1 /*
2 * Copyright (C) 2007 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <util/crypto/DrmCrypto.h>
18 #include <ustring.h>
19
20 using namespace ustl;
21
discardPaddingByte(unsigned char * decryptedBuf,unsigned long * decryptedBufLen)22 void AesAgent::discardPaddingByte( unsigned char* decryptedBuf,unsigned long* decryptedBufLen)
23 {
24 if(!decryptedBuf)
25 {
26 return;
27 }
28
29 int i;
30 unsigned long tmpLen = *decryptedBufLen;
31
32 // Check whether the last several bytes are padding or not
33 for ( i = 1; i < decryptedBuf[tmpLen - 1]; i++)
34 {
35 if (decryptedBuf[tmpLen - 1 - i] != decryptedBuf[tmpLen - 1])
36 break;
37 }
38
39 // They are padding bytes
40 if (i == decryptedBuf[tmpLen - 1])
41 {
42 *decryptedBufLen = tmpLen - i;
43 }
44
45 return;
46 }
47
decContent(unsigned char * iv,const unsigned char * encData,unsigned long encLen,unsigned char * decData)48 int32_t AesAgent::decContent( unsigned char* iv,
49 const unsigned char* encData,
50 unsigned long encLen,
51 unsigned char* decData)
52 {
53 if(AES_128_CBC == mode)
54 {
55 AES_KEY key;
56 AES_set_decrypt_key(AesKey,AES_KEY_BITS,&key);
57
58 uint8_t *tmpBuf = new uint8_t[encLen];
59
60 AES_cbc_encrypt( encData,
61 tmpBuf,
62 encLen,
63 &key,
64 iv,
65 AES_DECRYPT);
66
67 unsigned long tempLen = encLen;
68 discardPaddingByte(tmpBuf,&tempLen);
69
70 memcpy(decData, tmpBuf, tempLen);
71
72 delete []tmpBuf;
73 return encLen - tempLen;
74 }
75 else
76 {
77 return AES_DEC_FAILED;
78 }
79 }
80
computeHash(const unsigned char * inData,unsigned long inLen,unsigned char * outHash) const81 void Sha1Agent::computeHash( const unsigned char* inData,
82 unsigned long inLen,
83 unsigned char* outHash) const
84 {
85 EVP_Digest(inData,inLen,outHash,NULL,EVP_sha1(),NULL);
86 return;
87 }
88
computeMac(const unsigned char * inData,unsigned long inLen,unsigned char * outData) const89 void HmacSha1Agent::computeMac( const unsigned char* inData,
90 unsigned long inLen,
91 unsigned char* outData) const
92 {
93 HMAC(EVP_sha1(),macKey,keyLen,inData,inLen,outData,NULL);
94 return;
95 }
96
signature(const unsigned char * rawData,unsigned long rawLen,unsigned char * sigData,RsaAlg sigAlg)97 bool RsaAgent::signature( const unsigned char* rawData,
98 unsigned long rawLen,
99 unsigned char* sigData,
100 RsaAlg sigAlg)
101 {
102 switch(sigAlg)
103 {
104 case RSA_PSS:
105 {
106 unsigned char mHash[SHA_DIGEST_LENGTH];
107 Sha1Agent sha1;
108 sha1.computeHash(rawData,rawLen,mHash);
109
110 unsigned char EM[rsaSize];
111 if( 0 == RSA_padding_add_PKCS1_PSS( &rsaKey,
112 EM,
113 mHash,
114 EVP_sha1(),
115 SHA_DIGEST_LENGTH))
116 {
117 return false;
118 }
119
120 if(0 > RSA_private_encrypt( SHA_DIGEST_LENGTH,
121 EM,
122 sigData,
123 &rsaKey,
124 RSA_PKCS1_PADDING))
125 {
126 return false;
127 }
128 else
129 {
130 return true;
131 }
132 }
133 break;
134 case RSA_SHA1:
135 {
136 unsigned char mHash[SHA_DIGEST_LENGTH];
137 Sha1Agent sha1;
138 sha1.computeHash(rawData,rawLen,mHash);
139
140 if(0 != RSA_sign( NID_sha1WithRSA,
141 mHash,
142 SHA_DIGEST_LENGTH,
143 sigData,
144 &rsaSize,
145 &rsaKey))
146 {
147 return true;
148 }
149 else
150 {
151 return false;
152 }
153 }
154 break;
155 default:
156 return false;
157 }
158
159 return false;
160 }
161
sigVerify(unsigned char * sigData,unsigned long sigLen,const unsigned char * rawData,unsigned long rawLen,RsaAlg sigAlg)162 bool RsaAgent::sigVerify( unsigned char* sigData,
163 unsigned long sigLen,
164 const unsigned char* rawData,
165 unsigned long rawLen,
166 RsaAlg sigAlg)
167 {
168 if( sigAlg == RSA_PSS)
169 {
170 unsigned char decSigData[rsaSize];
171
172 if(0 > RSA_public_decrypt(sigLen,
173 sigData,
174 decSigData,
175 &rsaKey,
176 RSA_PKCS1_PADDING))
177 {
178 return false;
179 }
180 else
181 {
182 unsigned char mHash[SHA_DIGEST_LENGTH];
183 Sha1Agent sha1;
184 sha1.computeHash(rawData,rawLen,mHash);
185
186 if( 0 == RSA_verify_PKCS1_PSS( &rsaKey,
187 mHash,
188 EVP_sha1(),
189 decSigData,
190 -1))
191 {
192 return true;
193 }
194 else
195 {
196 return false;
197 }
198 }
199 }
200 else if(sigAlg == RSA_SHA1)
201 {
202 unsigned char mHash[SHA_DIGEST_LENGTH];
203 Sha1Agent sha1;
204 sha1.computeHash(rawData,rawLen,mHash);
205
206 if(0 != RSA_verify( NID_sha1WithRSA,
207 mHash,
208 SHA_DIGEST_LENGTH,
209 sigData,
210 sigLen,
211 &rsaKey))
212 {
213 return true;
214 }
215 else
216 {
217 return false;
218 }
219 }
220 else
221 {
222 return false;
223 }
224 }
225
decrypt(const unsigned char * encData,unsigned long encLen,unsigned char * decData)226 int RsaAgent::decrypt( const unsigned char* encData,
227 unsigned long encLen,
228 unsigned char* decData)
229 {
230 return RSA_private_decrypt( encLen,
231 encData,
232 decData,
233 &rsaKey,
234 RSA_PKCS1_PADDING);
235 }
236