From 16d9abca4c23e6fe615f8f782a5936491e9624fa Mon Sep 17 00:00:00 2001 From: Fred Gylys-Colwell Date: Wed, 18 Apr 2018 11:43:47 -0700 Subject: [PATCH] Update copyright notice and fix entitlement key sizes This change updates the copyright notice to make it more clear that the code is distribued under the Widevine Master License Agreement. It also updates the unit tests and sample code to correct the useage of AES 256. AES 256 is used to decrypt entitled content keys, but it is not used to decrypt key control blocks. --- include/OEMCryptoCENC.h | 4 ++- include/level3.h | 4 ++- include/level3_file_system.h | 4 ++- include/oemcrypto_logging.h | 4 ++- include/pst_report.h | 4 ++- mock/README.md | 5 +++ mock/src/oemcrypto_auth_mock.cpp | 4 ++- mock/src/oemcrypto_auth_mock.h | 4 ++- .../oemcrypto_engine_device_properties.cpp | 4 ++- .../oemcrypto_engine_device_properties_L1.cpp | 4 ++- ...emcrypto_engine_device_properties_cert.cpp | 4 ++- ...oemcrypto_engine_device_properties_mod.cpp | 4 ++- ...crypto_engine_device_properties_prov30.cpp | 4 ++- mock/src/oemcrypto_engine_mock.cpp | 4 ++- mock/src/oemcrypto_engine_mock.h | 4 ++- mock/src/oemcrypto_key_mock.cpp | 4 ++- mock/src/oemcrypto_key_mock.h | 4 ++- mock/src/oemcrypto_keybox_mock.cpp | 4 ++- mock/src/oemcrypto_keybox_mock.h | 4 ++- mock/src/oemcrypto_keybox_testkey.cpp | 4 ++- mock/src/oemcrypto_logging.cpp | 4 ++- mock/src/oemcrypto_mock.cpp | 8 +++-- mock/src/oemcrypto_nonce_table.cpp | 4 ++- mock/src/oemcrypto_nonce_table.h | 4 ++- mock/src/oemcrypto_old_usage_table_mock.cpp | 4 ++- mock/src/oemcrypto_old_usage_table_mock.h | 4 ++- mock/src/oemcrypto_rsa_key_shared.cpp | 33 ++++++++++--------- mock/src/oemcrypto_rsa_key_shared.h | 7 +++- mock/src/oemcrypto_session.cpp | 30 ++++++++--------- mock/src/oemcrypto_session.h | 7 ++-- mock/src/oemcrypto_session_key_table.cpp | 4 ++- mock/src/oemcrypto_session_key_table.h | 4 ++- mock/src/oemcrypto_usage_table_mock.cpp | 4 ++- mock/src/oemcrypto_usage_table_mock.h | 4 ++- mock/src/wv_keybox.h | 4 ++- mock/src/wvcrc.cpp | 4 ++- mock/src/wvcrc32.h | 4 ++- mock/test/oemcrypto_logging_test.cpp | 4 ++- test/oec_device_features.cpp | 12 ++++--- test/oec_session_util.cpp | 14 +++++--- test/oec_session_util.h | 8 ++++- test/oec_test_data.h | 4 ++- test/oemcrypto_session_tests_helper.cpp | 8 ++--- test/oemcrypto_test.cpp | 8 +++-- test/oemcrypto_test_android.cpp | 4 ++- 45 files changed, 186 insertions(+), 90 deletions(-) create mode 100644 mock/README.md diff --git a/include/OEMCryptoCENC.h b/include/OEMCryptoCENC.h index a27024e..c78842b 100644 --- a/include/OEMCryptoCENC.h +++ b/include/OEMCryptoCENC.h @@ -1,4 +1,6 @@ -// Copyright 2013 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. /********************************************************************* * OEMCryptoCENC.h diff --git a/include/level3.h b/include/level3.h index fd78b49..bef3033 100644 --- a/include/level3.h +++ b/include/level3.h @@ -1,4 +1,6 @@ -// Copyright 2013 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. /********************************************************************* * level3.h diff --git a/include/level3_file_system.h b/include/level3_file_system.h index c1474ad..eceec5a 100644 --- a/include/level3_file_system.h +++ b/include/level3_file_system.h @@ -1,4 +1,6 @@ -// Copyright 2017 Google Inc. All Rights Reserved +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. /********************************************************************* * level3_file_system.h diff --git a/include/oemcrypto_logging.h b/include/oemcrypto_logging.h index 5413f4b..0fa9f0c 100644 --- a/include/oemcrypto_logging.h +++ b/include/oemcrypto_logging.h @@ -1,4 +1,6 @@ -// Copyright 2014 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. #ifndef WVOEC_OEMCRYPTO_LOGGING_H_ #define WVOEC_OEMCRYPTO_LOGGING_H_ diff --git a/include/pst_report.h b/include/pst_report.h index cd21e23..55c8124 100644 --- a/include/pst_report.h +++ b/include/pst_report.h @@ -1,4 +1,6 @@ -// Copyright 2017 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. /********************************************************************* * pst_report.h diff --git a/mock/README.md b/mock/README.md new file mode 100644 index 0000000..b004a25 --- /dev/null +++ b/mock/README.md @@ -0,0 +1,5 @@ +# Mock OEMCrypto + +This directory contains a testing-only implementation of OEMCrypto. **This +implementation is *NOT* suitable for production use and should *NOT* be released +on devices.** diff --git a/mock/src/oemcrypto_auth_mock.cpp b/mock/src/oemcrypto_auth_mock.cpp index 1eef560..d909c97 100644 --- a/mock/src/oemcrypto_auth_mock.cpp +++ b/mock/src/oemcrypto_auth_mock.cpp @@ -1,4 +1,6 @@ -// Copyright 2013 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_auth_mock.h b/mock/src/oemcrypto_auth_mock.h index 980a45b..230be00 100644 --- a/mock/src/oemcrypto_auth_mock.h +++ b/mock/src/oemcrypto_auth_mock.h @@ -1,4 +1,6 @@ -// Copyright 2016 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_engine_device_properties.cpp b/mock/src/oemcrypto_engine_device_properties.cpp index b0f9059..ce206de 100644 --- a/mock/src/oemcrypto_engine_device_properties.cpp +++ b/mock/src/oemcrypto_engine_device_properties.cpp @@ -1,4 +1,6 @@ -// Copyright 2014 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_engine_device_properties_L1.cpp b/mock/src/oemcrypto_engine_device_properties_L1.cpp index f483231..d8da467 100644 --- a/mock/src/oemcrypto_engine_device_properties_L1.cpp +++ b/mock/src/oemcrypto_engine_device_properties_L1.cpp @@ -1,4 +1,6 @@ -// Copyright 2014 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_engine_device_properties_cert.cpp b/mock/src/oemcrypto_engine_device_properties_cert.cpp index b853231..932af52 100644 --- a/mock/src/oemcrypto_engine_device_properties_cert.cpp +++ b/mock/src/oemcrypto_engine_device_properties_cert.cpp @@ -1,4 +1,6 @@ -// Copyright 2015 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_engine_device_properties_mod.cpp b/mock/src/oemcrypto_engine_device_properties_mod.cpp index 4b4b693..7e58b7d 100644 --- a/mock/src/oemcrypto_engine_device_properties_mod.cpp +++ b/mock/src/oemcrypto_engine_device_properties_mod.cpp @@ -1,4 +1,6 @@ -// Copyright 2017 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_engine_device_properties_prov30.cpp b/mock/src/oemcrypto_engine_device_properties_prov30.cpp index f9d2f30..96105c6 100644 --- a/mock/src/oemcrypto_engine_device_properties_prov30.cpp +++ b/mock/src/oemcrypto_engine_device_properties_prov30.cpp @@ -1,4 +1,6 @@ -// Copyright 2016 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_engine_mock.cpp b/mock/src/oemcrypto_engine_mock.cpp index 51987b7..ef73967 100644 --- a/mock/src/oemcrypto_engine_mock.cpp +++ b/mock/src/oemcrypto_engine_mock.cpp @@ -1,4 +1,6 @@ -// Copyright 2013 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_engine_mock.h b/mock/src/oemcrypto_engine_mock.h index 791c771..85e4128 100644 --- a/mock/src/oemcrypto_engine_mock.h +++ b/mock/src/oemcrypto_engine_mock.h @@ -1,4 +1,6 @@ -// Copyright 2013 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_key_mock.cpp b/mock/src/oemcrypto_key_mock.cpp index 8f7832b..fa0b108 100644 --- a/mock/src/oemcrypto_key_mock.cpp +++ b/mock/src/oemcrypto_key_mock.cpp @@ -1,4 +1,6 @@ -// Copyright 2013 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_key_mock.h b/mock/src/oemcrypto_key_mock.h index 3c5f3b3..dab47e8 100644 --- a/mock/src/oemcrypto_key_mock.h +++ b/mock/src/oemcrypto_key_mock.h @@ -1,4 +1,6 @@ -// Copyright 2013 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_keybox_mock.cpp b/mock/src/oemcrypto_keybox_mock.cpp index 318d049..70e909c 100644 --- a/mock/src/oemcrypto_keybox_mock.cpp +++ b/mock/src/oemcrypto_keybox_mock.cpp @@ -1,4 +1,6 @@ -// Copyright 2013 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_keybox_mock.h b/mock/src/oemcrypto_keybox_mock.h index f351b76..3609a01 100644 --- a/mock/src/oemcrypto_keybox_mock.h +++ b/mock/src/oemcrypto_keybox_mock.h @@ -1,4 +1,6 @@ -// Copyright 2013 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_keybox_testkey.cpp b/mock/src/oemcrypto_keybox_testkey.cpp index 71f2a15..3b6b91b 100644 --- a/mock/src/oemcrypto_keybox_testkey.cpp +++ b/mock/src/oemcrypto_keybox_testkey.cpp @@ -1,4 +1,6 @@ -// Copyright 2014 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Test keybox. diff --git a/mock/src/oemcrypto_logging.cpp b/mock/src/oemcrypto_logging.cpp index b1ef8c6..3379fe0 100644 --- a/mock/src/oemcrypto_logging.cpp +++ b/mock/src/oemcrypto_logging.cpp @@ -1,4 +1,6 @@ -// Copyright 2014 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. #include "oemcrypto_logging.h" diff --git a/mock/src/oemcrypto_mock.cpp b/mock/src/oemcrypto_mock.cpp index 09f1ada..35f3865 100644 --- a/mock/src/oemcrypto_mock.cpp +++ b/mock/src/oemcrypto_mock.cpp @@ -1,4 +1,6 @@ -// Copyright 2013 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Reference implementation of OEMCrypto APIs // @@ -115,7 +117,7 @@ extern "C" OEMCryptoResult OEMCrypto_OpenSession(OEMCrypto_SESSION* session) { SessionId sid = crypto_engine->CreateSession(); *session = (OEMCrypto_SESSION)sid; if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) { - LOGD("[OEMCrypto_OpenSession(): SID=%08x]", sid); + LOGD("[OEMCrypto_OpenSession(): SID=%08X]", sid); } return OEMCrypto_SUCCESS; } @@ -238,7 +240,7 @@ extern "C" OEMCryptoResult OEMCrypto_GenerateNonce(OEMCrypto_SESSION session, session_ctx->AddNonce(nonce_value); *nonce = nonce_value; if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) { - LOGI("nonce = %08x\n", nonce_value); + LOGI("nonce = %08X\n", nonce_value); } return OEMCrypto_SUCCESS; } diff --git a/mock/src/oemcrypto_nonce_table.cpp b/mock/src/oemcrypto_nonce_table.cpp index 0945e16..6e072ac 100644 --- a/mock/src/oemcrypto_nonce_table.cpp +++ b/mock/src/oemcrypto_nonce_table.cpp @@ -1,4 +1,6 @@ -// Copyright 2017 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_nonce_table.h b/mock/src/oemcrypto_nonce_table.h index 293c02b..7b8072e 100644 --- a/mock/src/oemcrypto_nonce_table.h +++ b/mock/src/oemcrypto_nonce_table.h @@ -1,4 +1,6 @@ -// Copyright 2017 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_old_usage_table_mock.cpp b/mock/src/oemcrypto_old_usage_table_mock.cpp index 033747d..b82c123 100644 --- a/mock/src/oemcrypto_old_usage_table_mock.cpp +++ b/mock/src/oemcrypto_old_usage_table_mock.cpp @@ -1,4 +1,6 @@ -// Copyright 2013 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_old_usage_table_mock.h b/mock/src/oemcrypto_old_usage_table_mock.h index f59fba5..beede04 100644 --- a/mock/src/oemcrypto_old_usage_table_mock.h +++ b/mock/src/oemcrypto_old_usage_table_mock.h @@ -1,4 +1,6 @@ - // Copyright 2013 Google Inc. All Rights Reserved. + // Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary + // source code may only be used and distributed under the Widevine Master + // License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_rsa_key_shared.cpp b/mock/src/oemcrypto_rsa_key_shared.cpp index ff65577..2aa668a 100644 --- a/mock/src/oemcrypto_rsa_key_shared.cpp +++ b/mock/src/oemcrypto_rsa_key_shared.cpp @@ -1,4 +1,6 @@ -// Copyright 2013 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // @@ -14,20 +16,19 @@ #include "oemcrypto_logging.h" -namespace { - -void dump_openssl_error() { - while (unsigned long err = ERR_get_error()) { - char buffer[120]; - LOGE("openssl error -- %lu -- %s", - err, ERR_error_string(err, buffer)); - } -} - -} // namespace - namespace wvoec_mock { +void dump_boringssl_error() { + int count = 0; + while (unsigned long err = ERR_get_error()) { + count++; + char buffer[120]; + ERR_error_string_n(err, buffer, sizeof(buffer)); + LOGE("BoringSSL Error %d -- %lu -- %s", count, err, buffer); + } + LOGE("Reported %d BoringSSL Errors", count); +} + void RSA_shared_ptr::reset() { if (rsa_key_ && key_owned_) { RSA_free(rsa_key_); @@ -52,6 +53,7 @@ bool RSA_shared_ptr::LoadPkcs8RsaKey(const uint8_t* buffer, size_t length) { pkcs8_pki = d2i_PKCS8_PRIV_KEY_INFO_bio(bio, NULL); if (pkcs8_pki == NULL) { LOGE("[LoadPkcs8RsaKey(): d2i_PKCS8_PRIV_KEY_INFO_bio returned NULL]"); + dump_boringssl_error(); success = false; } } @@ -60,6 +62,7 @@ bool RSA_shared_ptr::LoadPkcs8RsaKey(const uint8_t* buffer, size_t length) { evp = EVP_PKCS82PKEY(pkcs8_pki); if (evp == NULL) { LOGE("[LoadPkcs8RsaKey(): EVP_PKCS82PKEY returned NULL]"); + dump_boringssl_error(); success = false; } } @@ -86,11 +89,11 @@ bool RSA_shared_ptr::LoadPkcs8RsaKey(const uint8_t* buffer, size_t length) { return true; case 0: // not valid. LOGE("[LoadPkcs8RsaKey(): rsa key not valid]"); - dump_openssl_error(); + dump_boringssl_error(); return false; default: // -1 == check failed. LOGE("[LoadPkcs8RsaKey(): error checking rsa key]"); - dump_openssl_error(); + dump_boringssl_error(); return false; } } diff --git a/mock/src/oemcrypto_rsa_key_shared.h b/mock/src/oemcrypto_rsa_key_shared.h index 4a815e9..f39aa8d 100644 --- a/mock/src/oemcrypto_rsa_key_shared.h +++ b/mock/src/oemcrypto_rsa_key_shared.h @@ -1,4 +1,6 @@ -// Copyright 2016 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // @@ -32,6 +34,9 @@ class RSA_shared_ptr { bool key_owned_; }; +// Log errors from BoringSSL. +void dump_boringssl_error(); + } // namespace wvoec_mock #endif // OEMCRYPTO_RSA_KEY_SHARED_H_ diff --git a/mock/src/oemcrypto_session.cpp b/mock/src/oemcrypto_session.cpp index 4a80985..e76754c 100644 --- a/mock/src/oemcrypto_session.cpp +++ b/mock/src/oemcrypto_session.cpp @@ -1,4 +1,6 @@ -// Copyright 2017 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // @@ -43,15 +45,6 @@ void ctr128_inc64(uint8_t* counter) { if (++counter[--n] != 0) return; } while (n > 8); } - -void dump_boringssl_error() { - while (unsigned long err = ERR_get_error()) { - char buffer[120]; - ERR_error_string_n(err, buffer, sizeof(buffer)); - LOGE("BoringSSL Error -- %lu -- %s", err, buffer); - } -} - } // namespace namespace wvoec_mock { @@ -715,7 +708,7 @@ OEMCryptoResult SessionContext::LoadEntitledContentKeys( key_data->content_key_id, key_data->content_key_id + key_data->content_key_id_length); if (!DecryptMessage(*entitlement_key, iv, encrypted_content_key, - &content_key)) { + &content_key, 256 /* key size */)) { return OEMCrypto_ERROR_UNKNOWN_FAILURE; } if (!session_keys_->SetContentKey(entitlement_key_id, content_key_id, @@ -735,7 +728,8 @@ OEMCryptoResult SessionContext::InstallKey( std::vector content_key; std::vector key_control_str; - if (!DecryptMessage(encryption_key_, key_data_iv, key_data, &content_key)) { + if (!DecryptMessage(encryption_key_, key_data_iv, key_data, &content_key, + 128 /* key size */)) { LOGE("[Installkey(): Could not decrypt key data]"); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } @@ -758,7 +752,7 @@ OEMCryptoResult SessionContext::InstallKey( return OEMCrypto_ERROR_INVALID_CONTEXT; } if (!DecryptMessage(content_key, key_control_iv, key_control, - &key_control_str)) { + &key_control_str, 128 /* key size */)) { LOGE("[Installkey(): ERROR: Could not decrypt content key]"); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } @@ -890,7 +884,7 @@ OEMCryptoResult SessionContext::RefreshKey( LOGD("Key control block is encrypted."); } if (!DecryptMessage(content_key_value, key_control_iv, key_control, - &control)) { + &control, 128 /* key size */)) { if (LogCategoryEnabled(kLoggingDumpKeyControlBlocks)) { LOGD("Error decrypting key control block."); } @@ -1179,7 +1173,8 @@ bool SessionContext::UpdateMacKeys(const std::vector& enc_mac_keys, const std::vector& iv) { // Decrypt mac key from enc_mac_key using device_keya std::vector mac_keys; - if (!DecryptMessage(encryption_key_, iv, enc_mac_keys, &mac_keys)) { + if (!DecryptMessage(encryption_key_, iv, enc_mac_keys, &mac_keys, + 128 /* key size */)) { return false; } mac_key_server_ = std::vector( @@ -1327,7 +1322,8 @@ OEMCryptoResult SessionContext::CopyOldUsageEntry( bool SessionContext::DecryptMessage(const std::vector& key, const std::vector& iv, const std::vector& message, - std::vector* decrypted) { + std::vector* decrypted, + uint32_t key_size) { if (key.empty() || iv.empty() || message.empty() || !decrypted) { LOGE("[DecryptMessage(): OEMCrypto_ERROR_INVALID_CONTEXT]"); return false; @@ -1336,7 +1332,7 @@ bool SessionContext::DecryptMessage(const std::vector& key, uint8_t iv_buffer[16]; memcpy(iv_buffer, &iv[0], 16); AES_KEY aes_key; - AES_set_decrypt_key(&key[0], key.size() * 8, &aes_key); + AES_set_decrypt_key(&key[0], key_size, &aes_key); AES_cbc_encrypt(&message[0], &(decrypted->front()), message.size(), &aes_key, iv_buffer, AES_DECRYPT); return true; diff --git a/mock/src/oemcrypto_session.h b/mock/src/oemcrypto_session.h index ea653a5..ff81932 100644 --- a/mock/src/oemcrypto_session.h +++ b/mock/src/oemcrypto_session.h @@ -1,4 +1,6 @@ -// Copyright 2017 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // @@ -189,7 +191,8 @@ class SessionContext { bool DecryptMessage(const std::vector& key, const std::vector& iv, const std::vector& message, - std::vector* decrypted); + std::vector* decrypted, + uint32_t key_size); // AES key size, in bits. // Either verify the nonce or usage entry, as required by the key control // block. OEMCryptoResult CheckNonceOrEntry(const KeyControlBlock& key_control_block); diff --git a/mock/src/oemcrypto_session_key_table.cpp b/mock/src/oemcrypto_session_key_table.cpp index 5eec8d6..c7a1ae6 100644 --- a/mock/src/oemcrypto_session_key_table.cpp +++ b/mock/src/oemcrypto_session_key_table.cpp @@ -1,4 +1,6 @@ -// Copyright 2017 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_session_key_table.h b/mock/src/oemcrypto_session_key_table.h index 221db3b..3f6a4f4 100644 --- a/mock/src/oemcrypto_session_key_table.h +++ b/mock/src/oemcrypto_session_key_table.h @@ -1,4 +1,6 @@ -// Copyright 2017 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_usage_table_mock.cpp b/mock/src/oemcrypto_usage_table_mock.cpp index 4285e95..8ad51bc 100644 --- a/mock/src/oemcrypto_usage_table_mock.cpp +++ b/mock/src/oemcrypto_usage_table_mock.cpp @@ -1,4 +1,6 @@ -// Copyright 2013 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/oemcrypto_usage_table_mock.h b/mock/src/oemcrypto_usage_table_mock.h index 4ec70be..1dcfe6e 100644 --- a/mock/src/oemcrypto_usage_table_mock.h +++ b/mock/src/oemcrypto_usage_table_mock.h @@ -1,4 +1,6 @@ -// Copyright 2013 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Mock implementation of OEMCrypto APIs // diff --git a/mock/src/wv_keybox.h b/mock/src/wv_keybox.h index 6fdd0fa..af3bffc 100644 --- a/mock/src/wv_keybox.h +++ b/mock/src/wv_keybox.h @@ -1,4 +1,6 @@ -// Copyright 2013 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. #ifndef WV_KEYBOX_H_ #define WV_KEYBOX_H_ diff --git a/mock/src/wvcrc.cpp b/mock/src/wvcrc.cpp index 8c5025c..3683bc1 100644 --- a/mock/src/wvcrc.cpp +++ b/mock/src/wvcrc.cpp @@ -1,4 +1,6 @@ -// Copyright 2012 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Compute CRC32 Checksum. Needed for verification of WV Keybox. // diff --git a/mock/src/wvcrc32.h b/mock/src/wvcrc32.h index db18039..b81a7db 100644 --- a/mock/src/wvcrc32.h +++ b/mock/src/wvcrc32.h @@ -1,4 +1,6 @@ -// Copyright 2013 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Compute CRC32 Checksum. Needed for verification of WV Keybox. // diff --git a/mock/test/oemcrypto_logging_test.cpp b/mock/test/oemcrypto_logging_test.cpp index 8b5da34..f21b4a8 100644 --- a/mock/test/oemcrypto_logging_test.cpp +++ b/mock/test/oemcrypto_logging_test.cpp @@ -1,4 +1,6 @@ -// Copyright 2014 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. #include "OEMCryptoCENC.h" diff --git a/test/oec_device_features.cpp b/test/oec_device_features.cpp index 4b6317b..5d31313 100644 --- a/test/oec_device_features.cpp +++ b/test/oec_device_features.cpp @@ -1,4 +1,6 @@ -// Copyright 2016 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // OEMCrypto device features for unit tests // @@ -186,8 +188,8 @@ bool DeviceFeatures::IsTestKeyboxInstalled() { size_t key_data_len = sizeof(key_data); if (OEMCrypto_GetKeyData(key_data, &key_data_len) != OEMCrypto_SUCCESS) return false; - if (key_data_len != sizeof(kTestKeybox.data_)) return false; - if (memcmp(key_data, kTestKeybox.data_, key_data_len)) return false; + if (key_data_len != sizeof(kValidKeybox01.data_)) return false; + if (memcmp(key_data, kValidKeybox01.data_, key_data_len)) return false; uint8_t dev_id[128] = {0}; size_t dev_id_len = 128; if (OEMCrypto_GetDeviceID(dev_id, &dev_id_len) != OEMCrypto_SUCCESS) @@ -195,8 +197,8 @@ bool DeviceFeatures::IsTestKeyboxInstalled() { // We use strncmp instead of memcmp because we don't really care about the // multiple '\0' characters at the end of the device id. return 0 == strncmp(reinterpret_cast(dev_id), - reinterpret_cast(kTestKeybox.device_id_), - sizeof(kTestKeybox.device_id_)); + reinterpret_cast(kValidKeybox01.device_id_), + sizeof(kValidKeybox01.device_id_)); } void DeviceFeatures::FilterOut(std::string* current_filter, diff --git a/test/oec_session_util.cpp b/test/oec_session_util.cpp index bcfa533..8a0cdcf 100644 --- a/test/oec_session_util.cpp +++ b/test/oec_session_util.cpp @@ -1,4 +1,6 @@ -// Copyright 2016 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // OEMCrypto unit tests // @@ -105,8 +107,9 @@ Session::Session() enc_key_(wvcdm::KEY_SIZE), public_rsa_(0), message_size_(sizeof(MessageData)), - num_keys_(4) { // Most tests only use 4 keys. - // Other tests will explicitly call set_num_keys. + num_keys_(4), // Most tests only use 4 keys. + // Other tests will explicitly call set_num_keys. + has_entitlement_license_(false) { // Stripe the padded message. for (size_t i = 0; i < sizeof(padded_message_.padding); i++) { padded_message_.padding[i] = i % 0x100; @@ -310,6 +313,7 @@ void Session::LoadEnitlementTestKeys(const std::string& pst, } void Session::FillEntitledKeyArray() { + has_entitlement_license_ = true; for (size_t i = 0; i < num_keys_; ++i) { EntitledContentKeyData* key_data = &entitled_key_data_[i]; @@ -594,10 +598,10 @@ void Session::EncryptAndSign() { AES_cbc_encrypt(&license_.mac_keys[0], &encrypted_license().mac_keys[0], 2 * wvcdm::MAC_KEY_SIZE, &aes_key, iv_buffer, AES_ENCRYPT); + int key_size = has_entitlement_license() ? 256 : 128; for (unsigned int i = 0; i < num_keys_; i++) { memcpy(iv_buffer, &license_.keys[i].control_iv[0], wvcdm::KEY_IV_SIZE); - AES_set_encrypt_key(&license_.keys[i].key_data[0], - license_.keys[i].key_data_length * 8, &aes_key); + AES_set_encrypt_key(&license_.keys[i].key_data[0], key_size, &aes_key); AES_cbc_encrypt( reinterpret_cast(&license_.keys[i].control), reinterpret_cast(&encrypted_license().keys[i].control), diff --git a/test/oec_session_util.h b/test/oec_session_util.h index 15c123a..6a2ff55 100644 --- a/test/oec_session_util.h +++ b/test/oec_session_util.h @@ -1,7 +1,9 @@ #ifndef CDM_OEC_SESSION_UTIL_H_ #define CDM_OEC_SESSION_UTIL_H_ -// Copyright 2016 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // OEMCrypto unit tests // @@ -370,6 +372,9 @@ class Session { // The size of the encrypted message. size_t message_size() { return message_size_; } + // If this session has an entitlement license. + bool has_entitlement_license() const { return has_entitlement_license_; } + private: // Generate mac and enc keys give the master key. void DeriveKeys(const uint8_t* master_key, @@ -399,6 +404,7 @@ class Session { vector encrypted_usage_entry_; uint32_t usage_entry_number_; string pst_; + bool has_entitlement_license_; // Clear Entitlement key data. This is the backing data for // |entitled_key_array_|. diff --git a/test/oec_test_data.h b/test/oec_test_data.h index 5abfe2b..23e5d77 100644 --- a/test/oec_test_data.h +++ b/test/oec_test_data.h @@ -1,4 +1,6 @@ -// Copyright 2016 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // Test data for OEMCrypto unit tests. // diff --git a/test/oemcrypto_session_tests_helper.cpp b/test/oemcrypto_session_tests_helper.cpp index 229a168..1a1b09b 100644 --- a/test/oemcrypto_session_tests_helper.cpp +++ b/test/oemcrypto_session_tests_helper.cpp @@ -104,10 +104,10 @@ void SessionUtil::EnsureTestKeys() { case DeviceFeatures::LOAD_TEST_KEYBOX: keybox_ = kTestKeybox; /* Note: If you are upgrading from an older version, it may be easier to - * uncomment the following line. This uses the same test keybox as we + * force the following condition. This uses the same test keybox as we * used in older versions of this test. */ - // keybox_ = kValidKeybox01; + if (global_features.api_version < 14) keybox_ = kValidKeybox01; ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_LoadTestKeybox( reinterpret_cast(&keybox_), @@ -117,8 +117,8 @@ void SessionUtil::EnsureTestKeys() { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_LoadTestRSAKey()); break; case DeviceFeatures::EXISTING_TEST_KEYBOX: - // already has test keybox. - keybox_ = kTestKeybox; + // already has old test keybox. + keybox_ = kValidKeybox01; break; case DeviceFeatures::FORCE_TEST_KEYBOX: keybox_ = kTestKeybox; diff --git a/test/oemcrypto_test.cpp b/test/oemcrypto_test.cpp index 1611e19..ba65907 100644 --- a/test/oemcrypto_test.cpp +++ b/test/oemcrypto_test.cpp @@ -1,4 +1,6 @@ -// Copyright 2013 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // OEMCrypto unit tests // @@ -828,7 +830,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithNoMAC) { ASSERT_EQ(expected_signature, signature); } -TEST_F(OEMCryptoSessionTests, LoadEntitlementKeys) { +TEST_F(OEMCryptoSessionTests, LoadEntitlementKeysAPI14) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); @@ -841,7 +843,7 @@ TEST_F(OEMCryptoSessionTests, LoadEntitlementKeys) { ASSERT_NO_FATAL_FAILURE(s.LoadEntitledContentKeys()); } -TEST_F(OEMCryptoSessionTests, LoadEntitlementKeysNoEntitlementKeys) { +TEST_F(OEMCryptoSessionTests, LoadEntitlementKeysNoEntitlementKeysAPI14) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); diff --git a/test/oemcrypto_test_android.cpp b/test/oemcrypto_test_android.cpp index 6ccff63..755dd1e 100644 --- a/test/oemcrypto_test_android.cpp +++ b/test/oemcrypto_test_android.cpp @@ -1,4 +1,6 @@ -// Copyright 2013 Google Inc. All Rights Reserved. +// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary +// source code may only be used and distributed under the Widevine Master +// License Agreement. // // OEMCrypto unit tests - extra tests required for Android platform. //