widevine-partner/ce_cdm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Source release 19.3.0

Browse Source
This commit is contained in:
John W. Bruce
2024-09-05 07:02:36 +00:00
parent cd8256726f
commit 11c108a8da
122 changed files with 2259 additions and 1082 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
oemcrypto/util/include/bcc_validator.h
View File

@@ -7,12 +7,15 @@
#ifndef WVOEC_UTIL_BCC_VALIDATOR_H_
#define WVOEC_UTIL_BCC_VALIDATOR_H_
#include <inttypes.h>
#include <sstream>
#include <string>
#include <vector>
#include "cbor_validator.h"
#include "cppbor.h"
#include "wv_class_utils.h"
namespace wvoec {
namespace util {
@@ -45,10 +48,10 @@ struct BccPublicKeyInfo {
// Google Dice Profile: go/dice-profile
class BccValidator : public CborValidator {
public:
explicit BccValidator() {}
BccValidator() = default;
virtual ~BccValidator() override = default;
BccValidator(const BccValidator&) = delete;
BccValidator& operator=(const BccValidator&) = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(BccValidator);
// Verifies the Cbor struct of a client generated root of trust. This message
// is part of an attestation model conforming to the Google Open Dice Profile.
// This message is received from a client device to attest it is a valid
@@ -75,7 +78,7 @@ class BccValidator : public CborValidator {
const std::vector<uint8_t>& signature);
// Used to generate formatted message.
std::stringstream msg_ss_;
};
}; // class BccValidator
} // namespace util
} // namespace wvoec
#endif // WVOEC_UTIL_BCC_VALIDATOR_H_

11
oemcrypto/util/include/cbor_validator.h
View File

@@ -7,11 +7,15 @@
#ifndef WVOEC_UTIL_CBOR_VALIDATOR_H_
#define WVOEC_UTIL_CBOR_VALIDATOR_H_
#include <inttypes.h>
#include <string>
#include <utility>
#include <vector>
#include "cppbor.h"
#include "cppbor_parse.h"
#include "wv_class_utils.h"
namespace wvoec {
namespace util {
@@ -33,10 +37,9 @@ std::string CborMessageStatusToString(CborMessageStatus status);
class CborValidator {
public:
explicit CborValidator() {}
CborValidator() = default;
WVCDM_DISALLOW_COPY_AND_MOVE(CborValidator);
virtual ~CborValidator() = default;
CborValidator(const CborValidator&) = delete;
CborValidator& operator=(const CborValidator&) = delete;
// Decodes |cbor| and sets |message_status_|.
virtual CborMessageStatus Parse(const std::vector<uint8_t>& cbor);
@@ -80,7 +83,7 @@ class CborValidator {
// Internal status of parsing and validating.
cppbor::ParseResult parse_result_ = {};
std::vector<std::pair<CborMessageStatus, std::string>> validate_messages_;
};
}; // class CborValidator
} // namespace util
} // namespace wvoec
#endif // WVOEC_UTIL_CBOR_VALIDATOR_H_

10
oemcrypto/util/include/cmac.h
View File

@@ -7,18 +7,22 @@
#ifndef WVOEC_UTIL_CMAC_H_
#define WVOEC_UTIL_CMAC_H_
#include <inttypes.h>
#include <stddef.h>
#include <stdint.h>
#include <memory>
#include <vector>
#include <openssl/cmac.h>
#include "wv_class_utils.h"
namespace wvoec {
namespace util {
class Cmac {
public:
WVCDM_DISALLOW_COPY_AND_MOVE(Cmac);
// Creates an AES-128-CMAC or an AES-256-CMAC depending on |key_size|.
// Returns an empty pointer if the key size is not valid.
static std::unique_ptr<Cmac> Create(const uint8_t* key, size_t key_size);
@@ -48,14 +52,14 @@ class Cmac {
~Cmac();
private:
Cmac() {}
Cmac() = default;
// Assumes |key_size| is a valid AES-128 or AES-256 key.
bool Init(const uint8_t* key, size_t key_size);
CMAC_CTX* ctx_ = nullptr;
bool ready_ = false;
};
}; // class Cmac
} // namespace util
} // namespace wvoec
#endif // WVOEC_UTIL_CMAC_H_

12
oemcrypto/util/include/device_info_validator.h
View File

@@ -7,12 +7,15 @@
#ifndef WVOEC_UTIL_DEVICE_INFO_VALIDATOR_H_
#define WVOEC_UTIL_DEVICE_INFO_VALIDATOR_H_
#include <inttypes.h>
#include <sstream>
#include <string>
#include <vector>
#include "cbor_validator.h"
#include "cppbor.h"
#include "wv_class_utils.h"
namespace wvoec {
namespace util {
@@ -21,12 +24,13 @@ namespace util {
// https://source.corp.google.com/h/googleplex-android/platform/superproject/main/+/main:hardware/interfaces/security/rkp/aidl/android/hardware/security/keymint/DeviceInfoV3.cddl
class DeviceInfoValidator : public CborValidator {
public:
DeviceInfoValidator() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(DeviceInfoValidator);
explicit DeviceInfoValidator(int version_number)
: version_number_(version_number) {}
DeviceInfoValidator() = delete;
virtual ~DeviceInfoValidator() override = default;
DeviceInfoValidator(const DeviceInfoValidator&) = delete;
DeviceInfoValidator& operator=(const DeviceInfoValidator&) = delete;
// Decodes |device_info| and sets |message_status_|.
virtual CborMessageStatus Parse(
@@ -48,7 +52,7 @@ class DeviceInfoValidator : public CborValidator {
int version_number_;
// Saved Cbor-encoded device info.
std::vector<uint8_t> device_info_bytes_;
};
}; // class DeviceInfoValidator
} // namespace util
} // namespace wvoec
#endif // WVOEC_UTIL_DEVICE_INFO_VALIDATOR_H_

2
oemcrypto/util/include/hmac.h
View File

@@ -7,8 +7,8 @@
#ifndef WVOEC_UTIL_HMAC_H_
#define WVOEC_UTIL_HMAC_H_
#include <inttypes.h>
#include <stddef.h>
#include <stdint.h>
#include <string>
#include <vector>

6
oemcrypto/util/include/oemcrypto_drm_key.h
View File

@@ -14,6 +14,7 @@
#include "OEMCryptoCENCCommon.h"
#include "oemcrypto_ecc_key.h"
#include "oemcrypto_rsa_key.h"
#include "wv_class_utils.h"
namespace wvoec {
namespace util {
@@ -21,6 +22,9 @@ namespace util {
// OEMCrypto session's RSA/ECC private key.
class DrmPrivateKey {
public:
WVCDM_DISALLOW_COPY_AND_MOVE(DrmPrivateKey);
~DrmPrivateKey() = default;
// Create an RSA-based DRM key.
static std::unique_ptr<DrmPrivateKey> Create(
std::shared_ptr<RsaPrivateKey>&& rsa_key);
@@ -71,8 +75,6 @@ class DrmPrivateKey {
std::vector<uint8_t> GenerateRsaSignature(
const std::vector<uint8_t>& message) const;
~DrmPrivateKey() {}
private:
DrmPrivateKey() {}

29
oemcrypto/util/include/oemcrypto_ecc_key.h
View File

@@ -7,8 +7,8 @@
#ifndef WVOEC_UTIL_ECC_KEY_H_
#define WVOEC_UTIL_ECC_KEY_H_
#include <inttypes.h>
#include <stddef.h>
#include <stdint.h>
#include <memory>
#include <string>
@@ -17,6 +17,7 @@
#include <openssl/ec.h>
#include "OEMCryptoCENCCommon.h"
#include "wv_class_utils.h"
namespace wvoec {
namespace util {
@@ -35,6 +36,9 @@ class EccPrivateKey;
class EccPublicKey {
public:
~EccPublicKey();
WVCDM_DISALLOW_COPY_AND_MOVE(EccPublicKey);
// Creates a new public key equivalent of the provided private key.
static std::unique_ptr<EccPublicKey> New(const EccPrivateKey& private_key);
@@ -173,15 +177,8 @@ class EccPublicKey {
const std::vector<uint8_t>& message,
const std::vector<uint8_t>& signature) const;
~EccPublicKey();
EccPublicKey(const EccPublicKey&) = delete;
EccPublicKey(EccPublicKey&&) = delete;
const EccPublicKey& operator=(const EccPublicKey&) = delete;
EccPublicKey& operator=(EccPublicKey&&) = delete;
private:
EccPublicKey() {}
EccPublicKey() = default;
// Initializes the public key object using the provided |buffer|.
// In case of any failure, false is return and the key should be
@@ -207,6 +204,9 @@ class EccPublicKey {
class EccPrivateKey {
public:
~EccPrivateKey();
WVCDM_DISALLOW_COPY_AND_MOVE(EccPrivateKey);
// Creates a new, pseudorandom ECC private key belonging to the
// curve specified.
static std::unique_ptr<EccPrivateKey> New(EccCurve curve);
@@ -318,7 +318,7 @@ class EccPrivateKey {
size_t SignatureSize() const;
// Special test method used to generate a raw ECDSA signature.
// A raw ECDSA signature is a concatination of a same-width-big-endian
// A raw ECDSA signature is a concatenation of a same-width-big-endian
// encoding of the ECDSA signature point components r and s.
std::vector<uint8_t> GenerateRawSignature(
const std::vector<uint8_t>& message) const;
@@ -339,15 +339,8 @@ class EccPrivateKey {
// by DeriveSymmetricKey().
size_t SessionKeyLength() const;
~EccPrivateKey();
EccPrivateKey(const EccPrivateKey&) = delete;
EccPrivateKey(EccPrivateKey&&) = delete;
const EccPrivateKey& operator=(const EccPrivateKey&) = delete;
EccPrivateKey& operator=(EccPrivateKey&&) = delete;
private:
EccPrivateKey() {}
EccPrivateKey() = default;
// Initializes the public key object using the provided |buffer|.
// In case of any failure, false is return and the key should be

10
oemcrypto/util/include/oemcrypto_key_deriver.h
View File

@@ -7,18 +7,22 @@
#ifndef WVOEC_UTIL_KEY_DERIVER_H_
#define WVOEC_UTIL_KEY_DERIVER_H_
#include <inttypes.h>
#include <stddef.h>
#include <stdint.h>
#include <memory>
#include <vector>
#include "cmac.h"
#include "wv_class_utils.h"
namespace wvoec {
namespace util {
class KeyDeriver {
public:
~KeyDeriver() = default;
WVCDM_DISALLOW_COPY_AND_MOVE(KeyDeriver);
// Create a new key deriver using either the session key or the device
// key.
// Returns an empty pointer if the key size is not valid.
@@ -52,15 +56,13 @@ class KeyDeriver {
bool DeriveRenewedDeviceKey(const std::vector<uint8_t>& context,
std::vector<uint8_t>* renewed_device_key);
~KeyDeriver() {}
private:
KeyDeriver() {}
bool Init(const uint8_t* key, size_t key_size);
std::unique_ptr<Cmac> cmac_;
};
}; // class KeyDeriver
} // namespace util
} // namespace wvoec
#endif // WVOEC_UTIL_KEY_DERIVER_H_

13
oemcrypto/util/include/oemcrypto_oem_cert.h
View File

@@ -7,10 +7,13 @@
#ifndef WVOEC_UTIL_OEM_CERT_H_
#define WVOEC_UTIL_OEM_CERT_H_
#include <inttypes.h>
#include <memory>
#include <vector>
#include "OEMCryptoCENCCommon.h"
#include "wv_class_utils.h"
namespace wvoec {
namespace util {
@@ -39,6 +42,9 @@ class OemCertificate {
kRsa = 1
};
~OemCertificate();
WVCDM_DISALLOW_COPY_AND_MOVE(OemCertificate);
// Creates a new OEM Certificate and performs basic validation
// to ensure that the private key and public cert are well-formed.
// The |public_cert| provided is parsed as an X.509 Certificate
@@ -84,13 +90,6 @@ class OemCertificate {
// (ie, same modulos and public exponent).
OEMCryptoResult IsCertificateValid() const;
~OemCertificate();
OemCertificate(const OemCertificate&) = delete;
OemCertificate(OemCertificate&&) = delete;
const OemCertificate& operator=(const OemCertificate&) = delete;
OemCertificate& operator=(OemCertificate&&) = delete;
private:
OemCertificate();

27
oemcrypto/util/include/oemcrypto_rsa_key.h
View File

@@ -7,8 +7,8 @@
#ifndef WVOEC_UTIL_RSA_KEY_H_
#define WVOEC_UTIL_RSA_KEY_H_
#include <inttypes.h>
#include <stddef.h>
#include <stdint.h>
#include <memory>
#include <string>
@@ -17,6 +17,7 @@
#include <openssl/rsa.h>
#include "OEMCryptoCENC.h"
#include "wv_class_utils.h"
namespace wvoec {
namespace util {
@@ -61,6 +62,9 @@ class RsaPrivateKey;
class RsaPublicKey {
public:
~RsaPublicKey();
WVCDM_DISALLOW_COPY_AND_MOVE(RsaPublicKey);
// Creates a new public key equivalent of the provided private key.
static std::unique_ptr<RsaPublicKey> New(const RsaPrivateKey& private_key);
@@ -176,15 +180,8 @@ class RsaPublicKey {
std::vector<uint8_t> EncryptEncryptionKey(
const std::string& encryption_key) const;
~RsaPublicKey();
RsaPublicKey(const RsaPublicKey&) = delete;
RsaPublicKey(RsaPublicKey&&) = delete;
const RsaPublicKey& operator=(const RsaPublicKey&) = delete;
RsaPublicKey& operator=(RsaPublicKey&&) = delete;
private:
RsaPublicKey() {}
RsaPublicKey() = default;
// Initializes the public key object using the provided |buffer|.
// In case of any failure, false is return and the key should be
@@ -222,6 +219,9 @@ class RsaPublicKey {
class RsaPrivateKey {
public:
~RsaPrivateKey();
WVCDM_DISALLOW_COPY_AND_MOVE(RsaPrivateKey);
// Creates a new, pseudorandom RSA private key.
static std::unique_ptr<RsaPrivateKey> New(RsaFieldSize field_size);
@@ -342,15 +342,8 @@ class RsaPrivateKey {
std::vector<uint8_t> DecryptEncryptionKey(
const std::string& enc_encryption_key) const;
~RsaPrivateKey();
RsaPrivateKey(const RsaPrivateKey&) = delete;
RsaPrivateKey(RsaPrivateKey&&) = delete;
const RsaPrivateKey& operator=(const RsaPrivateKey&) = delete;
RsaPrivateKey& operator=(RsaPrivateKey&&) = delete;
private:
RsaPrivateKey() {}
RsaPrivateKey() = default;
// Initializes the public key object using the provided |buffer|.
// In case of any failure, false is return and the key should be

7
oemcrypto/util/include/scoped_object.h
View File

@@ -7,6 +7,8 @@
#ifndef WVOEC_UTIL_SCOPED_OBJECT_H_
#define WVOEC_UTIL_SCOPED_OBJECT_H_
#include "wv_class_utils.h"
namespace wvoec {
namespace util {
// A generic wrapper around pointer. This allows for automatic
@@ -25,8 +27,7 @@ class ScopedObject {
}
// Copy construction and assignment are not allowed.
ScopedObject(const ScopedObject& other) = delete;
ScopedObject& operator=(const ScopedObject& other) = delete;
WVCDM_DISALLOW_COPY(ScopedObject);
// Move construction and assignment are allowed.
ScopedObject(ScopedObject&& other) : ptr_(other.ptr_) {
@@ -65,7 +66,7 @@ class ScopedObject {
private:
Type* ptr_ = nullptr;
};
}; // class ScopedObject
} // namespace util
} // namespace wvoec
#endif // WVOEC_UTIL_SCOPED_OBJECT_H_

7
oemcrypto/util/include/signed_csr_payload_validator.h
View File

@@ -12,6 +12,7 @@
#include "cbor_validator.h"
#include "cppbor.h"
#include "wv_class_utils.h"
namespace wvoec {
namespace util {
@@ -23,9 +24,7 @@ class SignedCsrPayloadValidator : public CborValidator {
public:
explicit SignedCsrPayloadValidator() {}
virtual ~SignedCsrPayloadValidator() override = default;
SignedCsrPayloadValidator(const SignedCsrPayloadValidator&) = delete;
SignedCsrPayloadValidator& operator=(const SignedCsrPayloadValidator&) =
delete;
WVCDM_DISALLOW_COPY_AND_MOVE(SignedCsrPayloadValidator);
// Verifies the Cbor struct of a client generated SignedData<CsrPayload>.
virtual CborMessageStatus Validate() override;
@@ -38,7 +37,7 @@ class SignedCsrPayloadValidator : public CborValidator {
CborMessageStatus ValidateDataToBeSigned(const cppbor::Bstr* data);
// Used to generate formatted message.
std::stringstream msg_ss_;
};
}; // class SignedCsrPayloadValidator
} // namespace util
} // namespace wvoec
#endif // WVOEC_UTIL_SIGNED_CSR_PAYLOAD_VALIDATOR_H_

2
oemcrypto/util/include/wvcrc32.h
View File

@@ -7,7 +7,7 @@
#ifndef WVOEC_UTIL_WVCRC32_H_
#define WVOEC_UTIL_WVCRC32_H_
#include <stdint.h>
#include <inttypes.h>
namespace wvoec {
namespace util {