Support for group license
Content keys in ECM v3 can now additionally be encrypted by group entitlement keys.
This commit is contained in:
Lu Chen
66
common/BUILD
66
common/BUILD
@@ -34,6 +34,7 @@ cc_library(
|
||||
hdrs = ["playready_interface.h"],
|
||||
deps = [
|
||||
"//util:error_space",
|
||||
"//protos/public:external_license_cc_proto",
|
||||
"//protos/public:license_protocol_cc_proto",
|
||||
],
|
||||
)
|
||||
@@ -43,6 +44,7 @@ cc_library(
|
||||
hdrs = ["playready_sdk_impl.h"],
|
||||
deps = [
|
||||
":playready_interface",
|
||||
"//protos/public:external_license_cc_proto",
|
||||
"//protos/public:license_protocol_cc_proto",
|
||||
],
|
||||
)
|
||||
@@ -352,6 +354,28 @@ cc_library(
|
||||
],
|
||||
)
|
||||
|
||||
cc_library(
|
||||
name = "device_certificate_serial_number_util",
|
||||
srcs = ["device_certificate_serial_number_util.cc"],
|
||||
hdrs = ["device_certificate_serial_number_util.h"],
|
||||
deps = [
|
||||
":sha_util",
|
||||
"//base",
|
||||
"@abseil_repo//absl/types:optional",
|
||||
],
|
||||
)
|
||||
|
||||
cc_test(
|
||||
name = "device_certificate_serial_number_util_test",
|
||||
srcs = ["device_certificate_serial_number_util_test.cc"],
|
||||
deps = [
|
||||
":device_certificate_serial_number_util",
|
||||
"//testing:gunit",
|
||||
"//testing:gunit_main",
|
||||
"@abseil_repo//absl/strings",
|
||||
],
|
||||
)
|
||||
|
||||
cc_library(
|
||||
name = "private_key_util",
|
||||
hdrs = ["private_key_util.h"],
|
||||
@@ -1218,3 +1242,45 @@ cc_test(
|
||||
"//protos/public:remote_attestation_cc_proto",
|
||||
],
|
||||
)
|
||||
|
||||
cc_library(
|
||||
name = "signed_message_util",
|
||||
srcs = ["signed_message_util.cc"],
|
||||
hdrs = ["signed_message_util.h"],
|
||||
deps = [
|
||||
":client_cert",
|
||||
":client_id_util",
|
||||
":device_status_list",
|
||||
":error_space",
|
||||
":status",
|
||||
":wvm_token_handler",
|
||||
"//protos/public:client_identification_cc_proto",
|
||||
"//protos/public:device_certificate_status_cc_proto",
|
||||
"//protos/public:errors_cc_proto",
|
||||
"//protos/public:license_protocol_cc_proto",
|
||||
"//protos/public:signed_drm_certificate_cc_proto",
|
||||
],
|
||||
)
|
||||
|
||||
cc_test(
|
||||
name = "signed_message_util_test",
|
||||
srcs = ["signed_message_util_test.cc"],
|
||||
deps = [
|
||||
":device_status_list",
|
||||
":error_space",
|
||||
":rsa_key",
|
||||
":rsa_test_keys",
|
||||
":signed_message_util",
|
||||
":status",
|
||||
"//external:protobuf",
|
||||
"//testing:gunit_main",
|
||||
"@abseil_repo//absl/strings",
|
||||
"//protos/public:client_identification_cc_proto",
|
||||
"//protos/public:device_certificate_status_cc_proto",
|
||||
"//protos/public:drm_certificate_cc_proto",
|
||||
"//protos/public:errors_cc_proto",
|
||||
"//protos/public:license_protocol_cc_proto",
|
||||
"//protos/public:provisioned_device_info_cc_proto",
|
||||
"//protos/public:signed_drm_certificate_cc_proto",
|
||||
],
|
||||
)
|
||||
|
||||
@@ -8,6 +8,7 @@
|
||||
|
||||
#include "common/aes_cbc_util.h"
|
||||
|
||||
#include <cstdint>
|
||||
#include <vector>
|
||||
|
||||
#include <cstdint>
|
||||
|
||||
@@ -10,6 +10,8 @@
|
||||
|
||||
#include "common/crypto_util.h"
|
||||
|
||||
#include <cstdint>
|
||||
|
||||
#include "glog/logging.h"
|
||||
#include "absl/strings/escaping.h"
|
||||
#include "absl/strings/string_view.h"
|
||||
@@ -155,7 +157,8 @@ std::string DeriveKey(absl::string_view key, absl::string_view label,
|
||||
message.append(1, (size_bits >> 16) & 0xFF);
|
||||
message.append(1, (size_bits >> 8) & 0xFF);
|
||||
message.append(1, size_bits & 0xFF);
|
||||
if (CMAC_Update(cmac_ctx, reinterpret_cast<const uint8_t*>(message.data()),
|
||||
if (CMAC_Update(cmac_ctx,
|
||||
reinterpret_cast<const uint8_t*>(message.data()),
|
||||
message.size())) {
|
||||
size_t reslen;
|
||||
unsigned char res[AES_BLOCK_SIZE];
|
||||
|
||||
@@ -12,6 +12,7 @@
|
||||
#ifndef COMMON_CRYPTO_UTIL_H_
|
||||
#define COMMON_CRYPTO_UTIL_H_
|
||||
|
||||
#include <cstdint>
|
||||
#include <string>
|
||||
|
||||
#include "absl/strings/escaping.h"
|
||||
|
||||
@@ -62,6 +62,8 @@ std::string GetMessageDigest(const std::string& message,
|
||||
case widevine::HashAlgorithm::kUnspecified:
|
||||
case widevine::HashAlgorithm::kSha256:
|
||||
return widevine::Sha256_Hash(message);
|
||||
case widevine::HashAlgorithm::kSha384:
|
||||
return widevine::Sha384_Hash(message);
|
||||
case widevine::HashAlgorithm::kSha1:
|
||||
LOG(ERROR) << "Unexpected hash algorithm: "
|
||||
<< static_cast<int>(hash_algorithm);
|
||||
|
||||
@@ -11,7 +11,7 @@
|
||||
|
||||
namespace widevine {
|
||||
|
||||
enum class HashAlgorithm { kUnspecified, kSha1, kSha256 };
|
||||
enum class HashAlgorithm { kUnspecified, kSha1, kSha256, kSha384 };
|
||||
|
||||
} // namespace widevine
|
||||
|
||||
|
||||
@@ -25,7 +25,10 @@
|
||||
|
||||
#include "common/rsa_key.h"
|
||||
|
||||
#include <cstdint>
|
||||
|
||||
#include "glog/logging.h"
|
||||
#include "openssl/asn1.h"
|
||||
#include "openssl/bn.h"
|
||||
#include "openssl/digest.h"
|
||||
#include "openssl/err.h"
|
||||
@@ -60,6 +63,8 @@ std::string GetMessageDigest(const std::string& message,
|
||||
case widevine::HashAlgorithm::kUnspecified:
|
||||
case widevine::HashAlgorithm::kSha1:
|
||||
return widevine::Sha1_Hash(message);
|
||||
case widevine::HashAlgorithm::kSha384:
|
||||
return widevine::Sha384_Hash(message);
|
||||
case widevine::HashAlgorithm::kSha256:
|
||||
return widevine::Sha256_Hash(message);
|
||||
}
|
||||
@@ -73,6 +78,8 @@ const EVP_MD* GetHashMd(widevine::HashAlgorithm hash_algorithm) {
|
||||
case widevine::HashAlgorithm::kUnspecified:
|
||||
case widevine::HashAlgorithm::kSha1:
|
||||
return EVP_sha1();
|
||||
case widevine::HashAlgorithm::kSha384:
|
||||
return EVP_sha384();
|
||||
case widevine::HashAlgorithm::kSha256:
|
||||
return EVP_sha256();
|
||||
}
|
||||
|
||||
@@ -14,6 +14,7 @@
|
||||
#ifndef COMMON_RSA_KEY_H_
|
||||
#define COMMON_RSA_KEY_H_
|
||||
|
||||
#include <cstdint>
|
||||
#include <memory>
|
||||
#include <string>
|
||||
|
||||
|
||||
@@ -14,6 +14,8 @@
|
||||
#ifndef COMMON_SECURITY_PROFILE_LIST_H_
|
||||
#define COMMON_SECURITY_PROFILE_LIST_H_
|
||||
|
||||
#include <cstdint>
|
||||
|
||||
#include "absl/synchronization/mutex.h"
|
||||
#include "common/hash_algorithm.h"
|
||||
#include "common/status.h"
|
||||
|
||||
@@ -8,6 +8,8 @@
|
||||
|
||||
#include "common/sha_util.h"
|
||||
|
||||
#include <cstdint>
|
||||
|
||||
#include <cstdint>
|
||||
#include "openssl/sha.h"
|
||||
|
||||
@@ -29,6 +31,14 @@ std::string Sha256_Hash(const std::string& message) {
|
||||
return digest;
|
||||
}
|
||||
|
||||
std::string Sha384_Hash(const std::string& message) {
|
||||
std::string digest;
|
||||
digest.resize(SHA384_DIGEST_LENGTH);
|
||||
SHA384(reinterpret_cast<const uint8_t*>(message.data()), message.size(),
|
||||
reinterpret_cast<uint8_t*>(&digest[0]));
|
||||
return digest;
|
||||
}
|
||||
|
||||
std::string Sha512_Hash(const std::string& message) {
|
||||
std::string digest;
|
||||
digest.resize(SHA512_DIGEST_LENGTH);
|
||||
|
||||
@@ -21,6 +21,9 @@ std::string Sha1_Hash(const std::string& message);
|
||||
// Calculates SHA256 hash.
|
||||
std::string Sha256_Hash(const std::string& message);
|
||||
|
||||
// Calculates SHA384 hash.
|
||||
std::string Sha384_Hash(const std::string& message);
|
||||
|
||||
// Calculate SHA512 hash.
|
||||
std::string Sha512_Hash(const std::string& message);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user