//////////////////////////////////////////////////////////////////////////////// // Copyright 2016 Google LLC. // // This software is licensed under the terms defined in the Widevine Master // License Agreement. For a copy of this agreement, please contact // widevine-licensing@google.com. //////////////////////////////////////////////////////////////////////////////// // Contains common crypto routines for widevine protocols. These routines are // used as part of licensing and provisioning request handling. #ifndef COMMON_CRYPTO_UTIL_H_ #define COMMON_CRYPTO_UTIL_H_ #include #include "absl/strings/string_view.h" namespace widevine { namespace crypto_util { // Default constants used for key derivation for encryption and signing. // TODO(user): These are duplicated in session.cc in the sdk. de-dup. extern const char kWrappingKeyLabel[]; extern const int kWrappingKeySizeBits; extern const char kSigningKeyLabel[]; extern const int kSigningKeySizeBits; extern const size_t kSigningKeySizeBytes; extern const char kIvMasterKey[]; extern const char kIvLabel[]; extern const int kIvSizeBits; extern const int kAes128KeySizeBits; extern const int kAes128KeySizeBytes; extern const char kKeyboxV3Label[]; extern const uint32_t kCENCSchemeID; // 'cenc' (AES-CTR): 0x63656E63 extern const uint32_t kCBC1SchemeID; // 'cbc1' (AES-CBC): 0x63626331 extern const uint32_t kCENSSchemeID; // 'cens' (AES-CTR subsample): 0x63656E73 extern const uint32_t kCBCSSchemeID; // 'cbcs' (AES-CBC subsample): 0x63626373 // DeriveKey uses the NIST 800-108 KDF recommendation, using AES-CMAC PRF. // NIST 800-108: // http://csrc.nist.gov/publications/nistpubs/800-108/sp800-108.pdf // AES-CMAC: // http://tools.ietf.org/html/rfc4493 std::string DeriveKey(absl::string_view key, absl::string_view label, absl::string_view context, const uint32_t size_bits); // Derives an IV from the provided |context|. std::string DeriveIv(absl::string_view context); // Derives a key ID from the provided |context|. std::string DeriveKeyId(absl::string_view context); // Helper function to derive a key using the group master key and context. std::string DeriveGroupSessionKey(absl::string_view context, const uint32_t size_bits); // Helper function to derive a signing key for from the signing context. std::string DeriveSigningKey(absl::string_view key, absl::string_view context, const uint32_t size_bits); // Helper function to create a SHA-256 HMAC signature for the given message. std::string CreateSignatureHmacSha256(absl::string_view key, absl::string_view message); // Helper function which compares the SHA-256 HMAC against the provided // signature. bool VerifySignatureHmacSha256(absl::string_view key, absl::string_view signature, absl::string_view message); // Helper function to create a SHA-1 HMAC signature for the given message. std::string CreateSignatureHmacSha1(absl::string_view key, absl::string_view message); // Helper function which compares the SHA-1 HMAC against the provided // signature. bool VerifySignatureHmacSha1(absl::string_view key, absl::string_view signature, absl::string_view message); // Converts a requested 4CC encryption scheme ID from a std::string to a uint32_t and // verifies it is a correct value. bool FourCCEncryptionSchemeIDFromString(const std::string& requested, uint32_t* four_cc_code); } // namespace crypto_util } // namespace widevine #endif // COMMON_CRYPTO_UTIL_H_