Verify cipher block mode during decryption

[ Merge from http://go/wvgerrit/16498 ]

The CDM now supports AES CTR and CBC block cipher modes. The license
specifies the mode to be used in the key container. The mode is
also specified in mediaCrypto when calling decrypt. This adds
verification for the cipher block mode.

Change-Id: I2587fc1e4b6d77161f2f8653f8516024c73dd8ac

libwvdrmengine/cdm/core/include/crypto_session.h

@@ -134,6 +134,8 @@ class CryptoSession {
   uint64_t request_id_base_;
   static uint64_t request_id_index_;
 
+  CdmCipherMode cipher_mode_;
+
   CORE_DISALLOW_COPY_AND_ASSIGN(CryptoSession);
 };
 

libwvdrmengine/cdm/core/include/wv_cdm_types.h

@@ -214,6 +214,7 @@ enum CdmResponseType {
   LOAD_USAGE_INFO_FILE_ERROR,
   LOAD_USAGE_INFO_MISSING,
   SESSION_FILE_HANDLE_INIT_ERROR,
+  INCORRECT_CRYPTO_MODE,
 };
 
 enum CdmKeyStatus {
@@ -295,6 +296,7 @@ struct CdmCencPatternEncryptionDescriptor {
 struct CdmDecryptionParameters {
   bool is_encrypted;
   bool is_secure;
+  CdmCipherMode cipher_mode;
   const KeyId* key_id;
   const uint8_t* encrypt_buffer;
   size_t encrypt_length;
@@ -309,6 +311,7 @@ struct CdmDecryptionParameters {
   CdmDecryptionParameters()
       : is_encrypted(true),
         is_secure(true),
+        cipher_mode(kCipherModeCtr),
         key_id(NULL),
         encrypt_buffer(NULL),
         encrypt_length(0),
@@ -325,6 +328,7 @@ struct CdmDecryptionParameters {
                           size_t offset, void* decrypted_buffer)
       : is_encrypted(true),
         is_secure(true),
+        cipher_mode(kCipherModeCtr),
         key_id(key),
         encrypt_buffer(encrypted_buffer),
         encrypt_length(encrypted_length),

libwvdrmengine/cdm/core/src/crypto_session.cpp

@@ -40,7 +40,8 @@ CryptoSession::CryptoSession()
       update_usage_table_after_close_session_(false),
       is_destination_buffer_type_valid_(false),
       requested_security_level_(kLevelDefault),
-      request_id_base_(0) {
+      request_id_base_(0),
+      cipher_mode_(kCipherModeCtr) {
   Init();
 }
 
@@ -415,6 +416,7 @@ CdmResponseType CryptoSession::LoadKeys(
     ko->cipher_mode = ki->cipher_mode() == kCipherModeCbc
                           ? OEMCrypto_CipherMode_CBC
                           : OEMCrypto_CipherMode_CTR;
+    cipher_mode_ = ki->cipher_mode();
   }
   uint8_t* pst = NULL;
   if (!provider_session_token.empty()) {
@@ -674,6 +676,9 @@ CdmResponseType CryptoSession::Decrypt(const CdmDecryptionParameters& params) {
                                params.encrypt_buffer, params.encrypt_length,
                                &buffer_descriptor, params.subsample_flags);
   }
+  if (params.cipher_mode != cipher_mode_) {
+    return INCORRECT_CRYPTO_MODE;
+  }
   if (params.is_encrypted || sts == OEMCrypto_ERROR_NOT_IMPLEMENTED) {
     OEMCrypto_CENCEncryptPatternDesc pattern_descriptor;
     pattern_descriptor.encrypt = params.pattern_descriptor.encrypt_blocks;

libwvdrmengine/include/WVErrors.h

@@ -184,7 +184,8 @@ enum {
   kLoadUsageInfoFileError = ERROR_DRM_VENDOR_MIN + 170,
   kLoadUsageInfoMissing = ERROR_DRM_VENDOR_MIN + 171,
   kSessionFileHandleInitError = ERROR_DRM_VENDOR_MIN + 172,
-  kErrorWVDrmMaxErrorUsed = ERROR_DRM_VENDOR_MIN + 172,
+  kIncorrectCryptoMode = ERROR_DRM_VENDOR_MIN + 173,
+  kErrorWVDrmMaxErrorUsed = ERROR_DRM_VENDOR_MIN + 173,
 
   // Used by crypto test mode
   kErrorTestMode = ERROR_DRM_VENDOR_MAX,

libwvdrmengine/include/mapErrors-inl.h

@@ -351,6 +351,8 @@ static android::status_t mapCdmResponseType(wvcdm::CdmResponseType res) {
       return kLoadUsageInfoMissing;
     case wvcdm::SESSION_FILE_HANDLE_INIT_ERROR:
       return kSessionFileHandleInitError;
+    case wvcdm::INCORRECT_CRYPTO_MODE:
+      return kIncorrectCryptoMode;
     case wvcdm::UNKNOWN_ERROR:
       return android::ERROR_DRM_UNKNOWN;
     case wvcdm::SECURE_BUFFER_REQUIRED: