- ENABLE_LICENSE_PROTOCOL_2_2 and WORKAROUND_STRIP_PADDING_BUG
were only enabled in chrome and chromeos build types, but it
should be in ce as well.
- Modify tests to assert that features are not implemented if
not specified in build type configuration.
- Update readme to list all build types.
License server SDK between [v16.3.3, v16.4.3] strips 16 bytes from
wrapped content keys unconditionally when generating the OEMCrypto
core message even when the padding is not present, which happens
when license protocol version 2.2 is used. As a result, both key
data offset and key data length would be zero in the license
response OEMCrypto core message.
This CL workaround the problem by assuming deterministic in order
serialization of the protobuf fields and deriving the key data offset
from the previous field key_data_iv offset.
Entitlement keys and generic crypto keys are not handled in this CL
intentionally to reduce the implementation complexity.
Renewal signing keys do not need to be handled as the paddings are not
stripped from the signing keys.
The workaround is defined under flag WORKAROUND_STRIP_PADDING_BUG.
Also disabled HAS_PROVIDER_KEYS temporarily.
Bug: 280521253
- Add a flag ENABLE_LICENSE_PROTOCOL_2_2, when the flag is enabled
- Hash the license request in WB_License_ProcessLicenseResponse, i.e.
the request used for the key derivation, which ensures the key
derivation message to be a string of constant size 64 bytes.
- Hash the license request in WB_License_SignLicenseRequest. Note that
the function takes license request (or hashed) + odk message as
parameter for odk v17 or above.
- Enable the flag just for Chrome and ChromeOS for now.
We may change the implementation to hash inside the white-box in the
future.
Also included a few other misc changes, e.g. updating the DEPS of
boringssl and googletest which are already in the white-box directory,
adding a test main etc.
This updates the partner repo to match the internal version, including
the following changes:
- Adds a WB_RESULT_NOT_IMPLEMENTED error code
- Add a flag to control new features (e.g. entitlement support).
- Updates tests to match new expectations
Includes change to WB_License_Create() so that it includes a separate
parameter that specifies the init data used for Provider Keys.
This updates the repo to match the internal repo at commit:
8c1c4338906a32eed83eb63702690d1f02ff7cd0
In this code drop we update the reference implementation and tests to
use 1024 bit RSA keys (as per the plans for RSA V2).
Since RSA V2 also changes to support single-key and dual-key modes,
the benchmarking tests have been updated to use both so that we can
test the difference in performance.
This brings the partner repo in sync with the interal repo at commit
566966d75d552ba1654e3f43fdb37aa812f7fb8c.
In order to support both single-key and dual-key RSA implementations
where single-key will use key 0 for both sign and encryption and where
dual-key will use key 0 for sign and key 1 for encryption.
Additional changes in this code drop:
- Added VMP / RA override enabled tests
- Added VMP / RA override disabled tests
This brings the partner repo in sync with the internal repo at
commit 71760b6da1ec546c65b56e2f86b39b73b53f6734.
The two major changes in this code drop are:
1. The introduction of WB_License_QueryKeyStatus(). This function
makes it possible for the White-box to skip keys in the license and
report the usefulness of the key to the CDM.
2. The restructuring of the repo, making it easier to share test
BUILD files and set the foundation for the new code drop structure.
This change brings the partner repo in sync with the internal repo
at commit f3b472a541262ca4d425d2b294de39a99385a3d2.
In order to reproduce the issue in the white-box and VMP+RA, padding
must be used in the license. This change updates the VMP+RA test
to run every test with and without padding. The expected test
outcomes should not different between padding and no padding.
This change brings the partner repo in sync with the internal repo
at commit abcc1f9bebf1f36a108a84155ae821b8764ec4ad.
Before the VMP/RA tests only tested that decryption was successful
(checking the return code) but did not test the actual success of the
decryption (checking the decrypted plaintext against golden
plaintext).
This brings this repo in sync with the internal repo's commit
58d85cf6b19ecfb932f8edc2eaa8e907a1d21489.
It is possible for the key security level to be omitted from the
key container. When this happens, SW_SECURE_CRYPTO should be used
as the key's security level (as per the protobuf definition).
This only matters when reading the security level from the key
container since the security level must appear in the key control
block.
This change adds a test that will purposely omit the key security
level from the key container.
We were missing break-statements when parsing the security levels
from the key control block.
To confirm this, the key control block tests were updated to attempt
decrypting so that we will try using the keys. The test that used
the KCB was failing since they key security level was "hardware".
This brings this repo in sync with the internal repo at commit
499bfbbb5beb6842071e47125842aedb12b1a8e0.
This change updates the external copy of the reference to match the
internal copy at commit cda42fa07b533f8aad3183cd7eb99ce553949f88 which
introduces the tests (and fix) to handle an encrypted key block.
Rather than having init data for the license white-box be passed in
via WB_License_Create, this changes it so that it is assumed that
the private key is compiled into the white-box code.
Minor changes in this code drop include:
- Updating the git attributes to avoid line-ending conflicts between
different operating systems
- Resolving a linking issue seen on Windows
- Removing default parameter for padding in conformance tests
To make it easier to have separate implementations, we have
structured the repo so that there are three Bazel workspaces:
- The API (and reference)
- The vendor implementation for dev
- The vendor implementation for prod
This allows the vendor implementation to be separated from
the API, while it makes little difference in this repo. While
it makes little difference for this repo, it makes managing versions
much easier internally. We do it here to better reflect our internal
structure to partners.
A vendor implementation has been stubbed in (BUILD file and directory
structure) to provide vendors with some scaffolding to organize their
implementation.
