widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Support 32 bytes session key

Browse Source 
[ Merge of http://go/wvgerrit/149849 ]

With ECC based DRM cert, the session key is expected to be 32, as
compared to 16 bytes in RSA case. This CL adds supports for 32 bytes
session key.

Bug: 236317198
Test: oemcrypto_test
Change-Id: I657fdd92d17736a23375ddcd457f83efa6ca6d1f
This commit is contained in:
Alex Dale
2022-06-21 16:01:20 -07:00
parent 02c7062349
commit d874fffaec
6 changed files with 63 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
libwvdrmengine/oemcrypto/test/oec_session_util.cpp
View File

@@ -568,8 +568,8 @@ void LicenseRoundTrip::VerifyRequestSignature(
generated_signature.size(), kSign_RSASSA_PSS);
SHA256(data.data(), core_message_length, request_hash_);
} else {
session()->VerifyRsaSignature(data, generated_signature.data(),
generated_signature.size(), kSign_RSASSA_PSS);
session()->VerifySignature(data, generated_signature.data(),
generated_signature.size(), kSign_RSASSA_PSS);
SHA256(data.data(), core_message_length, request_hash_);
}
}
@@ -1498,7 +1498,8 @@ void Session::GenerateDerivedKeysFromKeybox(
OEMCrypto_GenerateDerivedKeys(
session_id(), mac_context.data(), mac_context.size(),
enc_context.data(), enc_context.size()));
key_deriver_.DeriveKeys(keybox.device_key_, mac_context, enc_context);
key_deriver_.DeriveKeys(keybox.device_key_, sizeof(keybox.device_key_),
mac_context, enc_context);
}
void Session::GenerateDerivedKeysFromSessionKey() {
@@ -1509,7 +1510,7 @@ void Session::GenerateDerivedKeysFromSessionKey() {
<< "No public RSA/ECC key loaded in test code";
// A failure here probably indicates that there is something wrong with the
// test program and its dependency on BoringSSL.
ASSERT_TRUE(GenerateRsaSessionKey(&session_key, &enc_session_key));
ASSERT_TRUE(GenerateSessionKey(&session_key, &enc_session_key));
vector<uint8_t> mac_context;
vector<uint8_t> enc_context;
FillDefaultContext(&mac_context, &enc_context);
@@ -1520,7 +1521,8 @@ void Session::GenerateDerivedKeysFromSessionKey() {
mac_context.data(), mac_context.size(), enc_context.data(),
enc_context.size()));
key_deriver_.DeriveKeys(session_key.data(), mac_context, enc_context);
key_deriver_.DeriveKeys(session_key.data(), session_key.size(), mac_context,
enc_context);
}
void Session::TestDecryptCTR(bool select_key_first,
@@ -1764,6 +1766,18 @@ void Session::VerifyEccSignature(const vector<uint8_t>& message,
ASSERT_EQ(result, OEMCrypto_SUCCESS) << "ECC signature check failed";
}
void Session::VerifySignature(const vector<uint8_t>& message,
const uint8_t* signature, size_t signature_length,
RSA_Padding_Scheme padding_scheme) {
if (public_rsa_ != nullptr) {
return VerifyRsaSignature(message, signature, signature_length,
padding_scheme);
} else if (public_ec_ != nullptr) {
return VerifyEccSignature(message, signature, signature_length);
}
FAIL() << "No public RSA or ECC key loaded in test code";
}
bool Session::GenerateRsaSessionKey(vector<uint8_t>* session_key,
vector<uint8_t>* enc_session_key) {
if (!public_rsa_) {
@@ -1800,6 +1814,17 @@ bool Session::GenerateEccSessionKey(vector<uint8_t>* session_key,
return true;
}
bool Session::GenerateSessionKey(vector<uint8_t>* session_key,
vector<uint8_t>* key_material) {
if (public_rsa_ != nullptr) {
return GenerateRsaSessionKey(session_key, key_material);
} else if (public_ec_ != nullptr) {
return GenerateEccSessionKey(session_key, key_material);
}
cerr << "No public RSA or ECC key loaded in test code\n";
return false;
}
void Session::LoadWrappedDrmKey(OEMCrypto_PrivateKeyType key_type,
const vector<uint8_t>& wrapped_drm_key) {
ASSERT_EQ(OEMCrypto_SUCCESS,