Make IV const in privacy_crypto

Merged from https://widevine-internal-review.googlesource.com/188677

Change-Id: I17346b54259ca1929ef40a8d61aef38969800159

libwvdrmengine/cdm/core/include/privacy_crypto.h

@@ -37,7 +37,7 @@ class AesCbcKey {
   ~AesCbcKey();
 
   bool Init(const std::string& key);
-  bool Encrypt(const std::string& in, std::string* out, std::string* iv);
+  bool Encrypt(const std::string& in, const std::string& iv, std::string* out);
 
  private:
   std::string key_;

libwvdrmengine/cdm/core/src/privacy_crypto_boringssl.cpp

@@ -89,18 +89,14 @@ bool AesCbcKey::Init(const std::string& key) {
   return true;
 }
 
-bool AesCbcKey::Encrypt(const std::string& in, std::string* out,
+bool AesCbcKey::Encrypt(const std::string& in, const std::string& iv,
-                        std::string* iv) {
+                        std::string* out) {
   if (in.empty()) {
     LOGE("No cleartext provided");
     return false;
   }
-  if (iv == nullptr) {
+  if (iv.size() != AES_BLOCK_SIZE) {
-    LOGE("Initialization vector output parameter |iv| not provided");
+    LOGE("Invalid IV size: %zu", iv.size());
-    return false;
-  }
-  if (iv->size() != AES_BLOCK_SIZE) {
-    LOGE("Invalid IV size: %zu", iv->size());
     return false;
   }
   if (out == nullptr) {
@@ -114,8 +110,8 @@ bool AesCbcKey::Encrypt(const std::string& in, std::string* out,
 
   EVP_CIPHER_CTX* evp_cipher_ctx = EVP_CIPHER_CTX_new();
   if (EVP_EncryptInit(evp_cipher_ctx, EVP_aes_128_cbc(),
-                      reinterpret_cast<uint8_t*>(&key_[0]),
+                      reinterpret_cast<const uint8_t*>(&key_[0]),
-                      reinterpret_cast<uint8_t*>(&(*iv)[0])) == 0) {
+                      reinterpret_cast<const uint8_t*>(&iv[0])) == 0) {
     LOGE("AES CBC setup failure: %s",
          ERR_error_string(ERR_get_error(), nullptr));
     EVP_CIPHER_CTX_free(evp_cipher_ctx);
@@ -124,10 +120,10 @@ bool AesCbcKey::Encrypt(const std::string& in, std::string* out,
 
   out->resize(in.size() + AES_BLOCK_SIZE);
   int out_length = static_cast<int>(out->size());
-  if (EVP_EncryptUpdate(
+  if (EVP_EncryptUpdate(evp_cipher_ctx, reinterpret_cast<uint8_t*>(&(*out)[0]),
-          evp_cipher_ctx, reinterpret_cast<uint8_t*>(&(*out)[0]), &out_length,
+                        &out_length,
-          reinterpret_cast<uint8_t*>(const_cast<char*>(in.data())),
+                        reinterpret_cast<const uint8_t*>(in.data()),
-          static_cast<int>(in.size())) == 0) {
+                        static_cast<int>(in.size())) == 0) {
     LOGE("AES CBC encryption failure: %s",
          ERR_error_string(ERR_get_error(), nullptr));
     EVP_CIPHER_CTX_free(evp_cipher_ctx);

libwvdrmengine/cdm/core/src/privacy_crypto_dummy.cpp

@@ -29,8 +29,8 @@ AesCbcKey::~AesCbcKey() {}
 
 bool AesCbcKey::Init(const std::string& key) { return false; }
 
-bool AesCbcKey::Encrypt(const std::string& in, std::string* out,
+bool AesCbcKey::Encrypt(const std::string& in, const std::string& iv,
-                        std::string* iv) {
+                        std::string* out) {
   return false;
 }
 

libwvdrmengine/cdm/core/src/service_certificate.cpp

@@ -251,7 +251,7 @@ CdmResponseType ServiceCertificate::EncryptClientId(
 
   AesCbcKey aes;
   if (!aes.Init(key)) return CdmResponseType(CLIENT_ID_AES_INIT_ERROR);
-  if (!aes.Encrypt(id, &enc_id, &iv))
+  if (!aes.Encrypt(id, iv, &enc_id))
     return CdmResponseType(CLIENT_ID_AES_ENCRYPT_ERROR);
 
   CdmResponseType encrypt_result = EncryptRsaOaep(key, &enc_key);