Add support for crypto HAL on L3 devices DO NOT MERGE
Includes widevine library release version 4.5.0.7571 Change-Id: I9e574d5606576aab376d0524a4bf1a81e5a61678 related-to-bug: 6427322 related-to-bug: 6427274
This commit is contained in:
Jeff Tinker
@@ -16,16 +16,20 @@
|
||||
|
||||
//#define LOG_NDEBUG 0
|
||||
#define LOG_TAG "wv_crypto_plugin"
|
||||
#include <cutils/properties.h>
|
||||
#include <utils/Log.h>
|
||||
|
||||
#include "WVCryptoPlugin.h"
|
||||
#include <string.h>
|
||||
#include <openssl/md5.h>
|
||||
|
||||
#include <media/stagefright/foundation/ADebug.h>
|
||||
#include <media/stagefright/foundation/hexdump.h>
|
||||
#include <media/stagefright/MediaErrors.h>
|
||||
|
||||
#include "WVCryptoPlugin.h"
|
||||
|
||||
#ifdef REQUIRE_SECURE_BUFFERS
|
||||
#include <OEMCrypto_L1.h>
|
||||
|
||||
#include <string.h>
|
||||
#endif
|
||||
|
||||
android::CryptoFactory *createCryptoFactory() {
|
||||
return new android::WVCryptoFactory;
|
||||
@@ -40,30 +44,35 @@ const uint8_t WVCryptoFactory::kUUIDWidevine[16] = {
|
||||
};
|
||||
|
||||
WVCryptoPlugin::WVCryptoPlugin(const void *data, size_t size)
|
||||
: mInitCheck(NO_INIT) {
|
||||
|
||||
: mInitCheck(NO_INIT)
|
||||
{
|
||||
// not using data at this time, require
|
||||
// size to be zero.
|
||||
if (size > 0) {
|
||||
mInitCheck = -EINVAL;
|
||||
} else {
|
||||
mInitCheck = OK;
|
||||
|
||||
#ifdef REQUIRE_SECURE_BUFFERS
|
||||
OEMCryptoResult res = OEMCrypto_Initialize();
|
||||
if (res != OEMCrypto_SUCCESS) {
|
||||
ALOGE("OEMCrypto_Initialize failed: %d", res);
|
||||
mInitCheck = -EINVAL;
|
||||
} else {
|
||||
mInitCheck = OK;
|
||||
}
|
||||
#endif
|
||||
}
|
||||
}
|
||||
|
||||
WVCryptoPlugin::~WVCryptoPlugin() {
|
||||
|
||||
#ifdef REQUIRE_SECURE_BUFFERS
|
||||
if (mInitCheck == OK) {
|
||||
OEMCryptoResult res = OEMCrypto_Terminate();
|
||||
if (res != OEMCrypto_SUCCESS) {
|
||||
ALOGW("OEMCrypto_Terminate failed: %d", res);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
status_t WVCryptoPlugin::initCheck() const {
|
||||
@@ -71,7 +80,11 @@ status_t WVCryptoPlugin::initCheck() const {
|
||||
}
|
||||
|
||||
bool WVCryptoPlugin::requiresSecureDecoderComponent(const char *mime) const {
|
||||
#ifdef REQUIRE_SECURE_BUFFERS
|
||||
return !strncasecmp(mime, "video/", 6);
|
||||
#else
|
||||
return false;
|
||||
#endif
|
||||
}
|
||||
|
||||
status_t WVCryptoPlugin::decrypt(
|
||||
@@ -85,7 +98,7 @@ status_t WVCryptoPlugin::decrypt(
|
||||
AString *errorDetailMsg) {
|
||||
Mutex::Autolock autoLock(mLock);
|
||||
|
||||
//ALOGD("mode=%d, secure=%d, numSubSamples=%d", mode, secure, numSubSamples);
|
||||
|
||||
CHECK(mode == kMode_Unencrypted || mode == kMode_AES_WV);
|
||||
|
||||
size_t offset = 0;
|
||||
@@ -104,6 +117,8 @@ status_t WVCryptoPlugin::decrypt(
|
||||
|
||||
//ALOGD("size[%d]=%d", i, srcSize);
|
||||
|
||||
#ifdef REQUIRE_SECURE_BUFFERS
|
||||
// decrypt using OEMCrypto API, used for L1 devices
|
||||
OEMCrypto_UINT32 dstLength = srcSize;
|
||||
|
||||
OEMCryptoResult res;
|
||||
@@ -141,10 +156,88 @@ status_t WVCryptoPlugin::decrypt(
|
||||
}
|
||||
|
||||
offset += dstLength;
|
||||
#else
|
||||
if (mode == kMode_Unencrypted) {
|
||||
memcpy((char *)dstPtr + offset, (char *)srcPtr + offset, srcSize);
|
||||
} else {
|
||||
status_t status = decryptSW(key, (uint8_t *)dstPtr + offset,
|
||||
(const uint8_t *)srcPtr + offset, srcSize);
|
||||
if (status != OK) {
|
||||
ALOGE("decryptSW returned %d", status);
|
||||
return status;
|
||||
}
|
||||
}
|
||||
|
||||
offset += srcSize;
|
||||
#endif
|
||||
}
|
||||
|
||||
return OK;
|
||||
}
|
||||
|
||||
// SW AES CTS decrypt, used only for L3 devices
|
||||
status_t WVCryptoPlugin::decryptSW(const uint8_t *key, uint8_t *out,
|
||||
const uint8_t *in, size_t length)
|
||||
{
|
||||
#ifndef REQUIRE_SECURE_BUFFERS
|
||||
unsigned char iv[kAES128BlockSize] = {0};
|
||||
|
||||
if (memcmp(key, mEncKey, sizeof(mEncKey)) != 0) {
|
||||
// key has changed, recompute mAesKey from key
|
||||
uint8_t hash[MD5_DIGEST_LENGTH];
|
||||
char value[PROPERTY_VALUE_MAX] = {0};
|
||||
char seed[] = "34985woeirsdlkfjxc";
|
||||
|
||||
property_get("ro.serialno", value, NULL);
|
||||
|
||||
MD5_CTX ctx;
|
||||
MD5_Init(&ctx);
|
||||
MD5_Update(&ctx, (uint8_t *)seed, sizeof(seed));
|
||||
MD5_Update(&ctx, (uint8_t *)value, strlen(value));
|
||||
MD5_Final(hash, &ctx);
|
||||
|
||||
AES_KEY aesKey;
|
||||
if (AES_set_decrypt_key(hash, sizeof(hash) * 8, &aesKey) == 0) {
|
||||
uint8_t clearKey[kAES128BlockSize];
|
||||
AES_ecb_encrypt(key, clearKey, &aesKey, 0);
|
||||
|
||||
if (AES_set_decrypt_key(clearKey, sizeof(hash) * 8, &mAesKey) == 0) {
|
||||
memcpy(mEncKey, key, sizeof(mEncKey));
|
||||
} else {
|
||||
return -EINVAL;
|
||||
}
|
||||
} else {
|
||||
return -EINVAL;
|
||||
}
|
||||
}
|
||||
|
||||
size_t k, r = length % kAES128BlockSize;
|
||||
|
||||
if (r) {
|
||||
k = length - r - kAES128BlockSize;
|
||||
} else {
|
||||
k = length;
|
||||
}
|
||||
|
||||
AES_cbc_encrypt(in, out, k, &mAesKey, iv, 0);
|
||||
|
||||
if (r) {
|
||||
// cipher text stealing - Schneier Figure 9.5 p 196
|
||||
unsigned char peniv[kAES128BlockSize] = {0};
|
||||
memcpy(peniv, in + k + kAES128BlockSize, r);
|
||||
|
||||
AES_cbc_encrypt(in + k, out + k, kAES128BlockSize, &mAesKey, peniv, 0);
|
||||
|
||||
// exchange the final plaintext and ciphertext
|
||||
for (size_t i = 0; i < r; i++) {
|
||||
*(out + k + kAES128BlockSize + i) = *(out + k + i);
|
||||
*(out + k + i) = *(in + k + kAES128BlockSize + i);
|
||||
}
|
||||
AES_cbc_encrypt(out + k, out + k, kAES128BlockSize, &mAesKey, iv, 0);
|
||||
}
|
||||
#endif
|
||||
return OK;
|
||||
}
|
||||
|
||||
} // namespace android
|
||||
|
||||
|
||||
Reference in New Issue
Block a user