a2e15186e5
This merges the following changes from the Widevine CDM repository:
da001b6 Add Privacy mode and service certificate
This adds support to the CDM for privacy mode and service certificates.
92bf200 Add support for using Youtube Content Protection server for testing
Enables testing with Youtube Content Protection server. Google Play license
server is still the default. Select YTCP server by using the flag -icp
e.g. adb shell '/system/bin/request_license_test -icp'
85dcd60 Fixes to enable privacy mode
These includes changes to use PKCS7 padding, corrected root CA formatting
and changes to integration test. Also refactored service certificate
handling.
989971c Correction to request license test
Corrected PropertySetTest to provision when needed. Also added disabled
privacy tests to run against YTCP staging server until GooglePlay
integration is complete.
Bug: 10109249
Change-Id: If81d68c65d743d77a485406f48d1be41a74de0af
78 lines
1.9 KiB
C++
78 lines
1.9 KiB
C++
// Copyright 2013 Google Inc. All Rights Reserved.
|
|
//
|
|
// RsaPublicKey based on //depot/google3/video/widevine/common/rsa_key.h by
|
|
// tinskip@google.com.
|
|
//
|
|
// Description:
|
|
// Declaration of classes representing AES and RSA public keys used
|
|
// for signature verification and encryption.
|
|
//
|
|
// AES encryption details:
|
|
// Algorithm: AES-CBC
|
|
//
|
|
// RSA signature details:
|
|
// Algorithm: RSASSA-PSS
|
|
// Hash algorithm: SHA1
|
|
// Mask generation function: mgf1SHA1
|
|
// Salt length: 20 bytes
|
|
// Trailer field: 0xbc
|
|
//
|
|
// RSA encryption details:
|
|
// Algorithm: RSA-OAEP
|
|
// Mask generation function: mgf1SHA1
|
|
// Label (encoding paramter): empty string
|
|
|
|
#ifndef CDM_BASE_PRIVACY_CRYPTO_H_
|
|
#define CDM_BASE_PRIVACY_CRYPTO_H_
|
|
|
|
#include <string>
|
|
|
|
#include "openssl/evp.h"
|
|
#include "openssl/rsa.h"
|
|
#include "wv_cdm_types.h"
|
|
|
|
namespace wvcdm {
|
|
|
|
class AesCbcKey {
|
|
public:
|
|
AesCbcKey() : initialized_(false) {};
|
|
~AesCbcKey() {};
|
|
|
|
bool Init(const std::string& key);
|
|
bool Encrypt(const std::string& in, std::string* out, std::string* iv);
|
|
|
|
private:
|
|
EVP_CIPHER_CTX ctx_;
|
|
bool initialized_;
|
|
|
|
CORE_DISALLOW_COPY_AND_ASSIGN(AesCbcKey);
|
|
};
|
|
|
|
class RsaPublicKey {
|
|
public:
|
|
RsaPublicKey() : key_(NULL) {}
|
|
~RsaPublicKey();
|
|
|
|
// Initializes an RsaPublicKey object using a DER encoded PKCS#1 RSAPublicKey
|
|
bool Init(const std::string& serialized_key);
|
|
|
|
// Encrypt a message using RSA-OAEP. Caller retains ownership of all
|
|
// parameters. Returns true if successful, false otherwise.
|
|
bool Encrypt(const std::string& plaintext,
|
|
std::string* ciphertext);
|
|
|
|
// Verify RSSASSA-PSS signature. Caller retains ownership of all parameters.
|
|
// Returns true if validation succeeds, false otherwise.
|
|
bool VerifySignature(const std::string& message,
|
|
const std::string& signature);
|
|
|
|
private:
|
|
RSA* key_;
|
|
|
|
CORE_DISALLOW_COPY_AND_ASSIGN(RsaPublicKey);
|
|
};
|
|
|
|
} // namespace wvcdm
|
|
|
|
#endif // CDM_BASE_PRIVACY_CRYPTO_H_
|