widevine-partner/whitebox
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update ODK to v17.1 and add tests

Browse Source
This commit is contained in:
Jacob Trimble
2022-12-12 16:53:41 -08:00
parent 66820d41c5
commit 178496c8b4
20 changed files with 615 additions and 222 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
whitebox/WORKSPACE
View File

@@ -65,8 +65,8 @@ http_archive(
new_git_repository(
name = "odk_repo",
build_file = "//external:odk.BUILD",
commit = "c1401c6a1cc6a4378b6aa3d1c3d3f1f58278616e",
remote = "https://widevine-partner.googlesource.com/oemcrypto_core_message.git",
commit = "5232c51e33dc2b61d8b8a7414063696e8aaac49b", # v17.1
remote = "https://widevine-partner.googlesource.com/oemcrypto",
)
bind(

4
whitebox/api/BUILD
View File

@@ -164,7 +164,7 @@ cc_library(
":license_whitebox",
":shared_settings",
":test_key_types",
"//chromium_deps/cdm/protos:license_protocol_proto",
"//chromium_deps/cdm/protos",
],
)
@@ -191,7 +191,7 @@ cc_library(
":test_license_provider_keys",
":test_server",
"//chromium_deps/cdm/keys:dev_certs",
"//chromium_deps/cdm/protos:license_protocol_proto",
"//chromium_deps/cdm/protos",
"//crypto_utils:aes_cbc_encryptor",
"//crypto_utils:crypto_util",
"//external:odk",

164
whitebox/api/license_whitebox_process_license_response_core_message_test.cc
View File

@@ -2,6 +2,7 @@
#include "api/license_whitebox.h"
#include <tuple>
#include <vector>
#include "api/license_whitebox_test_base.h"
@@ -11,6 +12,9 @@
namespace widevine {
using OdkVersion = TestLicenseBuilder::OdkVersion;
using Padding = TestLicenseBuilder::Padding;
constexpr const Padding kNoSigningKey = static_cast<Padding>(0xff);
class LicenseWhiteboxProcessLicenseResponseWithCoreMessageTest
: public LicenseWhiteboxTestBase {
@@ -42,9 +46,18 @@ class LicenseWhiteboxProcessLicenseResponseWithCoreMessageTest
// Success tests below test with and without the ODK.
TEST_F(LicenseWhiteboxProcessLicenseResponseWithCoreMessageTest,
SuccessWithoutOdkAndWithoutSigningKey) {
UseLicenseWithoutSigningKey(OdkVersion::kNone);
class LicenseWhiteboxProcessLicenseResponseWithCoreMessageGenericTest
: public LicenseWhiteboxProcessLicenseResponseWithCoreMessageTest,
public testing::WithParamInterface<std::tuple<Padding, OdkVersion>> {};
TEST_P(LicenseWhiteboxProcessLicenseResponseWithCoreMessageGenericTest,
Success) {
if (std::get<0>(GetParam()) == kNoSigningKey) {
UseLicenseWithoutSigningKey(std::get<1>(GetParam()));
} else {
UseLicenseWithSigningKey(std::get<0>(GetParam()), std::get<1>(GetParam()));
}
ASSERT_EQ(
WB_License_ProcessLicenseResponse(
whitebox_, WB_LICENSE_KEY_MODE_DUAL_KEY, license_.core_message.data(),
@@ -54,125 +67,24 @@ TEST_F(LicenseWhiteboxProcessLicenseResponseWithCoreMessageTest,
license_.session_key.size(), kNoProviderKeyId,
license_.request.data(), license_.request.size()),
WB_RESULT_OK);
auto& key = golden_data_.CBCContent().software_crypto_key;
WB_KeyStatus status;
ASSERT_EQ(WB_License_QueryKeyStatus(
whitebox_, WB_KEY_QUERY_TYPE_CONTENT_KEY, key.id.data(),
key.id.size(), &status),
WB_RESULT_OK);
}
TEST_F(LicenseWhiteboxProcessLicenseResponseWithCoreMessageTest,
SuccessWithOdk16_3AndWithoutSigningKey) {
UseLicenseWithoutSigningKey(OdkVersion::k16_3);
ASSERT_EQ(
WB_License_ProcessLicenseResponse(
whitebox_, WB_LICENSE_KEY_MODE_DUAL_KEY, license_.core_message.data(),
license_.core_message.size(), license_.message.data(),
license_.message.size(), license_.signature.data(),
license_.signature.size(), license_.session_key.data(),
license_.session_key.size(), kNoProviderKeyId,
license_.request.data(), license_.request.size()),
WB_RESULT_OK);
}
INSTANTIATE_TEST_SUITE_P(
Success,
LicenseWhiteboxProcessLicenseResponseWithCoreMessageGenericTest,
::testing::Combine(
::testing::Values(kNoSigningKey, Padding::kNone, Padding::kPKSC8),
::testing::Values(OdkVersion::kNone, OdkVersion::k16_3,
OdkVersion::k16_5, OdkVersion::k17_1)));
TEST_F(LicenseWhiteboxProcessLicenseResponseWithCoreMessageTest,
SuccessWithOdk16_5AndWithoutSigningKey) {
UseLicenseWithoutSigningKey(OdkVersion::k16_5);
ASSERT_EQ(
WB_License_ProcessLicenseResponse(
whitebox_, WB_LICENSE_KEY_MODE_DUAL_KEY, license_.core_message.data(),
license_.core_message.size(), license_.message.data(),
license_.message.size(), license_.signature.data(),
license_.signature.size(), license_.session_key.data(),
license_.session_key.size(), kNoProviderKeyId,
license_.request.data(), license_.request.size()),
WB_RESULT_OK);
}
TEST_F(LicenseWhiteboxProcessLicenseResponseWithCoreMessageTest,
SuccessWithoutOdkAndWithSigningKeyNoPadding) {
UseLicenseWithSigningKey(TestLicenseBuilder::Padding::kNone,
OdkVersion::kNone);
ASSERT_EQ(
WB_License_ProcessLicenseResponse(
whitebox_, WB_LICENSE_KEY_MODE_DUAL_KEY, license_.core_message.data(),
license_.core_message.size(), license_.message.data(),
license_.message.size(), license_.signature.data(),
license_.signature.size(), license_.session_key.data(),
license_.session_key.size(), kNoProviderKeyId,
license_.request.data(), license_.request.size()),
WB_RESULT_OK);
}
TEST_F(LicenseWhiteboxProcessLicenseResponseWithCoreMessageTest,
SuccessWithOdk16_3AndWithSigningKeyNoPadding) {
UseLicenseWithSigningKey(TestLicenseBuilder::Padding::kNone,
OdkVersion::k16_3);
ASSERT_EQ(
WB_License_ProcessLicenseResponse(
whitebox_, WB_LICENSE_KEY_MODE_DUAL_KEY, license_.core_message.data(),
license_.core_message.size(), license_.message.data(),
license_.message.size(), license_.signature.data(),
license_.signature.size(), license_.session_key.data(),
license_.session_key.size(), kNoProviderKeyId,
license_.request.data(), license_.request.size()),
WB_RESULT_OK);
}
TEST_F(LicenseWhiteboxProcessLicenseResponseWithCoreMessageTest,
SuccessWithOdk16_5AndWithSigningKeyNoPadding) {
UseLicenseWithSigningKey(TestLicenseBuilder::Padding::kNone,
OdkVersion::k16_5);
ASSERT_EQ(
WB_License_ProcessLicenseResponse(
whitebox_, WB_LICENSE_KEY_MODE_DUAL_KEY, license_.core_message.data(),
license_.core_message.size(), license_.message.data(),
license_.message.size(), license_.signature.data(),
license_.signature.size(), license_.session_key.data(),
license_.session_key.size(), kNoProviderKeyId,
license_.request.data(), license_.request.size()),
WB_RESULT_OK);
}
TEST_F(LicenseWhiteboxProcessLicenseResponseWithCoreMessageTest,
SuccessWithoutOdkAndWithSigningKeyPKSC8Padding) {
UseLicenseWithSigningKey(TestLicenseBuilder::Padding::kPKSC8,
OdkVersion::kNone);
ASSERT_EQ(
WB_License_ProcessLicenseResponse(
whitebox_, WB_LICENSE_KEY_MODE_DUAL_KEY, license_.core_message.data(),
license_.core_message.size(), license_.message.data(),
license_.message.size(), license_.signature.data(),
license_.signature.size(), license_.session_key.data(),
license_.session_key.size(), kNoProviderKeyId,
license_.request.data(), license_.request.size()),
WB_RESULT_OK);
}
TEST_F(LicenseWhiteboxProcessLicenseResponseWithCoreMessageTest,
SuccessWithOdk16_3AndWithSigningKeyPKSC8Padding) {
UseLicenseWithSigningKey(TestLicenseBuilder::Padding::kPKSC8,
OdkVersion::k16_3);
ASSERT_EQ(
WB_License_ProcessLicenseResponse(
whitebox_, WB_LICENSE_KEY_MODE_DUAL_KEY, license_.core_message.data(),
license_.core_message.size(), license_.message.data(),
license_.message.size(), license_.signature.data(),
license_.signature.size(), license_.session_key.data(),
license_.session_key.size(), kNoProviderKeyId,
license_.request.data(), license_.request.size()),
WB_RESULT_OK);
}
TEST_F(LicenseWhiteboxProcessLicenseResponseWithCoreMessageTest,
SuccessWithOdk16_5AndWithSigningKeyPKSC8Padding) {
UseLicenseWithSigningKey(TestLicenseBuilder::Padding::kPKSC8,
OdkVersion::k16_5);
ASSERT_EQ(
WB_License_ProcessLicenseResponse(
whitebox_, WB_LICENSE_KEY_MODE_DUAL_KEY, license_.core_message.data(),
license_.core_message.size(), license_.message.data(),
license_.message.size(), license_.signature.data(),
license_.signature.size(), license_.session_key.data(),
license_.session_key.size(), kNoProviderKeyId,
license_.request.data(), license_.request.size()),
WB_RESULT_OK);
}
// Failure tests
TEST_F(LicenseWhiteboxProcessLicenseResponseWithCoreMessageTest,
InvalidParameterForNullCoreMessage) {
@@ -188,6 +100,20 @@ TEST_F(LicenseWhiteboxProcessLicenseResponseWithCoreMessageTest,
WB_RESULT_INVALID_PARAMETER);
}
TEST_F(LicenseWhiteboxProcessLicenseResponseWithCoreMessageTest,
InvalidParameterForInvalidVersionNumber) {
UseLicenseWithoutSigningKey(OdkVersion::k99);
ASSERT_EQ(
WB_License_ProcessLicenseResponse(
whitebox_, WB_LICENSE_KEY_MODE_DUAL_KEY, license_.core_message.data(),
license_.core_message.size(), license_.message.data(),
license_.message.size(), license_.signature.data(),
license_.signature.size(), license_.session_key.data(),
license_.session_key.size(), kNoProviderKeyId,
license_.request.data(), license_.request.size()),
WB_RESULT_INVALID_PARAMETER);
}
TEST_F(LicenseWhiteboxProcessLicenseResponseWithCoreMessageTest,
InvalidSignatureWithZeroCoreMessageSize) {
UseLicenseWithoutSigningKey(OdkVersion::k16_5);

39
whitebox/api/test_license_builder.cc
View File

@@ -182,7 +182,9 @@ std::string GenerateCoreMessage(const std::string& serialized_request,
uint16_t api_major_version,
uint16_t api_minor_version,
bool use_padding) {
DCHECK_EQ(api_major_version, ODK_MAJOR_VERSION)
DCHECK_GE(api_major_version, ODK_FIRST_VERSION)
<< "Verify ODK library is compatible.";
DCHECK_LE(api_major_version, ODK_MAJOR_VERSION)
<< "Verify ODK library is compatible.";
constexpr uint32_t session_id = 0xcafebabe;
constexpr uint32_t nonce = 0xdeadbeef;
@@ -219,9 +221,14 @@ std::string GenerateCoreMessage(const std::string& serialized_request,
CHECK(oemcrypto_core_message::deserialize::CoreLicenseRequestFromMessage(
request_core_message, &core_request));
oemcrypto_core_message::features::CoreMessageFeatures features =
oemcrypto_core_message::features::CoreMessageFeatures::kDefaultFeatures;
features.maximum_major_version = api_major_version;
features.maximum_minor_version = api_minor_version;
std::string oemcrypto_core_message;
CHECK(oemcrypto_core_message::serialize::CreateCoreLicenseResponseFromProto(
serialized_license_response, core_request, core_message_hash,
features, serialized_license_response, core_request, core_message_hash,
/* nonce_required= */ true, use_padding, &oemcrypto_core_message));
return oemcrypto_core_message;
}
@@ -466,12 +473,32 @@ void AddOperatorSessionKeyToContainer(
container->set_id(key_id.data(), key_id.size());
}
uint16_t GetOdkMajorVersion(TestLicenseBuilder::OdkVersion odk_version) {
switch (odk_version) {
case TestLicenseBuilder::OdkVersion::k16_3:
case TestLicenseBuilder::OdkVersion::k16_5:
case TestLicenseBuilder::OdkVersion::k99:
return 16;
case TestLicenseBuilder::OdkVersion::k17_1:
return 17;
case TestLicenseBuilder::OdkVersion::kNone:
DCHECK(false);
return 0;
default:
CHECK(false) << "Unknown ODK Version";
return 0;
}
}
uint16_t GetOdkMinorVersion(TestLicenseBuilder::OdkVersion odk_version) {
switch (odk_version) {
case TestLicenseBuilder::OdkVersion::k16_3:
case TestLicenseBuilder::OdkVersion::k99:
return 3;
case TestLicenseBuilder::OdkVersion::k16_5:
return 5;
case TestLicenseBuilder::OdkVersion::k17_1:
return 1;
case TestLicenseBuilder::OdkVersion::kNone:
DCHECK(false);
return 0;
@@ -607,11 +634,17 @@ void TestLicenseBuilder::Build(const TestServer& server,
std::string oemcrypto_core_message;
if (settings_.odk_version != OdkVersion::kNone) {
uint16_t api_major_version = 16;
uint16_t api_major_version = GetOdkMajorVersion(settings_.odk_version);;
uint16_t api_minor_version = GetOdkMinorVersion(settings_.odk_version);
oemcrypto_core_message = GenerateCoreMessage(
serialized_request_, message_str, api_major_version, api_minor_version,
settings_.padding != Padding::kNone);
if (settings_.odk_version == OdkVersion::k99) {
// Change the api_major_version field to be too large (invalid)
CHECK_EQ(oemcrypto_core_message[11], 16);
oemcrypto_core_message[11] = 99;
}
}
// If |odk_version| is kNone, |oemcrypto_core_message| will be empty.

3
whitebox/api/test_license_builder.h
View File

@@ -56,6 +56,9 @@ class TestLicenseBuilder {
kNone, // No `core_message`
k16_3, // ODK version 16.3
k16_5, // ODK version 16.5
k17_1, // ODK version 17.1
k99, // ODK 16.3, but with the version set to 99 (an arbitrary value).
};
enum class KeyControlBlock {

28
whitebox/chromium_deps/cdm/protos/BUILD
View File

@@ -1,13 +1,23 @@
# Copyright 2020 Google LLC. All Rights Reserved.
# Protobuf generated code doesn't like it when include prefixes are
# stripped off. So this is a stub to mimic the protobuf C++ header.
cc_library(
name = "license_protocol_proto",
hdrs = ["license_protocol.pb.h"],
strip_include_prefix = "//chromium_deps/cdm/protos",
visibility = ["//visibility:public"],
deps = [
"//chromium_deps/cdm/protos/defs:license_protocol_proto",
# Protocol buffer definitions for Widevine Services.
package(default_visibility = ["//visibility:public"])
load("@com_google_protobuf//:protobuf.bzl", "cc_proto_library")
cc_proto_library(
name = "protos",
srcs = [
"certificate_provisioning.proto",
"client_identification.proto",
"drm_certificate.proto",
"dtcp_usage.proto",
"hash_algorithm.proto",
"license_protocol.proto",
"remote_attestation.proto",
"root_of_trust_id.proto",
],
include = ".",
default_runtime = "@com_google_protobuf//:protobuf",
protoc = "@com_google_protobuf//:protoc",
)

0
whitebox/chromium_deps/cdm/protos/defs/certificate_provisioning.proto → whitebox/chromium_deps/cdm/protos/certificate_provisioning.proto
View File

0
whitebox/chromium_deps/cdm/protos/defs/client_identification.proto → whitebox/chromium_deps/cdm/protos/client_identification.proto
View File

41
whitebox/chromium_deps/cdm/protos/defs/BUILD
View File

@@ -1,41 +0,0 @@
# Copyright 2020 Google LLC. All Rights Reserved.
# Protocol buffer definitions for Widevine Services.
package(default_visibility = ["//visibility:public"])
load("@com_google_protobuf//:protobuf.bzl", "cc_proto_library")
cc_proto_library(
name = "certificate_provisioning_proto",
srcs = ["certificate_provisioning.proto"],
default_runtime = "@com_google_protobuf//:protobuf",
protoc = "@com_google_protobuf//:protoc",
)
cc_proto_library(
name = "client_identification_proto",
srcs = ["client_identification.proto"],
default_runtime = "@com_google_protobuf//:protobuf",
protoc = "@com_google_protobuf//:protoc",
)
cc_proto_library(
name = "license_protocol_proto",
srcs = ["license_protocol.proto"],
default_runtime = "@com_google_protobuf//:protobuf",
protoc = "@com_google_protobuf//:protoc",
deps = [
":client_identification_proto",
":remote_attestation_proto",
],
)
cc_proto_library(
name = "remote_attestation_proto",
srcs = ["remote_attestation.proto"],
default_runtime = "@com_google_protobuf//:protobuf",
protoc = "@com_google_protobuf//:protoc",
deps = [
":client_identification_proto",
],
)

102
whitebox/chromium_deps/cdm/protos/drm_certificate.proto Normal file
View File

@@ -0,0 +1,102 @@
// Copyright 2017 Google LLC. All rights reserved.
// Author: tinskip@google.com (Thomas Inskip)
//
// Description:
// DRM certificate object definition.
syntax = "proto2";
package video_widevine;
import "root_of_trust_id.proto";
option optimize_for = LITE_RUNTIME;
// DRM certificate definition for user devices, intermediate, service, and root
// certificates.
// Next id: 13
message DrmCertificate {
enum Type {
ROOT = 0;
DEVICE_MODEL = 1;
DEVICE = 2;
SERVICE = 3;
PROVISIONER = 4;
}
enum ServiceType {
UNKNOWN_SERVICE_TYPE = 0;
LICENSE_SERVER_SDK = 1;
LICENSE_SERVER_PROXY_SDK = 2;
PROVISIONING_SDK = 3;
CAS_PROXY_SDK = 4;
}
enum Algorithm {
UNKNOWN_ALGORITHM = 0;
RSA = 1;
ECC_SECP256R1 = 2;
ECC_SECP384R1 = 3;
ECC_SECP521R1 = 4;
}
message EncryptionKey {
// |public_key| is required.
// If the |algorithm| is RSA, |public_key| is a PKCS#1 ASN.1 DER-encoded.
// If the |algorithm| is ECC, |public_key_ is encoded as an ASN.1
// DER-encoded SubjectPublicKeyInfo as defined in RFC 5280.
optional bytes public_key = 1;
// Required. The algorithm field contains the curve used to create the
// |public_key| if algorithm is one of the ECC types.
// The |algorithm| is used for both to determine the if the certificate is
// ECC or RSA. The |algorithm| also specifies the parameters that were used
// to create |public_key| and are used to create an ephemeral session key.
optional Algorithm algorithm = 2 [default = RSA];
}
// Type of certificate. Required.
optional Type type = 1;
// 128-bit globally unique serial number of certificate.
// Value is 0 for root certificate. Required.
optional bytes serial_number = 2;
// POSIX time, in seconds, when the certificate was created. Required.
optional uint32 creation_time_seconds = 3;
// POSIX time, in seconds, when the certificate should expire. Value of zero
// denotes indefinite expiry time. For more information on limited lifespan
// DRM certificates see (go/limited-lifespan-drm-certificates).
optional uint32 expiration_time_seconds = 12;
// |public_key| is required.
// If the |algorithm| is RSA, |public_key| is a PKCS#1 ASN.1 DER-encoded.
// If the |algorithm| is ECC, |public_key| is encoded as an ASN.1 DER-encoded
// SubjectPublicKeyInfo as defined in RFC 5280.
optional bytes public_key = 4;
// Widevine system ID for the device. Required for intermediate and
// user device certificates.
optional uint32 system_id = 5;
// Deprecated field, which used to indicate whether the device was a test
// (non-production) device. The test_device field in ProvisionedDeviceInfo
// below should be observed instead.
optional bool test_device_deprecated = 6 [deprecated = true];
// Service identifier (web origin) for the provider which owns the
// certificate. Required for service and provisioner certificates.
optional string provider_id = 7;
// This field is used only when type = SERVICE to specify which SDK uses
// service certificate. This repeated field is treated as a set. A certificate
// may be used for the specified service SDK if the appropriate ServiceType
// is specified in this field.
repeated ServiceType service_types = 8;
// Required. The algorithm field contains the curve used to create the
// |public_key| if algorithm is one of the ECC types.
// The |algorithm| is used for both to determine the if the certificate is ECC
// or RSA. The |algorithm| also specifies the parameters that were used to
// create |public_key| and are used to create an ephemeral session key.
optional Algorithm algorithm = 9 [default = RSA];
// Optional. May be present in DEVICE certificate types. This is the root
// of trust identifier that holds an encrypted value that identifies the
// keybox or other root of trust that was used to provision a DEVICE drm
// certificate.
optional RootOfTrustId rot_id = 10;
// Optional. May be present in devices that explicitly support dual keys. When
// present the |public_key| is used for verification of received license
// request messages.
optional EncryptionKey encryption_key = 11;
}

156
whitebox/chromium_deps/cdm/protos/dtcp_usage.proto Normal file
View File

@@ -0,0 +1,156 @@
// Copyright 2021 Google LLC. All rights reserved.
// Description:
// Definitions of the protocol buffer message used for DTCP2 usage rules.
syntax = "proto2";
package video_widevine;
option optimize_for = LITE_RUNTIME;
// LINT.IfChange
// DTCP2 usage rules used in the license policy.
message DTCPUsageRules {
// This field indicates the value of Retention_State.
enum RetentionState {
// (-- api-linter: core::0126::unspecified=disabled
// aip.dev/not-precedent: name and values are defined in the DTCP
// specification. --)
// Forever
RETENTION_STATE_FOREVER = 0;
// 1 week
RETENTION_STATE_1_WEEK = 1;
// 2 day
RETENTION_STATE_2_DAYS = 2;
// 1 day
RETENTION_STATE_1_DAY = 3;
// 12 hours
RETENTION_STATE_12_HOURS = 4;
// 6 hours
RETENTION_STATE_6_HOURS = 5;
// 3 hours
RETENTION_STATE_3_HOURS = 6;
// 90 minutes
RETENTION_STATE_90_MINUTES = 7;
}
// This field indicates Copy Control Information (CCI).
enum CopyControlInfo {
// Copy freely
COPY_FREE = 0;
// No more copies
COPY_NO_MORE = 1;
// One time copy
COPY_ONE = 2;
// Copy not allowed
COPY_NEVER = 3;
}
// This field indicates Analog Protection System (APS) used to block
// recording devices.
enum AnalogProtectionSystem {
// Copy freely, APS is off
APS_OFF = 0;
// APS is on, Type 1 (AGC)
APS_TYPE1 = 1;
// APS is on, Type 2 (AGC + 2L Colorstripe)
APS_TYPE2 = 2;
// APS is on, Type 3 (AGC + 4L Colorstripe)
APS_TYPE3 = 3;
}
// This field indicates the value of the Image Constraint Token (ICT) that
// controls downsampling of high-definition video.
enum ImageConstraintToken {
// HD analog output, Constrained Image
ICT_CONSTRAINED = 0;
// HD analog out
ICT_HD_ANALOG = 1;
}
// This field indicates the value of Analog Sunset Token (AST) used to limit
// playback to standard definition (SD) only
enum AnalogSunsetToken {
// Asserted
AST_ASSERTED = 0;
// Unasserted
AST_UNASERTED = 1;
}
// This field indicates the value of Digital Only Token (DOT) used to restrict
// output to digital only.
enum DigitalOnlyToken {
// Asserted
DOT_ASSERTED = 0;
// Unasserted
DOT_UNASSERTED = 1;
}
// This field indicates the value of Audio Enhanced Token (AET).
enum AudioEnhancedToken {
// Asserted
AET_ASSERTED = 0;
// Unasserted
AET_UNASSERTED = 1;
}
// This field indicates the value of Standard Digital Output (SDO) token.
enum StandardDigitalOutputToken {
// Unasserted
SDO_UNASSEERTED = 0;
// Asserted, L2 protection is permitted
SDO_ASSEERTED = 1;
}
// This field indicates the value of High Dynamic Rnage (HDR) token.
enum HighDynamicRangeToken {
// Unasserted, SDR conversion is permitted
HDR_UNASSERTED = 0;
// Unasserted, SDR conversion is not permitted
HDR_ASSERTED = 1;
}
// This field indicates the value of the L2 Protection Only token.
enum L2ProtectionOnlyToken {
// Unasserted
L2_ONLY_UNASSERTED = 0;
// Aasserted (L2 protection onl)
L2_ONLY_ASSERTED = 1;
}
// This field indicates the value of the Enhanced Image (EI) token
enum EnhancedImageToken {
// Unasserted, Non-Enhanced Image
EI_UNASSERTED = 0;
// Asserted, Enhanced Image
EI_ASSERTED = 1;
}
// This field indicates whether a further Bound Copy can be made from a
// Bound Copy retained in accordance with the RetentionStatefield.
enum FurtherBoundCopy {
// Furthur Bound Copy Prohibited
FBC_PROHIBITED = 0;
// Furthur Bound Copy Permitted
FBC_PERMITTED = 1;
}
// Indicates if Digital Transmission Control Protection 2 (DTCP2) is required.
optional bool require_dtcp2 = 1 [default = false];
optional CopyControlInfo copy_control = 2;
optional bool encryption_plus = 3;
optional RetentionState retention_state = 4;
optional AnalogProtectionSystem analog_protection_system = 5;
optional ImageConstraintToken image_constraint_token = 6;
optional AnalogSunsetToken analog_sunset_token = 7;
optional DigitalOnlyToken digital_only_token = 8;
optional AudioEnhancedToken audio_enhanced_token = 9;
optional uint32 copy_count = 10;
optional StandardDigitalOutputToken standard_digital_token = 11;
optional HighDynamicRangeToken high_dynamic_token = 12;
optional L2ProtectionOnlyToken l2_only_token = 13;
optional EnhancedImageToken enhaned_image_token = 14;
optional uint32 retention_time = 15;
optional FurtherBoundCopy further_copy = 16;
}
// LINT.ThenChange(//depot/google3/google/chrome/widevine/licensedata/v1/license_policy.proto)

18
whitebox/chromium_deps/cdm/protos/hash_algorithm.proto Normal file
View File

@@ -0,0 +1,18 @@
// Copyright 2020 Google LLC. All rights reserved.
syntax = "proto3";
package video_widevine;
option optimize_for = LITE_RUNTIME;
// LINT.IfChange
enum HashAlgorithmProto {
// Unspecified hash algorithm: SHA_256 shall be used for ECC based algorithms
// and SHA_1 shall be used otherwise.
HASH_ALGORITHM_UNSPECIFIED = 0;
HASH_ALGORITHM_SHA_1 = 1;
HASH_ALGORITHM_SHA_256 = 2;
HASH_ALGORITHM_SHA_384 = 3;
}
// LINT.ThenChange(//depot/google3/google/chrome/widevine/contentpartners/v1beta1/device_security_profiles.proto)

10
whitebox/chromium_deps/cdm/protos/license_protocol.pb.h
View File

@@ -1,10 +0,0 @@
// Copyright 2020 Google LLC. All Rights Reserved.
#ifndef CDM_PROTOS_LICENSE_PROTOCOL_PB_H_
#define CDM_PROTOS_LICENSE_PROTOCOL_PB_H_
// Protobuf generated code doesn't like it when include prefixes are stripped
// off. So simply including the actual generated protobuf C++ header.
#include "chromium_deps/cdm/protos/defs/license_protocol.pb.h"
#endif // CDM_PROTOS_LICENSE_PROTOCOL_PB_H_

205
whitebox/chromium_deps/cdm/protos/defs/license_protocol.proto → whitebox/chromium_deps/cdm/protos/license_protocol.proto
View File

@@ -3,24 +3,24 @@
// Description:
// Definitions of the protocol buffer messages used in the Widevine license
// exchange protocol, described in Widevine license exchange protocol document
// TODO(yawenyu): find out a right way to strip out all the doc link.
// MOE:begin_strip
// Design doc at:
// http://doc/1cng6cDnchbDQDymLEd5MxMc_laS3EDv6IsoW3IzpgwQ
// MOE:end_strip
syntax = "proto2";
package video_widevine;
import "chromium_deps/cdm/protos/defs/client_identification.proto";
import "chromium_deps/cdm/protos/defs/remote_attestation.proto";
import "client_identification.proto";
import "drm_certificate.proto";
import "dtcp_usage.proto";
import "hash_algorithm.proto";
import "remote_attestation.proto";
option optimize_for = LITE_RUNTIME;
enum LicenseType {
STREAMING = 1;
OFFLINE = 2;
// License type decision is left to provider.
AUTOMATIC = 3;
}
enum PlatformVerificationStatus {
@@ -48,11 +48,89 @@ message LicenseIdentification {
optional LicenseType type = 4;
optional int32 version = 5;
optional bytes provider_session_token = 6;
// Set by the SDK representing the rental duration from the initial license.
optional int64 original_rental_duration_seconds = 7;
// Set by the SDK representing the playback duration from the initial license.
optional int64 original_playback_duration_seconds = 8;
// Set by the SDK representing the start time of the initial license in
// seconds (UTC). This is from the original license's license_start_time,
// which is from the LicenseRequest.request_time when set, or set by the
// server to be the time that the original license was processed.
optional int64 original_start_time_seconds = 9;
// Set by the SDK representing the renewal recovery duration from the initial
// license.
optional int64 original_renewal_recovery_duration_seconds = 10;
// Set by the SDK representing the renewal delay seconds from the original
// license.
optional int64 original_renewal_delay_seconds = 11;
}
// This message is used to indicate the license cateogry spec for a license as
// a part of initial license issuance.
// LINT.IfChange
message LicenseCategorySpec {
// Possible license categories.
enum LicenseCategory {
// By default, License is used for single content.
SINGLE_CONTENT_LICENSE_DEFAULT = 0;
// License is used for multiple contents (could be a combination of
// single contents and groups of contents).
MULTI_CONTENT_LICENSE = 1;
// License is used for contents logically grouped.
GROUP_LICENSE = 2;
}
// Optional. License category indicates if license is used for single
// content, multiple contents (could be a combination of
// single contents and groups of contents) or a group of contents.
optional LicenseCategory license_category = 1;
// Optional. Content or group ID covered by the license.
oneof content_or_group_id {
// Content_id would be present if it is a license for single content.
bytes content_id = 2;
// Group_id would be present if the license is a multi_content_license or
// group_license. Group Id could be the name of a group of contents,
// defined by licensor.
bytes group_id = 3;
}
}
// LINT.ThenChange(//depot/google3/google/chrome/widevine/licensedata/v1/session_init.proto)
message ProxyInfo {
// Indicates SDK type(Including UNKNOWN_SERVICE_TYPE, LICENSE_PROXY_SDK,
// CAS_PROXY_SDK).
optional DrmCertificate.ServiceType sdk_type = 1;
// Indicates the version of SDK.
optional string sdk_version = 2;
}
message License {
// LINT.IfChange
message Policy {
// Client-side watermarking restrictions for the license.
enum WatermarkingControl {
// Watermarking may or may not be used, provider does not care.
WATERMARKING_CONTROL_UNSPECIFIED = 0;
// Watermarking must not be used. The device must disable watermarking
// if it supports it.
WATERMARKING_FORBIDDEN = 1;
// Watermarking is required if the device supports it.
WATERMARKING_REQUIRED = 2;
}
// The base for (delayed) timers, i.e. the time from which the delayed timer
// starts.
enum TimerDelayBase {
// Not specified
TIMER_DELAY_BASE_UNSPECIFIED = 0;
// The timer delay is based on `license_start_time`.
LICENSE_START = 1;
// The timer delay is based on the time the license is received by the
// CDM. Playback window begins at license load time.
LICENSE_LOAD = 2;
// The timer delay is based on the time of first decryption.
FIRST_DECRYPT = 3;
}
// Indicates that playback of the content is allowed.
optional bool can_play = 1 [default = false];
@@ -88,8 +166,10 @@ message License {
// specified URL.
optional string renewal_server_url = 8;
// How many seconds after license_start_time, before renewal is first
// attempted.
// How many seconds after |license_start_time| before renewal is first
// attempted. If |renew_with_usage| is true in a new license, then this is
// the optional number of seconds after first playback, before renewal is
// first attempted.
optional int64 renewal_delay_seconds = 9 [default = 0];
// Specifies the delay in seconds between subsequent license
@@ -97,7 +177,8 @@ message License {
optional int64 renewal_retry_interval_seconds = 10 [default = 0];
// Indicates that the license shall be sent for renewal when usage is
// started.
// started, i.e. on first playback. This should only be used for a new
// license. The client shall ignore this if set in a renewal.
optional bool renew_with_usage = 11 [default = false];
// Indicates to client that license renewal and release requests ought to
@@ -106,10 +187,11 @@ message License {
// Duration of grace period before playback_duration_seconds (short window)
// goes into effect. Optional.
// Deprecated in V16.
optional int64 play_start_grace_period_seconds = 13 [default = 0];
// Enables "soft enforcement" of playback_duration_seconds, letting the user
// finish playback even if short window expires. Optional.
// finish playback even if playback window expires. Optional.
optional bool soft_enforce_playback_duration = 14 [default = false];
// Enables "soft enforcement" of rental_duration_seconds. Initial playback
@@ -118,17 +200,39 @@ message License {
// soft_enforce_playback_duration must be true. Otherwise, subsequent
// playbacks will not be allowed once rental duration expires. Optional.
optional bool soft_enforce_rental_duration = 15 [default = true];
// Optional requirement to indicate watermarking is allowed.
optional WatermarkingControl watermarking_control = 16
[default = WATERMARKING_CONTROL_UNSPECIFIED];
// Optional DTCP2 requirements. Default is to not allow dtcp2.
optional DTCPUsageRules dtcp2 = 17;
// The base for `renewal_delay_seconds` for a new license. This should only
// be set for a new license. For renewal licenses this field will be ignored
// and `renewal_delay_seconds` should always be based on
// `license_start_time`. When `initial_renewal_delay_base` is FIRST_DECRYPT,
// the delay of `renewal_delay_seconds` is optional for backward
// compatibility with old clients.
optional TimerDelayBase initial_renewal_delay_base = 18
[default = TIMER_DELAY_BASE_UNSPECIFIED];
}
// LINT.ThenChange(//depot/google3/google/chrome/widevine/licensedata/v1/license_policy.proto)
// LINT.IfChange
message KeyContainer {
enum KeyType {
SIGNING = 1; // Exactly one key of this type must appear.
SIGNING = 1; // No more than one signing key may appear.
CONTENT = 2; // Content key.
KEY_CONTROL = 3; // Key control block for license renewals. No key.
OPERATOR_SESSION = 4; // wrapped keys for auxiliary crypto operations.
ENTITLEMENT = 5; // Entitlement keys.
OEM_CONTENT = 6; // Partner-specific content key.
// Public signing key provided by content providers. Currently used by CAS
// for verifying the received ECM/EMM signature. Only EC key is supported
// for now.
PROVIDER_ECM_VERIFIER_PUBLIC_KEY = 7;
OEM_ENTITLEMENT = 8; // Partner-specific entitlement key.
}
// The SecurityLevel enumeration allows the server to communicate the level
@@ -154,11 +258,15 @@ message License {
HW_SECURE_ALL = 5;
}
// The EncryptionScheme to be used for the content keys. This is applicable
// only to Moho API.
enum EncryptionScheme {
ENCRYPTION_SCHEME_UNSPECIFIED = 0;
AES128_CTR = 1;
AES128_CBC = 2;
}
message KeyControl {
// MOE:begin_strip
// |key_control| is documented here:
// http://doc/1pHSJ2IKL0axmQz2gmDZ7olxPWb_ZcULaJrYwDZAeS7k/edit#heading=h.pua7563f80h6
// MOE:end_strip
// If present, the key control must be communicated to the secure
// environment prior to any usage. This message is automatically generated
// by the Widevine License Server SDK.
@@ -199,11 +307,15 @@ message License {
// allow use of the key anyway.
CURRENT_SRM = 1;
}
optional HdcpSrmRule hdcp_srm_rule = 3 [default = HDCP_SRM_RULE_NONE];
// Optional requirement to indicate analog output is not allowed.
optional bool disable_analog_output = 4 [default = false];
// Optional requirement to indicate digital output is not allowed.
optional bool disable_digital_output = 5 [default = false];
// Optional. If set, it indicates digital video recording (DVR) is
// allowed.
optional bool allow_record = 6 [default = false];
}
message VideoResolutionConstraint {
@@ -224,6 +336,28 @@ message License {
optional bool allow_signature_verify = 4 [default = false];
}
// KeyCategorySpec message is used to identify if current key is generated
// for a single content or a group of contents. Currently it is only used in
// CAS request.
message KeyCategorySpec {
// Represents what kind of content a key is used for.
enum KeyCategory {
// By default, key is created for single content.
SINGLE_CONTENT_KEY_DEFAULT = 0;
// Key is created for a group of contents.
GROUP_KEY = 1;
}
// Indicate if the current key is created for single content or for group
// use.
optional KeyCategory key_category = 1;
// Id for key category. If it is a key for single content, this id
// represents the content_id. Otherwise, it represents a group_id.
oneof content_or_group_id {
bytes content_id = 2;
bytes group_id = 3;
}
}
optional bytes id = 1;
optional bytes iv = 2;
optional bytes key = 3;
@@ -241,7 +375,8 @@ message License {
// be reported.
// NOTE: Use of this feature is not recommended, as it is only supported on
// a small number of platforms.
repeated VideoResolutionConstraint video_resolution_constraints = 10;
repeated VideoResolutionConstraint video_resolution_constraints = 10
[deprecated = true];
// Optional flag to indicate the key must only be used if the client
// supports anti rollback of the user table. Content provider can query the
// client capabilities to determine if the client support this feature.
@@ -249,6 +384,14 @@ message License {
// Optional not limited to commonly known track types such as SD, HD.
// It can be some provider defined label to identify the track.
optional string track_label = 12;
// Optional. It is used to identify if current key is generated for a
// single content or a group of contents. Currently it is only used in CAS
// request.
optional KeyCategorySpec key_category_spec = 13;
// Optional. Used by Moho API for Content key encryption. If unspecified,
// the Moho code uses the encryption scheme of type AES128_CTR.
optional EncryptionScheme encryption_scheme = 14
[default = ENCRYPTION_SCHEME_UNSPECIFIED];
}
// LINT.ThenChange(//depot/google3/google/chrome/widevine/licensedata/v1/key_container.proto)
@@ -259,7 +402,7 @@ message License {
// LicenseRequest.request_time. If this time is not set in the request,
// the local time at the license service is used in this field.
optional int64 license_start_time = 4;
// TODO(b/65054419): Deprecate remote_attestation_verified in favor of
// Deprecate remote_attestation_verified in favor of
// platform_verification_status, below.
optional bool remote_attestation_verified = 5 [default = false];
// Client token generated by the content provider. Optional.
@@ -270,10 +413,6 @@ message License {
// 8 byte verification field "HDCPDATA" followed by unsigned 32 bit minimum
// HDCP SRM version (whether the version is for HDCP1 SRM or HDCP2 SRM
// depends on client max_hdcp_version).
// MOE:begin_strip
// Additional details at:
// http://doc/1MYwkQjcdeP7eMAZGeYCvjlXMO0MqRKTUYk2SlsoSXXc/#heading=h.8l3xqpa3rvfi.
// MOE:end_strip
optional bytes srm_requirement = 8;
// If present this contains a signed SRM file (either HDCP1 SRM or HDCP2 SRM
// depending on client max_hdcp_version) that should be installed on the
@@ -285,6 +424,10 @@ message License {
[default = PLATFORM_NO_VERIFICATION];
// IDs of the groups for which keys are delivered in this license, if any.
repeated bytes group_ids = 11;
// Optional. LicenseCategorySpec is used to indicate the license cateogry for
// a license. It could be used as a part of initial license issuance or shown
// as a part of license in license response.
optional LicenseCategorySpec license_category_spec = 12;
// Optional: The provider key id indicates which provider key was used
// during provider key encryption.
optional uint32 provider_key_id = 13;
@@ -361,6 +504,9 @@ message LicenseRequest {
optional uint32 key_control_nonce = 7;
// Encrypted ClientIdentification message, used for privacy purposes.
optional EncryptedClientIdentification encrypted_client_id = 8;
// The version of the client implementation. This field is optional and
// informational only.
optional string client_version = 9;
}
message LicenseError {
@@ -373,6 +519,8 @@ message LicenseError {
// The service is currently unavailable due to the backend being down
// or similar circumstances.
SERVICE_UNAVAILABLE = 3;
// The device credentials are expired. The device must re-provision.
EXPIRED_DRM_DEVICE_CERTIFICATE = 4;
}
optional Error error_code = 1;
}
@@ -425,8 +573,9 @@ message SignedMessage {
enum SessionKeyType {
UNDEFINED = 0;
WRAPPED_AES_KEY = 1;
EPHERMERAL_ECC_PUBLIC_KEY = 2;
EPHEMERAL_ECC_PUBLIC_KEY = 2;
}
optional MessageType type = 1;
optional bytes msg = 2;
// Required field that contains the signature of the bytes of msg.
@@ -445,10 +594,6 @@ message SignedMessage {
// request for ChromeOS client devices operating in verified mode. Remote
// attestation challenge data is |msg| field above. Optional.
optional RemoteAttestation remote_attestation = 5;
// MOE:begin_strip
// Design doc at:
// http://doc/1LqEzxw1v2CVBx_zv5lVX55FcGKjx6JLnFdXjEUbNTOQ
// MOE:end_strip
repeated MetricData metric_data = 6;
// Version information from the SDK and license service. This information is
@@ -460,4 +605,10 @@ message SignedMessage {
// The core message is the simple serialization of fields used by OEMCrypto.
// This field was introduced in OEMCrypto API v16.
optional bytes oemcrypto_core_message = 9;
// Optional field that indicates the hash algorithm used in signature scheme.
optional HashAlgorithmProto hash_algorithm = 10;
// If true it indicates that a LICENSE message session key was based on an
// alternate key provided by the client credentials.
optional bool using_secondary_key = 11;
}

2
whitebox/chromium_deps/cdm/protos/defs/remote_attestation.proto → whitebox/chromium_deps/cdm/protos/remote_attestation.proto
View File

@@ -8,7 +8,7 @@ syntax = "proto2";
package video_widevine;
import "chromium_deps/cdm/protos/defs/client_identification.proto";
import "client_identification.proto";
option optimize_for = LITE_RUNTIME;

44
whitebox/chromium_deps/cdm/protos/root_of_trust_id.proto Normal file
View File

@@ -0,0 +1,44 @@
// Copyright 2021 Google LLC. All rights reserved.
syntax = "proto2";
package video_widevine;
option optimize_for = LITE_RUNTIME;
// Definition of the root of trust identifier proto. The proto message contains
// the EC-IES encrypted identifier (e.g. keybox unique id) for a device and
// an associated hash. These can be used by Widevine to identify the root of
// trust that was used to acquire a DRM certificate.
//
// In addition to the encrypted part and the hash, the proto contains the
// version of the root of trust id which implies the EC key algorithm that was
// used.
// Next id: 5
message RootOfTrustId {
// The version specifies the EC algorithm that was used to generate the
// root of trust id.
enum RootOfTrustIdVersion {
// Should not be used.
ROOT_OF_TRUST_ID_VERSION_UNSPECIFIED = 0;
// Version 1 of the ID uses EC-IES with SECP256R1 curve.
ROOT_OF_TRUST_ID_VERSION_1 = 1;
}
optional RootOfTrustIdVersion version = 1;
// The key_id is used for key rotation. It indicates which key was used to
// generate the root of trust id.
optional uint32 key_id = 2;
// The EC-IES encrypted message containing the unique_id. The bytes are
// a concatenation of
// 1) The ephemeral public key. Uncompressed keypoint format per X9.62.
// 2) The plaintext encrypted with the derived AES key using AES CBC,
// PKCS7 padding and a zerio iv.
// 3) The HMAC SHA256 of the cipher text.
optional bytes encrypted_unique_id = 3;
// The hash of encrypted unique id and other values.
// unique_id_hash = SHA256(
// encrypted_unique_id || system_id || SHA256(unique_id || secret_sauce)).
optional bytes unique_id_hash = 4;
}

2
whitebox/external/odk.BUILD vendored
View File

@@ -29,6 +29,7 @@ cc_library(
":odk_common_hdrs",
],
hdrs = [
"oemcrypto/odk/include/core_message_features.h",
"oemcrypto/odk/include/OEMCryptoCENCCommon.h",
"oemcrypto/odk/include/odk.h",
"oemcrypto/odk/include/odk_attributes.h",
@@ -46,6 +47,7 @@ cc_library(
name = "serialization",
srcs = [
"oemcrypto/odk/src/core_message_deserialize.cpp",
"oemcrypto/odk/src/core_message_features.cpp",
"oemcrypto/odk/src/core_message_serialize.cpp",
"oemcrypto/odk/src/core_message_serialize_proto.cpp",
":odk_common_hdrs",

3
whitebox/odk_deps/BUILD
View File

@@ -7,7 +7,6 @@ cc_library(
hdrs = ["license_protocol.pb.h"],
strip_include_prefix = "//odk_deps/",
deps = [
"//chromium_deps/cdm/protos/defs:certificate_provisioning_proto",
"//chromium_deps/cdm/protos/defs:license_protocol_proto",
"//chromium_deps/cdm/protos",
],
)

4
whitebox/odk_deps/license_protocol.pb.h
View File

@@ -5,7 +5,7 @@
// Because the Android repo combines the two protobufs, we need to include both
// of them in this header so that the ODK code can find it.
#include "chromium_deps/cdm/protos/defs/certificate_provisioning.pb.h"
#include "chromium_deps/cdm/protos/defs/license_protocol.pb.h"
#include "chromium_deps/cdm/protos/certificate_provisioning.pb.h"
#include "chromium_deps/cdm/protos/license_protocol.pb.h"
#endif // ODK_DEPS_LICENSE_PROTOCOL_PB_H_

8
whitebox/reference/impl/BUILD
View File

@@ -47,7 +47,7 @@ cc_library(
deps = [
"//api:license_whitebox",
"//api:shared_settings",
"//chromium_deps/cdm/protos:license_protocol_proto",
"//chromium_deps/cdm/protos",
],
)
@@ -69,7 +69,7 @@ cc_library(
":renewal_key",
"//api:result",
"//api:shared_settings",
"//chromium_deps/cdm/protos:license_protocol_proto",
"//chromium_deps/cdm/protos",
"//crypto_utils:aes_cbc_decryptor",
"//crypto_utils:crypto_util",
],
@@ -95,7 +95,7 @@ cc_library(
":license_parser",
"//api:shared_settings",
"//chromium_deps/base:glog",
"//chromium_deps/cdm/protos:license_protocol_proto",
"//chromium_deps/cdm/protos",
"//crypto_utils:crypto_util",
],
)
@@ -172,7 +172,7 @@ cc_library(
"//api:result",
"//api:shared_settings",
"//chromium_deps/cdm/keys:dev_certs",
"//chromium_deps/cdm/protos:license_protocol_proto",
"//chromium_deps/cdm/protos",
"//crypto_utils:aes_cbc_decryptor",
"//crypto_utils:aes_cbc_encryptor",
"//crypto_utils:aes_ctr_encryptor",