widevine-partner/whitebox
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add table init apis to reference whitebox

Browse Source 
Tested: `bazel test reference/...`
This commit is contained in:
Feras Aldahlawi
2023-10-05 14:26:01 -07:00
parent de6653061e
commit 544e080394
7 changed files with 76 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
whitebox/api/license_whitebox.h
View File

@@ -100,6 +100,20 @@ WB_Result WB_License_Create(const uint8_t* whitebox_init_data,
// result in a no-op.
void WB_License_Delete(WB_License_Whitebox* whitebox);
// Initializes tables and data needed for the WB_License_SignLicenseRequest()
// function.
//
// Only the first successfull call is processed. subsequent calls are no-op. Can
// be called on the same thread or on a different thread before, while or after
// WB_License_Create(), WB_License_Delete() are called, but must be called and
// completed before other whitebox methods are called, including
// WB_License_SignLicenseRequest().
//
// Returns:
// WB_RESULT_OK if the initialization succeeded.
// WB_RESULT_INVALID_STATE otherwise.
WB_Result WB_License_SignLicenseRequest_Init();
// Signs a license request using the CDM's private signing key.
//
// Args:
@@ -126,12 +140,30 @@ void WB_License_Delete(WB_License_Whitebox* whitebox);
//
// WB_RESULT_BUFFER_TOO_SMALL if |signature_size| (as input) was less than the
// required size.
//
// WB_RESULT_INVALID_STATE if WB_License_SignLicenseRequest_Init() has not been
// called and completed.
WB_Result WB_License_SignLicenseRequest(const WB_License_Whitebox* whitebox,
const uint8_t* license_request,
size_t license_request_size,
uint8_t* signature,
size_t* signature_size);
// Initializes tables and data needed for the
// WB_License_ProcessLicenseResponse() function.
//
//
// Only the first successfull call is processed. subsequent calls are no-op. Can
// be called on the same thread or on a different thread before, while or after
// WB_License_Create(), WB_License_Delete(), or WB_License_SignLicenseRequest()
// are called, but must be called and completed before other whitebox methods
// are called, including WB_License_ProcessLicenseResponse().
//
// Returns:
// WB_RESULT_OK if the initialization succeeded.
// WB_RESULT_INVALID_STATE otherwise.
WB_Result WB_License_ProcessLicenseResponse_Init();
// Verifies a license response using HMAC and the server signing key.
//
// Extracts and loads content and signing keys for use. Any content keys that
@@ -194,7 +226,8 @@ WB_Result WB_License_SignLicenseRequest(const WB_License_Whitebox* whitebox,
// |signature| or if |session_key| could not be unwrapped correctly (and
// interferes with verification).
//
// WB_RESULT_INVALID_STATE if a license has already been loaded.
// WB_RESULT_INVALID_STATE if a license has already been loaded, or if
// WB_License_ProcessLicenseResponse_Init() has not been called and completed.
//
// Notes:
// We allow a modified session key to be used. Using it will cause message

2
whitebox/api/license_whitebox_decrypt_benchmark.cc
View File

@@ -51,6 +51,8 @@ class LicenseWhiteboxDecryptBenchmark
const auto license =
CreateLicense(WB_LICENSE_KEY_MODE_DUAL_KEY, 1,
SecurityLevel::kSoftwareSecureCrypto, kNoProviderKeyId);
ASSERT_EQ(WB_License_SignLicenseRequest_Init(), WB_RESULT_OK);
ASSERT_EQ(WB_License_ProcessLicenseResponse_Init(), WB_RESULT_OK);
ASSERT_EQ(
WB_License_ProcessLicenseResponse(
whitebox_, WB_LICENSE_KEY_MODE_DUAL_KEY,

2
whitebox/api/license_whitebox_sign_benchmark.cc
View File

@@ -39,6 +39,8 @@ class LicenseWhiteboxSignBenchmark
auto init_data = GetLicenseWhiteboxProviderKeysInitData();
ASSERT_EQ(WB_License_Create(init_data.data(), init_data.size(), &whitebox_),
WB_RESULT_OK);
ASSERT_EQ(WB_License_SignLicenseRequest_Init(), WB_RESULT_OK);
ASSERT_EQ(WB_License_ProcessLicenseResponse_Init(), WB_RESULT_OK);
const auto license = CreateLicense(
key_mode_, 1, SecurityLevel::kSoftwareSecureCrypto, kNoProviderKeyId);

4
whitebox/api/license_whitebox_sign_renewal_request_test.cc
View File

@@ -46,6 +46,8 @@ class LicenseWhiteboxSignRenewalPstTest
License license;
builder.Build(*server, &license);
ASSERT_EQ(WB_License_SignLicenseRequest_Init(), WB_RESULT_OK);
ASSERT_EQ(WB_License_ProcessLicenseResponse_Init(), WB_RESULT_OK);
ASSERT_EQ(
WB_License_ProcessLicenseResponse(
whitebox_, WB_LICENSE_KEY_MODE_DUAL_KEY,
@@ -283,6 +285,8 @@ TEST_P(LicenseWhiteboxSignRenewalPstTest, KeyUnavailableForNoSigningKey) {
License license;
builder.Build(*server, &license);
ASSERT_EQ(WB_License_SignLicenseRequest_Init(), WB_RESULT_OK);
ASSERT_EQ(WB_License_ProcessLicenseResponse_Init(), WB_RESULT_OK);
ASSERT_EQ(
WB_License_ProcessLicenseResponse(
whitebox_, WB_LICENSE_KEY_MODE_DUAL_KEY, license.core_message.data(),

2
whitebox/api/license_whitebox_test_base.cc
View File

@@ -11,6 +11,8 @@ void LicenseWhiteboxTestBase::SetUp() {
auto init_data = GetLicenseWhiteboxProviderKeysInitData();
ASSERT_EQ(WB_License_Create(init_data.data(), init_data.size(), &whitebox_),
WB_RESULT_OK);
ASSERT_EQ(WB_License_SignLicenseRequest_Init(), WB_RESULT_OK);
ASSERT_EQ(WB_License_ProcessLicenseResponse_Init(), WB_RESULT_OK);
}
void LicenseWhiteboxTestBase::TearDown() {

2
whitebox/api/license_whitebox_verify_benchmark.cc
View File

@@ -31,6 +31,8 @@ class LicenseWhiteboxVerifyBenchmark : public LicenseWhiteboxBenchmark {
auto init_data = GetLicenseWhiteboxProviderKeysInitData();
ASSERT_EQ(WB_License_Create(init_data.data(), init_data.size(), &whitebox_),
WB_RESULT_OK);
ASSERT_EQ(WB_License_SignLicenseRequest_Init(), WB_RESULT_OK);
ASSERT_EQ(WB_License_ProcessLicenseResponse_Init(), WB_RESULT_OK);
const auto license =
CreateLicense(WB_LICENSE_KEY_MODE_DUAL_KEY, 1,

30
whitebox/reference/impl/license_whitebox_impl.cc
View File

@@ -3,6 +3,7 @@
#include "api/license_whitebox.h"
#include <array>
#include <atomic>
#include <cstdint>
#include <map>
#include <memory>
@@ -46,6 +47,9 @@ using AesCtrDecryptor = widevine::AesCtrEncryptor;
using KeyContainer = video_widevine::License_KeyContainer;
using RsaPrivateKey = widevine::RsaPrivateKey;
static std::atomic<bool> sign_license_request_initialized(false);
static std::atomic<bool> process_license_response_initialized(false);
bool IsOdkVersionSupported(uint16_t major_version, uint16_t minor_version) {
// Only ODK v16.5 and later support the fields needed.
constexpr uint16_t first_major_version_supported = 16;
@@ -299,11 +303,22 @@ void WB_License_Delete(WB_License_Whitebox* whitebox) {
delete whitebox;
}
WB_Result WB_License_SignLicenseRequest_Init() {
sign_license_request_initialized = true;
return WB_RESULT_OK;
}
WB_Result WB_License_SignLicenseRequest(const WB_License_Whitebox* whitebox,
const uint8_t* license_request,
size_t license_request_size,
uint8_t* signature,
size_t* signature_size) {
if (!sign_license_request_initialized) {
DVLOG(1)
<< "Must successfully call WB_License_SignLicenseRequest_Init first.";
return WB_RESULT_INVALID_STATE;
}
if (!whitebox || !signature_size) {
DVLOG(1) << "Invalid parameter: null pointer.";
return WB_RESULT_INVALID_PARAMETER;
@@ -338,6 +353,15 @@ WB_Result WB_License_SignLicenseRequest(const WB_License_Whitebox* whitebox,
return WB_RESULT_OK;
}
WB_Result WB_License_ProcessLicenseResponse_Init() {
if (!sign_license_request_initialized) {
return WB_RESULT_INVALID_STATE;
}
process_license_response_initialized = true;
return WB_RESULT_OK;
}
WB_Result WB_License_ProcessLicenseResponse(WB_License_Whitebox* whitebox,
WB_LicenseKeyMode license_key_mode,
const uint8_t* core_message,
@@ -351,6 +375,12 @@ WB_Result WB_License_ProcessLicenseResponse(WB_License_Whitebox* whitebox,
size_t provider_key_id,
const uint8_t* license_request,
size_t license_request_size) {
if (!process_license_response_initialized) {
DVLOG(1) << "Must successfully call WB_License_ProcessLicenseResponse_Init "
"first.";
return WB_RESULT_INVALID_STATE;
}
const size_t kSigningKeySizeBytes =
widevine::crypto_util::kSigningKeySizeBytes;