widevine-partner/ce_cdm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Source release 19.2.0

Browse Source
This commit is contained in:
Alex Dale
2024-06-25 14:03:53 -07:00
parent b8bdfccebe
commit cd8256726f
89 changed files with 2747 additions and 35949 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
oemcrypto/util/include/oemcrypto_ecc_key.h
View File

@@ -38,7 +38,8 @@ class EccPublicKey {
// Creates a new public key equivalent of the provided private key.
static std::unique_ptr<EccPublicKey> New(const EccPrivateKey& private_key);
// Loads a serialized EC public key.
// Loads a ASN.1 DER serialized EC public key.
//
// The provided |buffer| must contain a valid ASN.1 DER encoded
// SubjectPublicKey. Only supported curves by this API are those
// enumerated by EccCurve.
@@ -50,7 +51,7 @@ class EccPublicKey {
// namedCurve: OID = secp256r1 | secp384r1 | secp521r1
// }
// },
// subjectPublicKey: BIT STRING = ... -- SEC1 encoded ECPoint
// subjectPublicKey: BIT STRING = ... -- SEC 1 encoded ECPoint
// }
//
// Failure will occur if the provided |buffer| does not contain a
@@ -60,13 +61,39 @@ class EccPublicKey {
size_t length);
static std::unique_ptr<EccPublicKey> Load(const std::string& buffer);
static std::unique_ptr<EccPublicKey> Load(const std::vector<uint8_t>& buffer);
// Loads EC public key from the |curve| and |buffer|.
// The provided |buffer| must contain an EC point serialized from raw X9.62
// format. For uncompressed form, it is a 1-byte prefix plus two 32-byte
// integers representing X, Y coordinates.
// Loads a SEC 1 serialized EC public key.
//
// The provided |buffer| must contain a valid SEC 1 encoded EC point
// belonging to the provided |curve|.
//
// SEC 1 section 2.3.3 specifies two supported formats, compressed or
// uncompressed.
//
// Case uncompressed:
// buffer: 0x04 || X || Y
//
// Where X and Y are fixed-width byte encodings of the public keys
// x and y component.
//
// Case compressed:
// buffer: (0x02 or 0x03) || X
//
// Where X is a fixed-width byte encoding of the public keys x
// component; and the y component is derived using the curve
// equation, and the sign of y is positive if lead byte is 0x02,
// or negative if lead byte is 0x03.
//
// Note: The EC point encoding in SEC 1 is derived from the X9.62
// format; however, the "evenness" version of the X9.62 compressed
// point is NOT supported and is generally not recommended.
static std::unique_ptr<EccPublicKey> LoadKeyPoint(EccCurve curve,
const uint8_t* buffer,
size_t length);
static std::unique_ptr<EccPublicKey> LoadKeyPoint(EccCurve curve,
const std::string& buffer);
static std::unique_ptr<EccPublicKey> LoadKeyPoint(
EccCurve curve, const std::vector<uint8_t>& buffer);
// Loads a serialized ECC private key, but only converting the public key.
static std::unique_ptr<EccPublicKey> LoadPrivateKeyInfo(const uint8_t* buffer,
@@ -93,6 +120,17 @@ class EccPublicKey {
// Same as above, except directly returns the serialized key.
// Returns an empty vector on error.
std::vector<uint8_t> Serialize() const;
// Serializes the public key into a SEC 1 encoded public key point.
// To restore a key from the returned key point, the caller must
// keep track of the specific curve of the key.
//
// If |compressed| is false (default), the key point will be
// serialized in its uncompressed form; otherwise, the key will be
// serialized in its compressed form.
//
// Directly returns the serialized public key.
// Returns an empty vector on error.
std::vector<uint8_t> SerializeAsSec1KeyPoint(bool compressed = false) const;
// Verifies the |signature| matches the provided |message| by the
// private equivalent of this public key.
@@ -114,15 +152,26 @@ class EccPublicKey {
const std::string& signature) const;
OEMCryptoResult VerifySignature(const std::vector<uint8_t>& message,
const std::vector<uint8_t>& signature) const;
// Verifies the raw |signature| matches the provided |message| by the
// private equivalent of this public key.
// A raw ECDSA signature consists of a pair of integers (r,s). The |signature|
// is a concatenation of two octet strings resulting from the integer-to-octet
// encoding of the values of r and s, in the order of (r||s).
// Verifies the raw |signature| matches the provided |message| by
// the private equivalent of this public key.
// A raw ECDSA signature consists of a pair of integers (r, s).
// The |signature| is a concatenation of the unsigned integers r and
// s as two equal length octet strings using big-endian encoding.
//
// The |message| is digested using the same ECDSA algorithm as
// VerifySignature().
//
// Returns:
// OEMCrypto_SUCCESS if signature is valid
// OEMCrypto_ERROR_SIGNATURE_FAILURE if the |signature| is invalid
// Any other result indicates an unexpected error
OEMCryptoResult VerifyRawSignature(const uint8_t* message,
size_t message_length,
const uint8_t* signature,
size_t signature_length) const;
OEMCryptoResult VerifyRawSignature(
const std::vector<uint8_t>& message,
const std::vector<uint8_t>& signature) const;
~EccPublicKey();
@@ -141,11 +190,12 @@ class EccPublicKey {
bool InitFromPrivateKeyInfo(const uint8_t* buffer, size_t length);
// Initializes the public key object from a private.
bool InitFromPrivateKey(const EccPrivateKey& private_key);
// Initializes the public key object from the provided curve and key point
// |buffer|.
bool InitFromKeyPoint(EccCurve curve, const uint8_t* buffer, size_t length);
// Digests the |message| and verifies signature against the provided signature
// point.
// Initializes the public key object from the provided |curve| and
// SEC 1 encoded EC key point |buffer|.
bool InitFromSec1KeyPoint(EccCurve curve, const uint8_t* buffer,
size_t length);
// Digests the |message| and verifies signature against the provided
// ECDSA signature point |sig_point|.
OEMCryptoResult DigestAndVerify(const uint8_t* message, size_t message_length,
const ECDSA_SIG* sig_point) const;
@@ -181,7 +231,7 @@ class EccPrivateKey {
// version: INTEGER = ecPrivateKeyVer1(1),
// privateKey: OCTET STRING = ..., -- I2OSP of private key point
// -- |parameters| are obtained from PrivateKeyInfo
// publicKey: BIT STRING OPTIONAL = ... -- SEC1 encoded ECPoint
// publicKey: BIT STRING OPTIONAL = ... -- SEC 1 encoded ECPoint
// }
// Note: If the public key is not included, then it is computed from
// the private key.
@@ -237,6 +287,12 @@ class EccPrivateKey {
// Returns an empty vector on error.
std::vector<uint8_t> SerializeAsPublicKey() const;
// Serializes the public component of the private key into an SEC 1
// public key point.
// See EccPublicKey::SerializeAsSec1KeyPoint() for details.
std::vector<uint8_t> SerializeAsPublicSec1KeyPoint(
bool compressed = false) const;
// Signs the provided |message| and serializes the signature
// point to |signature| as a ASN.1 DER encoded ECDSA-Sig-Value.
// This implementation uses ECDSA with the following digest
@@ -261,6 +317,12 @@ class EccPrivateKey {
// the actual signature generated by GenerateSignature().
size_t SignatureSize() const;
// Special test method used to generate a raw ECDSA signature.
// A raw ECDSA signature is a concatination of a same-width-big-endian
// encoding of the ECDSA signature point components r and s.
std::vector<uint8_t> GenerateRawSignature(
const std::vector<uint8_t>& message) const;
// Derives the OEMCrypto session key used for deriving other keys.
// The provided public key must be of the same curve.
// On success, |session_key_size| is populated with the number of

63
oemcrypto/util/include/oemcrypto_key_handle.h
View File

@@ -1,63 +0,0 @@
// Copyright 2022 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
//
// Implements utility functions for serializing and deserializing the fake key
// handles used by the Ref and Testbed.
//
#ifndef WVOEC_UTIL_KEY_HANDLE_H_
#define WVOEC_UTIL_KEY_HANDLE_H_
#include <stddef.h>
#include <stdint.h>
#include <string.h>
#include "OEMCryptoCENC.h"
#include "log.h"
namespace wvoec {
namespace util {
// Size of a key handle, which for this implementation is just a session ID.
constexpr size_t kKeyHandleSize = sizeof(OEMCrypto_SESSION);
OEMCryptoResult SerializeSessionToKeyHandle(OEMCrypto_SESSION session,
uint8_t* key_handle,
size_t* key_handle_length) {
if (key_handle_length == nullptr) {
LOGE("Null key handle length");
return OEMCrypto_ERROR_INVALID_CONTEXT;
}
if (key_handle == nullptr || *key_handle_length < kKeyHandleSize) {
*key_handle_length = kKeyHandleSize;
return OEMCrypto_ERROR_SHORT_BUFFER;
}
*key_handle_length = kKeyHandleSize;
memcpy(key_handle, &session, kKeyHandleSize);
return OEMCrypto_SUCCESS;
}
OEMCryptoResult DeserializeKeyHandleToSession(const uint8_t* key_handle,
size_t key_handle_length,
OEMCrypto_SESSION* session) {
if (key_handle == nullptr) {
LOGE("Null key handle");
return OEMCrypto_ERROR_INVALID_CONTEXT;
}
if (session == nullptr) {
LOGE("Null session");
return OEMCrypto_ERROR_INVALID_CONTEXT;
}
if (key_handle_length != kKeyHandleSize) {
LOGE("Invalid key handle length");
return OEMCrypto_ERROR_INVALID_CONTEXT;
}
memcpy(session, key_handle, kKeyHandleSize);
return OEMCrypto_SUCCESS;
}
} // namespace util
} // namespace wvoec
#endif // WVOEC_UTIL_KEY_HANDLE_H_

3
oemcrypto/util/include/scoped_object.h
View File

@@ -41,7 +41,8 @@ class ScopedObject {
return *this;
}
explicit operator bool() const { return ptr_ != nullptr; }
bool ok() const { return ptr_ != nullptr; }
explicit operator bool() const { return ok(); }
Type& operator*() { return *ptr_; }
Type* get() const { return ptr_; }