91 lines
3.6 KiB
C++
91 lines
3.6 KiB
C++
////////////////////////////////////////////////////////////////////////////////
|
|
// Copyright 2016 Google LLC.
|
|
//
|
|
// This software is licensed under the terms defined in the Widevine Master
|
|
// License Agreement. For a copy of this agreement, please contact
|
|
// widevine-licensing@google.com.
|
|
////////////////////////////////////////////////////////////////////////////////
|
|
|
|
// Contains common crypto routines for widevine protocols. These routines are
|
|
// used as part of licensing and provisioning request handling.
|
|
|
|
#ifndef COMMON_CRYPTO_UTIL_H_
|
|
#define COMMON_CRYPTO_UTIL_H_
|
|
|
|
#include <string>
|
|
|
|
#include "absl/strings/string_view.h"
|
|
|
|
namespace widevine {
|
|
namespace crypto_util {
|
|
|
|
// Default constants used for key derivation for encryption and signing.
|
|
// TODO(user): These are duplicated in session.cc in the sdk. de-dup.
|
|
extern const char kWrappingKeyLabel[];
|
|
extern const int kWrappingKeySizeBits;
|
|
extern const char kSigningKeyLabel[];
|
|
extern const int kSigningKeySizeBits;
|
|
extern const size_t kSigningKeySizeBytes;
|
|
extern const char kIvMasterKey[];
|
|
extern const char kIvLabel[];
|
|
extern const int kIvSizeBits;
|
|
extern const int kAes128KeySizeBits;
|
|
extern const int kAes128KeySizeBytes;
|
|
extern const char kKeyboxV3Label[];
|
|
|
|
extern const uint32_t kCENCSchemeID; // 'cenc' (AES-CTR): 0x63656E63
|
|
extern const uint32_t kCBC1SchemeID; // 'cbc1' (AES-CBC): 0x63626331
|
|
extern const uint32_t kCENSSchemeID; // 'cens' (AES-CTR subsample): 0x63656E73
|
|
extern const uint32_t kCBCSSchemeID; // 'cbcs' (AES-CBC subsample): 0x63626373
|
|
|
|
// DeriveKey uses the NIST 800-108 KDF recommendation, using AES-CMAC PRF.
|
|
// NIST 800-108:
|
|
// http://csrc.nist.gov/publications/nistpubs/800-108/sp800-108.pdf
|
|
// AES-CMAC:
|
|
// http://tools.ietf.org/html/rfc4493
|
|
std::string DeriveKey(absl::string_view key, absl::string_view label,
|
|
absl::string_view context, const uint32_t size_bits);
|
|
|
|
// Derives an IV from the provided |context|.
|
|
std::string DeriveIv(absl::string_view context);
|
|
|
|
// Derives a key ID from the provided |context|.
|
|
std::string DeriveKeyId(absl::string_view context);
|
|
|
|
// Helper function to derive a key using the group master key and context.
|
|
std::string DeriveGroupSessionKey(absl::string_view context,
|
|
const uint32_t size_bits);
|
|
|
|
// Helper function to derive a signing key for from the signing context.
|
|
std::string DeriveSigningKey(absl::string_view key, absl::string_view context,
|
|
const uint32_t size_bits);
|
|
|
|
// Helper function to create a SHA-256 HMAC signature for the given message.
|
|
std::string CreateSignatureHmacSha256(absl::string_view key,
|
|
absl::string_view message);
|
|
|
|
// Helper function which compares the SHA-256 HMAC against the provided
|
|
// signature.
|
|
bool VerifySignatureHmacSha256(absl::string_view key,
|
|
absl::string_view signature,
|
|
absl::string_view message);
|
|
|
|
// Helper function to create a SHA-1 HMAC signature for the given message.
|
|
std::string CreateSignatureHmacSha1(absl::string_view key,
|
|
absl::string_view message);
|
|
|
|
// Helper function which compares the SHA-1 HMAC against the provided
|
|
// signature.
|
|
bool VerifySignatureHmacSha1(absl::string_view key, absl::string_view signature,
|
|
absl::string_view message);
|
|
|
|
// Converts a requested 4CC encryption scheme ID from a std::string to a uint32_t and
|
|
// verifies it is a correct value.
|
|
bool FourCCEncryptionSchemeIDFromString(const std::string& requested,
|
|
uint32_t* four_cc_code);
|
|
|
|
} // namespace crypto_util
|
|
} // namespace widevine
|
|
|
|
#endif // COMMON_CRYPTO_UTIL_H_
|