widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Skip key padding better"

Browse Source
This commit is contained in:
TreeHugger Robot
2022-05-04 00:19:06 +00:00
committed by Android (Google) Code Review
parent 69a4312510 30a3da1b83
commit b6cb5024cc
2 changed files with 21 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
libwvdrmengine/cdm/core/include/wv_cdm_constants.h
View File

@@ -15,6 +15,7 @@ static const size_t KEY_PAD_SIZE = 16;
static const size_t CONTENT_KEY_SIZE = 16;
static const size_t SERVICE_KEY_SIZE = 16;
static const size_t MAC_KEY_SIZE = 32;
static const size_t ENTITLEMENT_KEY_SIZE = 32;
static const size_t KEYBOX_KEY_DATA_SIZE = 72;
static const size_t SRM_REQUIREMENT_SIZE = 12;

37
libwvdrmengine/cdm/core/src/license.cpp
View File

@@ -55,17 +55,19 @@ std::vector<CryptoKey> ExtractEntitlementKeys(const License& license) {
for (int i = 0; i < license.key_size(); ++i) {
CryptoKey key;
size_t length = 0;
switch (license.key(i).type()) {
case License_KeyContainer::ENTITLEMENT: {
// Strip off PKCS#5 padding - since we know the key is 32 or 48 bytes,
// the padding will always be 16 bytes.
if (license.key(i).key().size() > 32) {
length = license.key(i).key().size() - 16;
} else {
length = 0;
// We always take the first ENTITLEMENT_KEY_SIZE bytes and ignore the
// rest in order to ignore any padding.
if (license.key(i).key().size() < ENTITLEMENT_KEY_SIZE) {
LOGE(
"Skipping key %s because it is too small. Expected: %zu vs. "
"Actual: %zu",
license.key(i).id().c_str(), ENTITLEMENT_KEY_SIZE,
license.key(i).key().size());
continue;
}
key.set_key_data(license.key(i).key().substr(0, length));
key.set_key_data(license.key(i).key().substr(0, ENTITLEMENT_KEY_SIZE));
key.set_key_data_iv(license.key(i).iv());
key.set_key_id(license.key(i).id());
key.set_track_label(license.key(i).track_label());
@@ -111,20 +113,21 @@ std::vector<CryptoKey> ExtractContentKeys(const License& license) {
// Extract content key(s)
for (int i = 0; i < license.key_size(); ++i) {
CryptoKey key;
size_t length;
switch (license.key(i).type()) {
case License_KeyContainer::CONTENT:
case License_KeyContainer::OPERATOR_SESSION: {
key.set_key_id(license.key(i).id());
// Strip off PKCS#5 padding - since we know the key is 16 or 32 bytes,
// the padding will always be 16 bytes.
// TODO(b/111069024): remove this!
if (license.key(i).key().size() > 16) {
length = license.key(i).key().size() - 16;
} else {
length = 0;
// We always take the first CONTENT_KEY_SIZE bytes and ignore the rest
// in order to ignore any padding.
if (license.key(i).key().size() < CONTENT_KEY_SIZE) {
LOGE(
"Skipping key %s because it is too small. Expected: %zu vs. "
"Actual: %zu",
license.key(i).id().c_str(), CONTENT_KEY_SIZE,
license.key(i).key().size());
continue;
}
key.set_key_data(license.key(i).key().substr(0, length));
key.set_key_data(license.key(i).key().substr(0, CONTENT_KEY_SIZE));
key.set_key_data_iv(license.key(i).iv());
if (license.key(i).has_key_control()) {
key.set_key_control(license.key(i).key_control().key_control_block());