widevine-partner/media_cas_packager_sdk_source
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add a few more checks for "key length" and "iv length".

Browse Source 
-------------
Pad key value when crypto_mode is DVB_CSA, so that the key length is always 16 bytes.

-------------
Minor comment and example code update.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=219860612
This commit is contained in:
Fang Yu
2018-11-02 14:22:06 -07:00
parent 5ac3c5a95b
commit 0441c0b8d4
5 changed files with 128 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
media_cas_packager_sdk/public/wv_cas_ecm.cc
View File

@@ -27,6 +27,10 @@ namespace widevine {
namespace cas {
namespace {
static constexpr size_t kContentKeySizeBytes = 16;
static constexpr size_t kCsaContentKeySizeBytes = 8;
EcmInitParameters CreateEcmInitParameters(int content_iv_size,
bool key_rotation_enabled,
CryptoMode crypto_mode) {
@@ -74,6 +78,13 @@ WvCasStatus WvCasEcm::GenerateEcm(const std::string& even_key,
const std::string& entitlement_key,
std::string* ecm) const {
DCHECK(ecm);
if (crypto_mode_ == CryptoMode::kDvbCsa &&
even_key.length() == kCsaContentKeySizeBytes &&
odd_key.length() == kCsaContentKeySizeBytes) {
return GenerateEcm(absl::StrCat(even_key, even_key), even_content_iv,
absl::StrCat(odd_key, odd_key), odd_content_iv,
entitlement_key_id, entitlement_key, ecm);
}
if (!initialized_) {
LOG(ERROR) << "WvCasEcm has not been properly initialized";
return UNAVAILABLE;
@@ -83,6 +94,11 @@ WvCasStatus WvCasEcm::GenerateEcm(const std::string& even_key,
"rotation is disabled";
return UNAVAILABLE;
}
if (even_key.size() != kContentKeySizeBytes ||
odd_key.size() != kContentKeySizeBytes) {
LOG(ERROR) << "Size of content key is incorrect";
return INVALID_ARGUMENT;
}
if (even_content_iv.size() != content_iv_size_ ||
odd_content_iv.size() != content_iv_size_) {
LOG(ERROR) << "Size of content IV is incorrect";
@@ -153,6 +169,12 @@ WvCasStatus WvCasEcm::GenerateSingleKeyEcm(const std::string& even_key,
const std::string& entitlement_key,
std::string* ecm) const {
DCHECK(ecm);
if (crypto_mode_ == CryptoMode::kDvbCsa &&
even_key.length() == kCsaContentKeySizeBytes) {
return GenerateSingleKeyEcm(absl::StrCat(even_key, even_key),
even_content_iv, entitlement_key_id,
entitlement_key, ecm);
}
if (!initialized_) {
LOG(ERROR) << "WvCasEcm has not been properly initialized";
return UNAVAILABLE;
@@ -162,6 +184,10 @@ WvCasStatus WvCasEcm::GenerateSingleKeyEcm(const std::string& even_key,
<< "Please call GenerateEcm() instead when key rotation is enabled";
return UNAVAILABLE;
}
if (even_key.size() != kContentKeySizeBytes) {
LOG(ERROR) << "Size of content key is incorrect";
return INVALID_ARGUMENT;
}
if (even_content_iv.size() != content_iv_size_) {
LOG(ERROR) << "Size of content IV is incorrect";
return INVALID_ARGUMENT;

66
media_cas_packager_sdk/public/wv_cas_ecm_test.cc
View File

@@ -19,8 +19,10 @@ namespace widevine {
namespace cas {
const char kEvenKey[] = "even_content_key"; // 16 bytes
const char kCsaEvenKey[] = "12345678"; // 8 bytes
const char kEvenContentIv8Bytes[] = "evencont"; // 8 bytes
const char kOddKey[] = "odd_content_key."; // 16 bytes
const char kCsaOddKey[] = "87654321"; // 8 bytes
const char kOddContentIv8Bytes[] = "oddcont."; // 8 bytes
const char kEntitlementKeyId[] = "ent_key_id......"; // 16 bytes
const char kEntitlementKey[] = "entitlement_key................."; // 32 bytes
@@ -94,6 +96,34 @@ TEST_F(WvCasEcmTest, GenerateSingleKeyEcmInvalidContentIv) {
/* entitlement_key= */ kEntitlementKey, &actual_ecm));
}
TEST_F(WvCasEcmTest, GenerateEcmInvalidContentKey) {
EXPECT_EQ(OK, wv_cas_ecm_.Initialize(/* content_iv_size= */ 8,
/* key_rotation_enabled= */ true,
CryptoMode::kAesCtr));
std::string actual_ecm;
EXPECT_EQ(INVALID_ARGUMENT,
wv_cas_ecm_.GenerateEcm(
/* even_key= */ kEvenKey,
/* even_content_iv= */ kEvenContentIv8Bytes,
/* odd_key= */ "12345678",
/* odd_content_iv= */ kOddContentIv8Bytes,
/* entitlement_key_id= */ kEntitlementKeyId,
/* entitlement_key= */ kEntitlementKey, &actual_ecm));
}
TEST_F(WvCasEcmTest, GenerateSingleKeyEcmInvalidContentKey) {
EXPECT_EQ(OK, wv_cas_ecm_.Initialize(/* content_iv_size= */ 8,
/* key_rotation_enabled= */ false,
CryptoMode::kAesCtr));
std::string actual_ecm;
EXPECT_EQ(INVALID_ARGUMENT,
wv_cas_ecm_.GenerateSingleKeyEcm(
/* even_key= */ "12345678",
/* even_content_iv= */ kEvenContentIv8Bytes,
/* entitlement_key_id= */ kEntitlementKeyId,
/* entitlement_key= */ kEntitlementKey, &actual_ecm));
}
TEST_F(WvCasEcmTest, GenerateEcm8BytesContentIvCtrSuccess) {
EXPECT_EQ(OK, wv_cas_ecm_.Initialize(/* content_iv_size= */ 8,
/* key_rotation_enabled= */ true,
@@ -226,48 +256,48 @@ TEST_F(WvCasEcmTest, GenerateSingleKeyEcm16BytesContentIvCbcSuccess) {
absl::BytesToHexString(actual_ecm));
}
TEST_F(WvCasEcmTest, GenerateEcm16BytesContentIvCsaSuccess) {
EXPECT_EQ(OK, wv_cas_ecm_.Initialize(/* content_iv_size= */ 16,
TEST_F(WvCasEcmTest, GenerateEcm8BytesContentIvCsaSuccess) {
EXPECT_EQ(OK, wv_cas_ecm_.Initialize(/* content_iv_size= */ 8,
/* key_rotation_enabled= */ true,
CryptoMode::kDvbCsa));
std::string actual_ecm;
EXPECT_EQ(OK, wv_cas_ecm_.GenerateEcm(
/* even_key= */ kEvenKey,
/* even_key= */ kCsaEvenKey,
/* even_content_iv= */
absl::StrCat(kEvenContentIv8Bytes, kEvenContentIv8Bytes),
/* odd_key= */ kOddKey,
kEvenContentIv8Bytes,
/* odd_key= */ kCsaOddKey,
/* odd_content_iv= */
absl::StrCat(kOddContentIv8Bytes, kOddContentIv8Bytes),
kOddContentIv8Bytes,
/* entitlement_key_id= */ kEntitlementKeyId,
/* entitlement_key= */ kEntitlementKey, &actual_ecm));
EXPECT_EQ(
"4ad40107c0656e745f6b65795f69642e2e2e2e2e2ea5693deeba52b4cb27e7021eefa2f8"
"c2b25f7d48e60627208f4ecca00703aa2467f28b214546a42320e3fa49f936369c657665"
"6e636f6e746576656e636f6e74656e745f6b65795f69642e2e2e2e2e2e0700509b67763b"
"3f1c356bc1e1dc8bac99a1e2f95c37d9183cbb96582f3a05fdbe29925c37c6c6a45eb552"
"b5ddf87f8a6f6464636f6e742e6f6464636f6e742e",
"4ad4010780656e745f6b65795f69642e2e2e2e2e2e1970666a56b136d5d63b009c1a514a"
"948b8c0a380f2c9965134faac9d92992627abdd06f4a268bd12f8989373aece8bd657665"
"6e636f6e74656e745f6b65795f69642e2e2e2e2e2eda65f122610af2c9c9fa7ad18d07f4"
"3faab4190ac47c0d974547e8615d7bc64beb665a2d7c36f687ad8ec518e83062076f6464"
"636f6e742e",
absl::BytesToHexString(actual_ecm));
}
TEST_F(WvCasEcmTest, GenerateSingleKeyEcm16BytesContentIvCsaSuccess) {
EXPECT_EQ(OK, wv_cas_ecm_.Initialize(/* content_iv_size= */ 16,
TEST_F(WvCasEcmTest, GenerateSingleKeyEcm8BytesContentIvCsaSuccess) {
EXPECT_EQ(OK, wv_cas_ecm_.Initialize(/* content_iv_size= */ 8,
/* key_rotation_enabled= */ false,
CryptoMode::kDvbCsa));
std::string actual_ecm;
EXPECT_EQ(OK, wv_cas_ecm_.GenerateSingleKeyEcm(
/* even_key= */ kEvenKey,
/* even_key= */ kCsaEvenKey,
/* even_content_iv= */
absl::StrCat(kEvenContentIv8Bytes, kEvenContentIv8Bytes),
kEvenContentIv8Bytes,
/* entitlement_key_id= */ kEntitlementKeyId,
/* entitlement_key= */ kEntitlementKey, &actual_ecm));
EXPECT_EQ(
"4ad40106c0656e745f6b65795f69642e2e2e2e2e2ea5693deeba52b4cb27e7021eefa2f8"
"c2b25f7d48e60627208f4ecca00703aa2467f28b214546a42320e3fa49f936369c657665"
"6e636f6e746576656e636f6e74",
"4ad4010680656e745f6b65795f69642e2e2e2e2e2e1970666a56b136d5d63b009c1a514a"
"948b8c0a380f2c9965134faac9d92992627abdd06f4a268bd12f8989373aece8bd657665"
"6e636f6e74",
absl::BytesToHexString(actual_ecm));
}