widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Don't add offsets to ion handles

Browse Source 
Fixes a secure buffer addressing offset error in the Widevine
CENC drm engine.

bug: 8667527

Merges the following from Widevine CDM repository:

Allow specification of offset into secure buffer
https://widevine-internal-review.googlesource.com/#/c/5100/

Update WVCryptoPlugin to Pass Output Offset as a Separate Parameter
https://widevine-internal-review.googlesource.com/#/c/5120/

Add offset to secure data buffer in OEMCrypto DecryptCTR
https://widevine-internal-review.googlesource.com/#/c/5110/

Change-Id: Ic3e4b35304c8fbae4aebe4c495285eb787e8c205
This commit is contained in:
Jeff Tinker
2013-04-19 16:40:38 -07:00
parent 87c3f5652f
commit d29372909d
15 changed files with 62 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.cpp
View File

@@ -856,7 +856,7 @@ bool CryptoEngine::DecryptMessage(SessionContext* session,
bool CryptoEngine::DecryptCTR(SessionContext* session,
const uint8_t* iv,
size_t byte_offset,
size_t block_offset,
const uint8_t* cipher_data,
size_t cipher_data_length,
bool is_encrypted,
@@ -922,18 +922,18 @@ bool CryptoEngine::DecryptCTR(SessionContext* session,
// Encrypt the IV.
uint8_t ecount_buf[AES_BLOCK_SIZE];
if (byte_offset != 0) {
if (block_offset != 0) {
// The context is needed only when not starting a new block.
AES_encrypt(aes_iv, ecount_buf, &aes_key);
ctr128_inc(aes_iv);
}
// Decryption.
unsigned int byte_offset_cur = byte_offset;
unsigned int block_offset_cur = block_offset;
AES_ctr128_encrypt(
cipher_data, reinterpret_cast<uint8_t*>(clear_data), cipher_data_length,
&aes_key, aes_iv, ecount_buf, &byte_offset_cur);
if (byte_offset_cur != ((byte_offset + cipher_data_length) % AES_BLOCK_SIZE)) {
&aes_key, aes_iv, ecount_buf, &block_offset_cur);
if (block_offset_cur != ((block_offset + cipher_data_length) % AES_BLOCK_SIZE)) {
LOGE("[DecryptCTR(): FAILURE: byte offset wrong.]");
return false;
}

2
libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h
View File

@@ -234,7 +234,7 @@ class CryptoEngine {
bool DecryptCTR(SessionContext* session,
const uint8_t* iv,
size_t byte_offset,
size_t block_offset,
const uint8_t* cipher_data,
size_t cipher_data_length,
bool is_encrypted,

7
libwvdrmengine/oemcrypto/mock/src/oemcrypto_mock.cpp
View File

@@ -501,7 +501,7 @@ OEMCryptoResult OEMCrypto_DecryptCTR(OEMCrypto_SESSION session,
size_t data_length,
bool is_encrypted,
const uint8_t* iv,
size_t offset,
size_t block_offset,
const OEMCrypto_DestBufferDesc* out_buffer) {
if (trace_all_calls) {
printf("-- OEMCryptoResult OEMCrypto_DecryptCTR(OEMCrypto_SESSION session,\n");
@@ -517,7 +517,8 @@ OEMCryptoResult OEMCrypto_DecryptCTR(OEMCrypto_SESSION session,
break;
case OEMCrypto_BufferType_Secure:
buffer_type = kBufferTypeSecure;
destination = out_buffer->buffer.secure.handle;
destination = (out_buffer->buffer.secure.handle
+ out_buffer->buffer.secure.offset);
max_length = out_buffer->buffer.secure.max_length;
break;
default:
@@ -551,7 +552,7 @@ OEMCryptoResult OEMCrypto_DecryptCTR(OEMCrypto_SESSION session,
return OEMCrypto_ERROR_INVALID_CONTEXT;
}
if (!crypto_engine->DecryptCTR(session_ctx, iv, (int)offset,
if (!crypto_engine->DecryptCTR(session_ctx, iv, (int)block_offset,
data_addr, data_length, is_encrypted,
destination, buffer_type)) {
LOGE("[OEMCrypto_DecryptCTR(): OEMCrypto_ERROR_DECRYPT_FAILED]");