}
|
||||||
if (!DecryptMessage(content_key_value, key_control_iv, key_control,
|
if (!DecryptMessage(content_key_value, key_control_iv, key_control,
|
||||||
&control)) {
|
&control, 128 /* key size */)) {
|
||||||
if (LogCategoryEnabled(kLoggingDumpKeyControlBlocks)) {
|
if (LogCategoryEnabled(kLoggingDumpKeyControlBlocks)) {
|
||||||
LOGD("Error decrypting key control block.");
|
LOGD("Error decrypting key control block.");
|
||||||
}
|
}
|
||||||
@@ -1179,7 +1180,8 @@ bool SessionContext::UpdateMacKeys(const std::vector<uint8_t>& enc_mac_keys,
|
|||||||
const std::vector<uint8_t>& iv) {
|
const std::vector<uint8_t>& iv) {
|
||||||
// Decrypt mac key from enc_mac_key using device_keya
|
// Decrypt mac key from enc_mac_key using device_keya
|
||||||
std::vector<uint8_t> mac_keys;
|
std::vector<uint8_t> mac_keys;
|
||||||
if (!DecryptMessage(encryption_key_, iv, enc_mac_keys, &mac_keys)) {
|
if (!DecryptMessage(encryption_key_, iv, enc_mac_keys, &mac_keys,
|
||||||
|
128 /* key size */)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
mac_key_server_ = std::vector<uint8_t>(
|
mac_key_server_ = std::vector<uint8_t>(
|
||||||
@@ -1327,7 +1329,8 @@ OEMCryptoResult SessionContext::CopyOldUsageEntry(
|
|||||||
bool SessionContext::DecryptMessage(const std::vector<uint8_t>& key,
|
bool SessionContext::DecryptMessage(const std::vector<uint8_t>& key,
|
||||||
const std::vector<uint8_t>& iv,
|
const std::vector<uint8_t>& iv,
|
||||||
const std::vector<uint8_t>& message,
|
const std::vector<uint8_t>& message,
|
||||||
std::vector<uint8_t>* decrypted) {
|
std::vector<uint8_t>* decrypted,
|
||||||
|
uint32_t key_size) {
|
||||||
if (key.empty() || iv.empty() || message.empty() || !decrypted) {
|
if (key.empty() || iv.empty() || message.empty() || !decrypted) {
|
||||||
LOGE("[DecryptMessage(): OEMCrypto_ERROR_INVALID_CONTEXT]");
|
LOGE("[DecryptMessage(): OEMCrypto_ERROR_INVALID_CONTEXT]");
|
||||||
return false;
|
return false;
|
||||||
@@ -1336,7 +1339,7 @@ bool SessionContext::DecryptMessage(const std::vector<uint8_t>& key,
|
|||||||
uint8_t iv_buffer[16];
|
uint8_t iv_buffer[16];
|
||||||
memcpy(iv_buffer, &iv[0], 16);
|
memcpy(iv_buffer, &iv[0], 16);
|
||||||
AES_KEY aes_key;
|
AES_KEY aes_key;
|
||||||
AES_set_decrypt_key(&key[0], key.size() * 8, &aes_key);
|
AES_set_decrypt_key(&key[0], key_size, &aes_key);
|
||||||
AES_cbc_encrypt(&message[0], &(decrypted->front()), message.size(), &aes_key,
|
AES_cbc_encrypt(&message[0], &(decrypted->front()), message.size(), &aes_key,
|
||||||
iv_buffer, AES_DECRYPT);
|
iv_buffer, AES_DECRYPT);
|
||||||
return true;
|
return true;
|
||||||
|
|||||||
@@ -189,7 +189,8 @@ class SessionContext {
|
|||||||
bool DecryptMessage(const std::vector<uint8_t>& key,
|
bool DecryptMessage(const std::vector<uint8_t>& key,
|
||||||
const std::vector<uint8_t>& iv,
|
const std::vector<uint8_t>& iv,
|
||||||
const std::vector<uint8_t>& message,
|
const std::vector<uint8_t>& message,
|
||||||
std::vector<uint8_t>* decrypted);
|
std::vector<uint8_t>* decrypted,
|
||||||
|
uint32_t key_size); // AES key size, in bits.
|
||||||
// Either verify the nonce or usage entry, as required by the key control
|
// Either verify the nonce or usage entry, as required by the key control
|
||||||
// block.
|
// block.
|
||||||
OEMCryptoResult CheckNonceOrEntry(const KeyControlBlock& key_control_block);
|
OEMCryptoResult CheckNonceOrEntry(const KeyControlBlock& key_control_block);
|
||||||
|
|||||||
@@ -105,8 +105,9 @@ Session::Session()
|
|||||||
enc_key_(wvcdm::KEY_SIZE),
|
enc_key_(wvcdm::KEY_SIZE),
|
||||||
public_rsa_(0),
|
public_rsa_(0),
|
||||||
message_size_(sizeof(MessageData)),
|
message_size_(sizeof(MessageData)),
|
||||||
num_keys_(4) { // Most tests only use 4 keys.
|
num_keys_(4), // Most tests only use 4 keys.
|
||||||
// Other tests will explicitly call set_num_keys.
|
// Other tests will explicitly call set_num_keys.
|
||||||
|
has_entitlement_license_(false) {
|
||||||
// Stripe the padded message.
|
// Stripe the padded message.
|
||||||
for (size_t i = 0; i < sizeof(padded_message_.padding); i++) {
|
for (size_t i = 0; i < sizeof(padded_message_.padding); i++) {
|
||||||
padded_message_.padding[i] = i % 0x100;
|
padded_message_.padding[i] = i % 0x100;
|
||||||
@@ -310,6 +311,7 @@ void Session::LoadEnitlementTestKeys(const std::string& pst,
|
|||||||
}
|
}
|
||||||
|
|
||||||
void Session::FillEntitledKeyArray() {
|
void Session::FillEntitledKeyArray() {
|
||||||
|
has_entitlement_license_ = true;
|
||||||
for (size_t i = 0; i < num_keys_; ++i) {
|
for (size_t i = 0; i < num_keys_; ++i) {
|
||||||
EntitledContentKeyData* key_data = &entitled_key_data_[i];
|
EntitledContentKeyData* key_data = &entitled_key_data_[i];
|
||||||
|
|
||||||
@@ -594,10 +596,10 @@ void Session::EncryptAndSign() {
|
|||||||
AES_cbc_encrypt(&license_.mac_keys[0], &encrypted_license().mac_keys[0],
|
AES_cbc_encrypt(&license_.mac_keys[0], &encrypted_license().mac_keys[0],
|
||||||
2 * wvcdm::MAC_KEY_SIZE, &aes_key, iv_buffer, AES_ENCRYPT);
|
2 * wvcdm::MAC_KEY_SIZE, &aes_key, iv_buffer, AES_ENCRYPT);
|
||||||
|
|
||||||
|
int key_size = has_entitlement_license() ? 256 : 128;
|
||||||
for (unsigned int i = 0; i < num_keys_; i++) {
|
for (unsigned int i = 0; i < num_keys_; i++) {
|
||||||
memcpy(iv_buffer, &license_.keys[i].control_iv[0], wvcdm::KEY_IV_SIZE);
|
memcpy(iv_buffer, &license_.keys[i].control_iv[0], wvcdm::KEY_IV_SIZE);
|
||||||
AES_set_encrypt_key(&license_.keys[i].key_data[0],
|
AES_set_encrypt_key(&license_.keys[i].key_data[0], key_size, &aes_key);
|
||||||
license_.keys[i].key_data_length * 8, &aes_key);
|
|
||||||
AES_cbc_encrypt(
|
AES_cbc_encrypt(
|
||||||
reinterpret_cast<const uint8_t*>(&license_.keys[i].control),
|
reinterpret_cast<const uint8_t*>(&license_.keys[i].control),
|
||||||
reinterpret_cast<uint8_t*>(&encrypted_license().keys[i].control),
|
reinterpret_cast<uint8_t*>(&encrypted_license().keys[i].control),
|
||||||
|
|||||||
@@ -370,6 +370,9 @@ class Session {
|
|||||||
// The size of the encrypted message.
|
// The size of the encrypted message.
|
||||||
size_t message_size() { return message_size_; }
|
size_t message_size() { return message_size_; }
|
||||||
|
|
||||||
|
// If this session has an entitlement license.
|
||||||
|
bool has_entitlement_license() const { return has_entitlement_license_; }
|
||||||
|
|
||||||
private:
|
private:
|
||||||
// Generate mac and enc keys give the master key.
|
// Generate mac and enc keys give the master key.
|
||||||
void DeriveKeys(const uint8_t* master_key,
|
void DeriveKeys(const uint8_t* master_key,
|
||||||
@@ -399,6 +402,7 @@ class Session {
|
|||||||
vector<uint8_t> encrypted_usage_entry_;
|
vector<uint8_t> encrypted_usage_entry_;
|
||||||
uint32_t usage_entry_number_;
|
uint32_t usage_entry_number_;
|
||||||
string pst_;
|
string pst_;
|
||||||
|
bool has_entitlement_license_;
|
||||||
|
|
||||||
// Clear Entitlement key data. This is the backing data for
|
// Clear Entitlement key data. This is the backing data for
|
||||||
// |entitled_key_array_|.
|
// |entitled_key_array_|.
|
||||||
|
|||||||
Reference in New Issue
Block a user