FwdLock.html revision fdd65a0fc7df2c878cc601e4c0f4021cb264f051
1<html> 2 3<head> 4<meta http-equiv=Content-Type content="text/html; charset=windows-1252"> 5<meta name=Generator content="Microsoft Word 12 (filtered)"> 6<title>Forward Lock Converter and Decoder</title> 7<style> 8<!-- 9 /* Font Definitions */ 10 @font-face 11 {font-family:SimSun; 12 panose-1:2 1 6 0 3 1 1 1 1 1;} 13@font-face 14 {font-family:"Cambria Math"; 15 panose-1:2 4 5 3 5 4 6 3 2 4;} 16@font-face 17 {font-family:Tahoma; 18 panose-1:2 11 6 4 3 5 4 4 2 4;} 19@font-face 20 {font-family:"Lucida Console","DejaVu Sans Mono"; 21 panose-1:2 11 6 9 4 5 4 2 2 4;} 22@font-face 23 {font-family:"\@SimSun"; 24 panose-1:2 1 6 0 3 1 1 1 1 1;} 25 /* Style Definitions */ 26 p.MsoNormal, li.MsoNormal, div.MsoNormal 27 {margin:0cm; 28 margin-bottom:.0001pt; 29 font-size:12.0pt; 30 font-family:"Times New Roman","serif";} 31h1 32 {margin-right:0cm; 33 margin-left:21.6pt; 34 text-indent:-21.6pt; 35 page-break-after:avoid; 36 font-size:16.0pt; 37 font-family:"Arial","sans-serif";} 38h2 39 {margin-top:12.0pt; 40 margin-right:0cm; 41 margin-bottom:3.0pt; 42 margin-left:28.8pt; 43 text-indent:-28.8pt; 44 page-break-after:avoid; 45 font-size:14.0pt; 46 font-family:"Arial","sans-serif"; 47 font-style:italic;} 48h3 49 {margin-top:12.0pt; 50 margin-right:0cm; 51 margin-bottom:3.0pt; 52 margin-left:36.0pt; 53 text-indent:-36.0pt; 54 page-break-after:avoid; 55 font-size:13.0pt; 56 font-family:"Arial","sans-serif";} 57h4 58 {margin-top:12.0pt; 59 margin-right:0cm; 60 margin-bottom:3.0pt; 61 margin-left:43.2pt; 62 text-indent:-43.2pt; 63 page-break-after:avoid; 64 font-size:14.0pt; 65 font-family:"Times New Roman","serif";} 66h5 67 {margin-top:12.0pt; 68 margin-right:0cm; 69 margin-bottom:3.0pt; 70 margin-left:50.4pt; 71 text-indent:-50.4pt; 72 font-size:13.0pt; 73 font-family:"Times New Roman","serif"; 74 font-style:italic;} 75h6 76 {margin-top:12.0pt; 77 margin-right:0cm; 78 margin-bottom:3.0pt; 79 margin-left:57.6pt; 80 text-indent:-57.6pt; 81 font-size:11.0pt; 82 font-family:"Times New Roman","serif";} 83p.MsoHeading7, li.MsoHeading7, div.MsoHeading7 84 {margin-top:12.0pt; 85 margin-right:0cm; 86 margin-bottom:3.0pt; 87 margin-left:64.8pt; 88 text-indent:-64.8pt; 89 font-size:12.0pt; 90 font-family:"Times New Roman","serif";} 91p.MsoHeading8, li.MsoHeading8, div.MsoHeading8 92 {margin-top:12.0pt; 93 margin-right:0cm; 94 margin-bottom:3.0pt; 95 margin-left:72.0pt; 96 text-indent:-72.0pt; 97 font-size:12.0pt; 98 font-family:"Times New Roman","serif"; 99 font-style:italic;} 100p.MsoHeading9, li.MsoHeading9, div.MsoHeading9 101 {margin-top:12.0pt; 102 margin-right:0cm; 103 margin-bottom:3.0pt; 104 margin-left:79.2pt; 105 text-indent:-79.2pt; 106 font-size:11.0pt; 107 font-family:"Arial","sans-serif";} 108p.MsoToc1, li.MsoToc1, div.MsoToc1 109 {margin-top:6.0pt; 110 margin-right:0cm; 111 margin-bottom:6.0pt; 112 margin-left:0cm; 113 line-height:150%; 114 font-size:10.5pt; 115 font-family:"Times New Roman","serif"; 116 text-transform:uppercase; 117 font-weight:bold;} 118p.MsoToc2, li.MsoToc2, div.MsoToc2 119 {margin-top:0cm; 120 margin-right:0cm; 121 margin-bottom:0cm; 122 margin-left:12.0pt; 123 margin-bottom:.0001pt; 124 line-height:150%; 125 font-size:10.5pt; 126 font-family:"Times New Roman","serif"; 127 font-variant:small-caps;} 128p.MsoToc3, li.MsoToc3, div.MsoToc3 129 {margin-top:0cm; 130 margin-right:0cm; 131 margin-bottom:0cm; 132 margin-left:24.0pt; 133 margin-bottom:.0001pt; 134 line-height:150%; 135 font-size:10.5pt; 136 font-family:"Times New Roman","serif"; 137 font-style:italic;} 138p.MsoToc4, li.MsoToc4, div.MsoToc4 139 {margin-top:0cm; 140 margin-right:0cm; 141 margin-bottom:0cm; 142 margin-left:36.0pt; 143 margin-bottom:.0001pt; 144 font-size:9.0pt; 145 font-family:"Times New Roman","serif";} 146p.MsoToc5, li.MsoToc5, div.MsoToc5 147 {margin-top:0cm; 148 margin-right:0cm; 149 margin-bottom:0cm; 150 margin-left:48.0pt; 151 margin-bottom:.0001pt; 152 font-size:9.0pt; 153 font-family:"Times New Roman","serif";} 154p.MsoToc6, li.MsoToc6, div.MsoToc6 155 {margin-top:0cm; 156 margin-right:0cm; 157 margin-bottom:0cm; 158 margin-left:60.0pt; 159 margin-bottom:.0001pt; 160 font-size:9.0pt; 161 font-family:"Times New Roman","serif";} 162p.MsoToc7, li.MsoToc7, div.MsoToc7 163 {margin-top:0cm; 164 margin-right:0cm; 165 margin-bottom:0cm; 166 margin-left:72.0pt; 167 margin-bottom:.0001pt; 168 font-size:9.0pt; 169 font-family:"Times New Roman","serif";} 170p.MsoToc8, li.MsoToc8, div.MsoToc8 171 {margin-top:0cm; 172 margin-right:0cm; 173 margin-bottom:0cm; 174 margin-left:84.0pt; 175 margin-bottom:.0001pt; 176 font-size:9.0pt; 177 font-family:"Times New Roman","serif";} 178p.MsoToc9, li.MsoToc9, div.MsoToc9 179 {margin-top:0cm; 180 margin-right:0cm; 181 margin-bottom:0cm; 182 margin-left:96.0pt; 183 margin-bottom:.0001pt; 184 font-size:9.0pt; 185 font-family:"Times New Roman","serif";} 186p.MsoFootnoteText, li.MsoFootnoteText, div.MsoFootnoteText 187 {margin:0cm; 188 margin-bottom:.0001pt; 189 font-size:10.0pt; 190 font-family:"Times New Roman","serif";} 191p.MsoHeader, li.MsoHeader, div.MsoHeader 192 {margin:0cm; 193 margin-bottom:.0001pt; 194 font-size:12.0pt; 195 font-family:"Times New Roman","serif";} 196p.MsoFooter, li.MsoFooter, div.MsoFooter 197 {margin:0cm; 198 margin-bottom:.0001pt; 199 font-size:12.0pt; 200 font-family:"Times New Roman","serif";} 201p.MsoCaption, li.MsoCaption, div.MsoCaption 202 {margin:0cm; 203 margin-bottom:.0001pt; 204 font-size:11.0pt; 205 font-family:"Times New Roman","serif"; 206 font-weight:bold;} 207span.MsoFootnoteReference 208 {vertical-align:super;} 209p.MsoTitle, li.MsoTitle, div.MsoTitle 210 {margin-top:12.0pt; 211 margin-right:0cm; 212 margin-bottom:120.0pt; 213 margin-left:0cm; 214 text-align:center; 215 font-size:16.0pt; 216 font-family:"Arial","sans-serif"; 217 font-weight:bold;} 218p.MsoBodyText, li.MsoBodyText, div.MsoBodyText 219 {mso-style-link:"Body Text Char"; 220 margin-top:0cm; 221 margin-right:0cm; 222 margin-bottom:6.0pt; 223 margin-left:0cm; 224 font-size:12.0pt; 225 font-family:"Times New Roman","serif";} 226a:link, span.MsoHyperlink 227 {color:blue; 228 text-decoration:underline;} 229a:visited, span.MsoHyperlinkFollowed 230 {color:purple; 231 text-decoration:underline;} 232p.MsoAcetate, li.MsoAcetate, div.MsoAcetate 233 {margin:0cm; 234 margin-bottom:.0001pt; 235 font-size:8.0pt; 236 font-family:"Tahoma","sans-serif";} 237span.BodyTextChar 238 {mso-style-name:"Body Text Char"; 239 mso-style-link:"Body Text";} 240 /* Page Definitions */ 241 @page WordSection1 242 {size:595.45pt 841.7pt; 243 margin:72.0pt 90.0pt 72.0pt 90.0pt;} 244div.WordSection1 245 {page:WordSection1;} 246@page WordSection2 247 {size:595.45pt 841.7pt; 248 margin:72.0pt 90.0pt 72.0pt 90.0pt;} 249div.WordSection2 250 {page:WordSection2;} 251 /* List Definitions */ 252 ol 253 {margin-bottom:0cm;} 254ul 255 {margin-bottom:0cm;} 256--> 257</style> 258 259</head> 260 261<body lang=EN-US link=blue vlink=purple> 262 263<div class=WordSection1> 264 265<p class=MsoTitle>Forward Lock Converter And Decoder</p> 266 267<p class=MsoToc1><span 268class=MsoHyperlink><a href="#_Toc276471422">1<span style='font-size:12.0pt; 269line-height:150%;color:windowtext;text-transform:none;font-weight:normal; 270text-decoration:none'>����� </span>Introduction<span style='color:windowtext; 271display:none;text-decoration:none'>. </span><span 272style='color:windowtext;display:none;text-decoration:none'>3</span></a></span></p> 273 274<p class=MsoToc1><span class=MsoHyperlink><a href="#_Toc276471423">2<span 275style='font-size:12.0pt;line-height:150%;color:windowtext;text-transform:none; 276font-weight:normal;text-decoration:none'>����� </span>Overview<span 277style='color:windowtext;display:none;text-decoration:none'>... </span><span 278style='color:windowtext;display:none;text-decoration:none'>3</span></a></span></p> 279 280<p class=MsoToc1><span class=MsoHyperlink><a href="#_Toc276471424">3<span 281style='font-size:12.0pt;line-height:150%;color:windowtext;text-transform:none; 282font-weight:normal;text-decoration:none'>����� </span>Use Cases<span 283style='color:windowtext;display:none;text-decoration:none'>. </span><span 284style='color:windowtext;display:none;text-decoration:none'>4</span></a></span></p> 285 286<p class=MsoToc2><span class=MsoHyperlink><span style='font-variant:normal !important; 287text-transform:uppercase'><a href="#_Toc276471425">3.1<span style='font-size: 28812.0pt;line-height:150%;color:windowtext;text-transform:none;text-decoration: 289none'>������� </span>Converter<span style='color:windowtext;display:none; 290text-decoration:none'>. </span><span 291style='color:windowtext;display:none;text-decoration:none'>4</span></a></span></span></p> 292 293<p class=MsoToc3><span class=MsoHyperlink><a href="#_Toc276471426">3.1.1<span 294style='font-size:12.0pt;line-height:150%;color:windowtext;font-style:normal; 295text-decoration:none'>���� </span>Convert Data (Push-Mode Conversion)<span 296style='color:windowtext;display:none;text-decoration:none'> </span><span 297style='color:windowtext;display:none;text-decoration:none'>4</span></a></span></p> 298 299<p class=MsoToc3><span class=MsoHyperlink><a href="#_Toc276471427">3.1.2<span 300style='font-size:12.0pt;line-height:150%;color:windowtext;font-style:normal; 301text-decoration:none'>���� </span>Convert File (Pull-Mode Conversion)<span 302style='color:windowtext;display:none;text-decoration:none'> </span><span 303style='color:windowtext;display:none;text-decoration:none'>6</span></a></span></p> 304 305<p class=MsoToc2><span class=MsoHyperlink><span style='font-variant:normal !important; 306text-transform:uppercase'><a href="#_Toc276471428">3.2<span style='font-size: 30712.0pt;line-height:150%;color:windowtext;text-transform:none;text-decoration: 308none'>������� </span>Decoder<span style='color:windowtext;display:none; 309text-decoration:none'>. </span><span 310style='color:windowtext;display:none;text-decoration:none'>7</span></a></span></span></p> 311 312<p class=MsoToc3><span class=MsoHyperlink><a href="#_Toc276471429">3.2.1<span 313style='font-size:12.0pt;line-height:150%;color:windowtext;font-style:normal; 314text-decoration:none'>���� </span>Check Integrity<span style='color:windowtext; 315display:none;text-decoration:none'>. </span><span 316style='color:windowtext;display:none;text-decoration:none'>8</span></a></span></p> 317 318<p class=MsoToc3><span class=MsoHyperlink><a href="#_Toc276471430">3.2.2<span 319style='font-size:12.0pt;line-height:150%;color:windowtext;font-style:normal; 320text-decoration:none'>���� </span>Get Content Type<span style='color:windowtext; 321display:none;text-decoration:none'>. </span><span 322style='color:windowtext;display:none;text-decoration:none'>9</span></a></span></p> 323 324<p class=MsoToc3><span class=MsoHyperlink><a href="#_Toc276471431">3.2.3<span 325style='font-size:12.0pt;line-height:150%;color:windowtext;font-style:normal; 326text-decoration:none'>���� </span>Decode File<span style='color:windowtext; 327display:none;text-decoration:none'>. </span><span 328style='color:windowtext;display:none;text-decoration:none'>10</span></a></span></p> 329 330<p class=MsoToc1><span class=MsoHyperlink><a href="#_Toc276471432">4<span 331style='font-size:12.0pt;line-height:150%;color:windowtext;text-transform:none; 332font-weight:normal;text-decoration:none'>����� </span>Definition of the 333Internal Forward Lock File Format<span style='color:windowtext;display:none; 334text-decoration:none'>. </span><span 335style='color:windowtext;display:none;text-decoration:none'>11</span></a></span></p> 336 337<p class=MsoToc2><span class=MsoHyperlink><span style='font-variant:normal !important; 338text-transform:uppercase'><a href="#_Toc276471433">4.1<span style='font-size: 33912.0pt;line-height:150%;color:windowtext;text-transform:none;text-decoration: 340none'>������� </span>Key Derivation<span style='color:windowtext;display:none; 341text-decoration:none'>.. </span><span 342style='color:windowtext;display:none;text-decoration:none'>11</span></a></span></span></p> 343 344<p class=MsoToc2><span class=MsoHyperlink><span style='font-variant:normal !important; 345text-transform:uppercase'><a href="#_Toc276471434">4.2<span style='font-size: 34612.0pt;line-height:150%;color:windowtext;text-transform:none;text-decoration: 347none'>������� </span>Calculation of the Counters<span style='color:windowtext; 348display:none;text-decoration:none'>. </span><span 349style='color:windowtext;display:none;text-decoration:none'>12</span></a></span></span></p> 350 351<p class=MsoToc1><span class=MsoHyperlink><a href="#_Toc276471435">5<span 352style='font-size:12.0pt;line-height:150%;color:windowtext;text-transform:none; 353font-weight:normal;text-decoration:none'>����� </span>Unit Test Cases<span 354style='color:windowtext;display:none;text-decoration:none'>. </span><span 355style='color:windowtext;display:none;text-decoration:none'>12</span></a></span></p> 356 357<p class=MsoToc1><span class=MsoHyperlink><a href="#_Toc276471436">6<span 358style='font-size:12.0pt;line-height:150%;color:windowtext;text-transform:none; 359font-weight:normal;text-decoration:none'>����� </span>References<span 360style='color:windowtext;display:none;text-decoration:none'>. </span><span 361style='color:windowtext;display:none;text-decoration:none'>12</span></a></span></p> 362 363<p class=MsoBodyText></p> 364 365</div> 366 367<span style='font-size:12.0pt;font-family:"Times New Roman","serif"'><br 368clear=all style='page-break-before:right'> 369</span> 370 371<div class=WordSection2> 372 373<h1><a name="_Toc276471422"></a><a name="_Ref263085474">1<span 374style='font:7.0pt "Times New Roman"'> </span>Introduction</a></h1> 375 376<p class=MsoBodyText>The internal Forward Lock file format is used for encrypting 377inherently unencrypted OMA DRM version 1 Forward Lock and Combined Delivery 378files so they can be securely stored on externally accessible file system partitions 379such as memory stick.</p> 380 381<p class=MsoBodyText>Our general strategy is to convert such <i>OMA DRM Message</i> 382(�.dm�) files to internal Forward Lock (�.fl�) files as soon as they are 383downloaded or otherwise transferred to the phone, and not actually provide any 384decoders for �.dm� files.</p> 385 386<h1><a name="_Toc276471423">2<span style='font:7.0pt "Times New Roman"'> 387</span>Overview</a></h1> 388 389<p class=MsoBodyText>The <i>Forward Lock Converter</i> converts OMA DRM Message 390files to the internal file format. The <i>Forward Lock Decoder</i> provides a 391POSIX-level API for transparent reading and seeking through such a converted 392file as if it were unencrypted. The API also includes functions for checking a 393file�s integrity and getting the MIME type of its embedded content.</p> 394 395<p class=MsoBodyText style='margin-bottom:24.0pt'>The converter and decoder are 396built into two separate libraries, which share common code for random number 397generation and key encryption in a third library. For test purposes there is 398also a unit test application. See Figure 1.</p> 399 400<p class=MsoBodyText style='page-break-after:avoid'><img width=288 height=364 401src="images/image001.gif"></p> 402 403<p class=MsoCaption style='margin-top:12.0pt;margin-right:0cm;margin-bottom: 40412.0pt;margin-left:0cm'><a name="_Ref262730885">Figure </a>1. Block diagram illustrating the dependencies between the executable modules.</p> 405 406<b><span style='font-size:16.0pt;font-family:"Arial","sans-serif"'><br 407clear=all style='page-break-before:always'> 408</span></b> 409 410<h1><a name="_Toc276471424">3<span style='font:7.0pt "Times New Roman"'> 411</span>Use Cases</a></h1> 412 413<p class=MsoBodyText>This section describes all the use cases for the converter 414and decoder. It shows the sequence of API calls that should be used to solve 415these use cases.</p> 416 417<h2><a name="_Toc276471425">3.1<span style='font:7.0pt "Times New Roman"'> 418</span>Converter</a></h2> 419 420<p class=MsoBodyText>Through the converter API, conversion can be performed in one 421of two ways:</p> 422 423<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>1.<span 424style='font:7.0pt "Times New Roman"'> </span><i>Push-mode 425conversion</i> is when the client progressively feeds data to the converter as 426it arrives. This is appropriate when data arrives gradually in chunks, with 427idle time in between. Consequently, push mode is used for converting files 428being downloaded through HTTP. See section 3.1.1.</p> 429 430<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>2.<span 431style='font:7.0pt "Times New Roman"'> </span><i>Pull-mode 432conversion</i> is when the converter drives the process and consumes data from 433the client as it needs it. This is appropriate when the entire file to be 434converted is readily available. Hence, pull mode is used by the unit test application. 435See section 3.1.2.</p> 436 437<p class=MsoBodyText>Internally, pull-mode conversion is implemented in terms 438of the API for push-mode conversion.</p> 439 440<h3><a name="_Toc276471426"></a><a name="_Ref263085478">3.1.1<span 441style='font:7.0pt "Times New Roman"'> </span>Convert Data 442(Push-Mode Conversion)</a></h3> 443 444<p class=MsoBodyText>Push-mode conversion is performed as follows (see also Figure 2):</p> 445 446<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>1.<span 447style='font:7.0pt "Times New Roman"'> </span><span 448style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockConv_OpenSession</span> 449initializes the output parameter and returns a <i>session ID</i> to be used in 450subsequent calls to the API. The output parameter is a union of return values 451whose correct use at any given moment is determined by the API function last 452called.</p> 453 454<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>2.<span 455style='font:7.0pt "Times New Roman"'> </span><span 456style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockConv_ConvertData</span> 457is called repeatedly until no more input data remains. Each call converts the 458maximum amount of data possible and writes it to the output buffer. The client then 459writes this data to file.</p> 460 461<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>3.<span 462style='font:7.0pt "Times New Roman"'> </span><span 463style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockConv_CloseSession</span> 464cleans up the session and deallocates the output buffer. If all has gone well, a 465two-part cryptographic signature of the output file is calculated. The client 466must go back and rewrite part of the file header with this updated signature 467information.</p> 468 469<p class=MsoBodyText>Every time a file is being converted, the converter calls <span 470style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockGlue_GetRandomNumber</span> 471to generate a new, unique session key. No two converted files look alike, even 472if the original files are the same.</p> 473 474<p class=MsoBodyText><b>Note:</b> The random bytes cannot come from any bare-minimum 475implementation of the C-library <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>rand</span> 476function�they must be cryptographically secure. Otherwise, security will be 477compromised.</p> 478 479<p class=MsoBodyText>The session key is encrypted and stored within the 480converted file. Key encryption is performed using <span style='font-size:10.0pt; 481font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockGlue_GetEncryptedKeyLength</span> and <span 482style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockGlue_EncryptKey</span>. 483These two functions, together with the corresponding decryption function (<span 484style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockGlue_DecryptKey</span>), 485are the integration points where an OEM manufacturer may implement their own 486key-encryption scheme.</p> 487 488<p class=MsoBodyText><b>Note:</b> The key-encryption key must be unique to each 489device; this is what makes the files forward lock�protected. Ideally, it should 490be derived from secret hardware parameters, but at the very least it should be 491persistent from one master reset to the next.</p> 492 493<div style='margin-bottom:24.0pt;border:solid windowtext 1.0pt;padding:1.0pt 4.0pt 1.0pt 4.0pt; 494background:#F2F2F2'> 495 496<p class=MsoBodyText style='background:#F2F2F2;border: 497none;padding:0cm'><b>Note:</b> In the open-source implementation of the <span 498style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>libfwdlock-common</span> 499library, a random key-encryption key is generated and stored in plaintext in 500the file system, without being obfuscated in any way (doing so would be futile 501since the source code is openly available). This key must be kept secret from 502the user, and shouldn�t be possible to extract through backup-and-restore 503functionality or the like. OEM manufacturers will probably want to implement a 504truly hardware-based device-unique key.</p> 505 506</div> 507 508<p class=MsoBodyText style='page-break-after:avoid'><img width=531 height=563 509src="images/image002.gif"></p> 510 511<p class=MsoCaption style='margin-top:6.0pt;margin-right:0cm;margin-bottom: 51212.0pt;margin-left:0cm'><a name="_Ref263085187">Figure </a>2. Converter UC: Convert Data.</p> 513 514<b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'><br 515clear=all style='page-break-before:always'> 516</span></b> 517 518<h3><a name="_Toc276471427"></a><a name="_Ref263163082">3.1.2<span 519style='font:7.0pt "Times New Roman"'> </span>Convert File 520(Pull-Mode Conversion)</a></h3> 521 522<p class=MsoBodyText>Pull-mode conversion is performed by calling <span 523style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_ConvertFile</span> 524with the filename, unless there is need for a specialized <span 525style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>read</span> function, in 526which case <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_ConvertOpenFile</span> 527should be used directly instead. See Figure 3.</p> 528 529<p class=MsoBodyText style='margin-bottom:24.0pt'>Internally, <span 530style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_ConvertFile</span> 531calls <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_ConvertOpenFile</span>. 532The latter then proceeds with the conversion using the push-mode API, acting as 533the client in the previous use case; see section 3.1.1.</p> 534 535<p class=MsoBodyText style='page-break-after:avoid'><img width=531 height=731 536src="images/image003.gif"></p> 537 538<p class=MsoCaption style='margin-top:6.0pt;margin-right:0cm;margin-bottom: 53912.0pt;margin-left:0cm'><a name="_Ref263085208">Figure </a>3. Converter UC: Convert File.</p> 540 541<b><i><span style='font-size:14.0pt;font-family:"Arial","sans-serif"'><br 542clear=all style='page-break-before:always'> 543</span></i></b> 544 545<h2><a name="_Toc276471428">3.2<span style='font:7.0pt "Times New Roman"'> 546</span>Decoder</a></h2> 547 548<p class=MsoBodyText>The decoder API allows the client to do the following:</p> 549 550<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>1.<span 551style='font:7.0pt "Times New Roman"'> </span>Check 552the integrity of an internal Forward Lock file, i.e., detect whether it has 553been manipulated in any way; see section 3.2.1.</p> 554 555<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>2.<span 556style='font:7.0pt "Times New Roman"'> </span>Get 557the MIME type of the embedded content (the �original� MIME type before DRM protection 558was applied); see section 3.2.2.</p> 559 560<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>3.<span 561style='font:7.0pt "Times New Roman"'> </span>Decode 562the file by random access, i.e., read and seek through it in an arbitrary 563manner; see section 3.2.3.</p> 564 565<p class=MsoBodyText>All subsequent operations on a file first require it to be 566opened. Opening a file returns a <i>file descriptor</i>�a handle to be used in 567these subsequent operations.</p> 568 569<p class=MsoBodyText>If the filename is known, an internal Forward Lock file 570can be opened using <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_open</span>. 571If only the file descriptor of an already open file is available, a decoding 572session can instead be initialized using <span style='font-size:10.0pt; 573font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_attach</span>.</p> 574 575<p class=MsoBodyText>Internally, <span style='font-size:10.0pt;font-family: 576"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_open</span> calls <span style='font-size:10.0pt; 577font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_attach</span>. For efficiency 578reasons, <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_attach</span> 579therefore assumes that the file position is at the beginning of the file when 580the function gets called. A client who calls it directly must make sure that 581this assumption holds.</p> 582 583<p class=MsoBodyText>When a file is being attached, the session key stored in 584the file during conversion is decrypted using <span style='font-size:10.0pt; 585font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockGlue_GetEncryptedKeyLength</span> and <span 586style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockGlue_DecryptKey</span>, 587in order to set up for decoding and integrity checking.</p> 588 589<p class=MsoBodyText>For just getting the content type, however, retrieving the 590session key would strictly speaking not be necessary, so there is an 591opportunity here to optimize for that if it proves necessary later.</p> 592 593<p class=MsoBodyText>Symmetrical to <span style='font-size:10.0pt;font-family: 594"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_open</span> and <span style='font-size:10.0pt; 595font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_attach</span>, there are also functions 596for closing a file or detaching from it:</p> 597 598<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>1.<span 599style='font:7.0pt "Times New Roman"'> </span>If 600it was opened with <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_open</span> 601it should be closed with <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_close</span>.</p> 602 603<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>2.<span 604style='font:7.0pt "Times New Roman"'> </span>If 605it was attached with <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_attach</span> 606it should be detached with <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_detach</span>.</p> 607 608<b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'><br 609clear=all style='page-break-before:always'> 610</span></b> 611 612<h3><a name="_Ref263163099"></a><a name="_Toc276471429">3.2.1<span 613style='font:7.0pt "Times New Roman"'> </span>Check Integrity</a></h3> 614 615<p class=MsoBodyText>There are three methods for checking the integrity of an 616internal Forward Lock file, in whole or in part (see also Figure 4):</p> 617 618<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>1.<span 619style='font:7.0pt "Times New Roman"'> </span><span 620style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_CheckDataIntegrity</span>, 621which checks the integrity of the encrypted content data.</p> 622 623<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>2.<span 624style='font:7.0pt "Times New Roman"'> </span><span 625style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_CheckHeaderIntegrity</span>, 626which checks the integrity of the file header, including the content type and 627other fields not currently supported but reserved for future use.</p> 628 629<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>3.<span 630style='font:7.0pt "Times New Roman"'> </span><span 631style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_CheckIntegrity</span>, 632which internally calls first <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_CheckHeaderIntegrity</span> 633and then <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_CheckDataIntegrity</span>.</p> 634 635<p class=MsoBodyText style='margin-bottom:24.0pt'><span style='font-size:10.0pt; 636font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_CheckHeaderIntegrity</span> is 637generally much faster than <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_CheckDataIntegrity</span>, 638whose running time is directly proportional to the size of the file.</p> 639 640<p class=MsoBodyText style='page-break-after:avoid'><img width=543 height=575 641src="images/image004.gif"></p> 642 643<p class=MsoCaption style='margin-top:6.0pt;margin-right:0cm;margin-bottom: 64412.0pt;margin-left:0cm'><a name="_Ref263163308">Figure </a>4. Decoder UC: Check Integrity.</p> 645 646<b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'><br 647clear=all style='page-break-before:always'> 648</span></b> 649 650<h3><a name="_Toc276471430"></a><a name="_Ref263163117">3.2.2<span 651style='font:7.0pt "Times New Roman"'> </span>Get Content Type</a></h3> 652 653<p class=MsoBodyText style='margin-bottom:24.0pt'><span style='font-size:10.0pt; 654font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_GetContentType</span> returns a 655read-only reference to an ASCII string containing the MIME type of the 656embedded content. This reference is valid as long as the file is kept open. 657Clients who need access to the content type after closing the file should make 658a copy of the string. See Figure 5 below.</p> 659 660<p class=MsoBodyText style='page-break-after:avoid'><img width=543 height=488 661src="images/image005.gif"></p> 662 663<p class=MsoCaption style='margin-top:6.0pt;margin-right:0cm;margin-bottom: 66412.0pt;margin-left:0cm'><a name="_Ref263163392">Figure </a>5. Decoder UC: Get Content Type.</p> 665 666<b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'><br 667clear=all style='page-break-before:always'> 668</span></b> 669 670<h3><a name="_Toc276471431"></a><a name="_Ref263163137">3.2.3<span 671style='font:7.0pt "Times New Roman"'> </span>Decode File</a></h3> 672 673<p class=MsoBodyText>After opening an internal Forward Lock file (or attaching 674to an already open one), it can be transparently read from as if it were 675unencrypted. Any number of calls to read data from the current file position or 676set it to a new one (which is what <span style='font-size:10.0pt;font-family: 677"Lucida Console","DejaVu Sans Mono"'>lseek</span> does) can be made in any order; this is what we 678call <i>random access</i>. See Figure 6.</p> 679 680<p class=MsoBodyText>The Forward Lock Decoder versions of the <span 681style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>read</span>, <span 682style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>lseek</span>, and <span 683style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>close</span> functions 684have the exact same signatures as their POSIX counterparts. So, for example, 685the call <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_lseek(fd, 6860, SEEK_END)</span> returns the size of the embedded content data, i.e., the 687size of the original file before DRM protection.</p> 688 689<p class=MsoBodyText style='margin-bottom:24.0pt'>Moreover, <span 690style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_open</span> 691is like regular POSIX <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>open</span> 692except it takes only the filename as a parameter�access is always read-only.</p> 693 694<p class=MsoBodyText style='page-break-after:avoid'><img width=543 height=522 695src="images/image006.gif"></p> 696 697<p class=MsoCaption style='margin-top:6.0pt;margin-right:0cm;margin-bottom: 69812.0pt;margin-left:0cm'><a name="_Ref263166303">Figure </a>6. Decoder UC: Decode File.</p> 699 700<b><span style='font-size:16.0pt;font-family:"Arial","sans-serif"'><br 701clear=all style='page-break-before:always'> 702</span></b> 703 704<h1><a name="_Toc276471432">4<span style='font:7.0pt "Times New Roman"'> 705</span>Definition of the Internal Forward Lock File Format</a></h1> 706 707<p class=MsoBodyText style='margin-bottom:12.0pt'>The inner structure of an internal 708Forward Lock file is defined in Table 1 below.</p> 709 710<table class=MsoNormalTable border=1 cellspacing=0 cellpadding=0 711 style='border-collapse:collapse;border:none'> 712 <tr> 713 <td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt; 714 padding:0cm 5.4pt 0cm 5.4pt'> 715 <p class=MsoNormal style='page-break-after:avoid'><b>Offset [bytes]</b></p> 716 </td> 717 <td width=96 valign=top style='width:72.0pt;border:solid windowtext 1.0pt; 718 border-left:none;padding:0cm 5.4pt 0cm 5.4pt'> 719 <p class=MsoNormal style='page-break-after:avoid'><b>Size [bytes]</b></p> 720 </td> 721 <td width=361 valign=top style='width:270.85pt;border:solid windowtext 1.0pt; 722 border-left:none;padding:0cm 5.4pt 0cm 5.4pt'> 723 <p class=MsoNormal style='page-break-after:avoid'><b>Description</b></p> 724 </td> 725 </tr> 726 <tr> 727 <td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt; 728 border-top:none;padding:0cm 5.4pt 0cm 5.4pt'> 729 <p class=MsoNormal style='page-break-after:avoid'>0</p> 730 </td> 731 <td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none; 732 border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 733 padding:0cm 5.4pt 0cm 5.4pt'> 734 <p class=MsoNormal style='page-break-after:avoid'>4</p> 735 </td> 736 <td width=361 valign=top style='width:270.85pt;border-top:none;border-left: 737 none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 738 padding:0cm 5.4pt 0cm 5.4pt'> 739 <p class=MsoNormal style='page-break-after:avoid'>The file signature (so-called 740 <i>magic number</i>): a four-character code consisting of the letters 741 F-W-L-K.</p> 742 </td> 743 </tr> 744 <tr> 745 <td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt; 746 border-top:none;padding:0cm 5.4pt 0cm 5.4pt'> 747 <p class=MsoNormal style='page-break-after:avoid'>4</p> 748 </td> 749 <td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none; 750 border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 751 padding:0cm 5.4pt 0cm 5.4pt'> 752 <p class=MsoNormal style='page-break-after:avoid'>1</p> 753 </td> 754 <td width=361 valign=top style='width:270.85pt;border-top:none;border-left: 755 none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 756 padding:0cm 5.4pt 0cm 5.4pt'> 757 <p class=MsoNormal style='page-break-after:avoid'>Version number (0 for the 758 first version).</p> 759 </td> 760 </tr> 761 <tr> 762 <td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt; 763 border-top:none;padding:0cm 5.4pt 0cm 5.4pt'> 764 <p class=MsoNormal style='page-break-after:avoid'>5</p> 765 </td> 766 <td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none; 767 border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 768 padding:0cm 5.4pt 0cm 5.4pt'> 769 <p class=MsoNormal style='page-break-after:avoid'>1</p> 770 </td> 771 <td width=361 valign=top style='width:270.85pt;border-top:none;border-left: 772 none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 773 padding:0cm 5.4pt 0cm 5.4pt'> 774 <p class=MsoNormal style='page-break-after:avoid'>Indicates the subformat:</p> 775 <p class=MsoNormal style='page-break-after:avoid'><i>0x00 Forward Lock</i></p> 776 <p class=MsoNormal style='page-break-after:avoid'><i>0x01 Combined Delivery</i></p> 777 </td> 778 </tr> 779 <tr> 780 <td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt; 781 border-top:none;padding:0cm 5.4pt 0cm 5.4pt'> 782 <p class=MsoNormal style='page-break-after:avoid'>6</p> 783 </td> 784 <td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none; 785 border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 786 padding:0cm 5.4pt 0cm 5.4pt'> 787 <p class=MsoNormal style='page-break-after:avoid'>1</p> 788 </td> 789 <td width=361 valign=top style='width:270.85pt;border-top:none;border-left: 790 none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 791 padding:0cm 5.4pt 0cm 5.4pt'> 792 <p class=MsoNormal style='page-break-after:avoid'>Usage restriction flags (prohibitions 793 against usage as ringtone or as wallpaper and screen saver). Also indicates 794 if the file is bound to a specific SIM card.</p> 795 <p class=MsoNormal style='page-break-after:avoid'><i>0x00 No usage 796 restrictions</i></p> 797 <p class=MsoNormal style='page-break-after:avoid'><i>0x01 Ringtone usage 798 prohibited</i></p> 799 <p class=MsoNormal style='page-break-after:avoid'><i>0x02 Screen usage 800 prohibited</i></p> 801 <p class=MsoNormal style='page-break-after:avoid'><i>0x80 Bound to SIM</i></p> 802 <p class=MsoNormal style='page-break-after:avoid'>(Any number of these may be 803 OR-ed together.)</p> 804 </td> 805 </tr> 806 <tr> 807 <td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt; 808 border-top:none;padding:0cm 5.4pt 0cm 5.4pt'> 809 <p class=MsoNormal style='page-break-after:avoid'>7</p> 810 </td> 811 <td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none; 812 border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 813 padding:0cm 5.4pt 0cm 5.4pt'> 814 <p class=MsoNormal style='page-break-after:avoid'>1</p> 815 </td> 816 <td width=361 valign=top style='width:270.85pt;border-top:none;border-left: 817 none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 818 padding:0cm 5.4pt 0cm 5.4pt'> 819 <p class=MsoNormal style='page-break-after:avoid'>Length of the MIME content 820 type (<i>k</i>).</p> 821 </td> 822 </tr> 823 <tr> 824 <td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt; 825 border-top:none;padding:0cm 5.4pt 0cm 5.4pt'> 826 <p class=MsoNormal style='page-break-after:avoid'>8</p> 827 </td> 828 <td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none; 829 border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 830 padding:0cm 5.4pt 0cm 5.4pt'> 831 <p class=MsoNormal style='page-break-after:avoid'><i>k</i></p> 832 </td> 833 <td width=361 valign=top style='width:270.85pt;border-top:none;border-left: 834 none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 835 padding:0cm 5.4pt 0cm 5.4pt'> 836 <p class=MsoNormal style='page-break-after:avoid'>The MIME content type 837 (ASCII-encoded without null-character termination).</p> 838 </td> 839 </tr> 840 <tr> 841 <td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt; 842 border-top:none;padding:0cm 5.4pt 0cm 5.4pt'> 843 <p class=MsoNormal style='page-break-after:avoid'>8+<i>k</i></p> 844 </td> 845 <td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none; 846 border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 847 padding:0cm 5.4pt 0cm 5.4pt'> 848 <p class=MsoNormal style='page-break-after:avoid'><i>l </i>= 0 or 16</p> 849 </td> 850 <td width=361 valign=top style='width:270.85pt;border-top:none;border-left: 851 none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 852 padding:0cm 5.4pt 0cm 5.4pt'> 853 <p class=MsoNormal style='page-break-after:avoid'>If the subformat is 854 Combined Delivery, this field contains the auto-generated content ID (16 bytes). 855 If not, this field is zero-size.</p> 856 </td> 857 </tr> 858 <tr> 859 <td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt; 860 border-top:none;padding:0cm 5.4pt 0cm 5.4pt'> 861 <p class=MsoNormal style='page-break-after:avoid'>8+<i>k</i>+<i>l</i></p> 862 </td> 863 <td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none; 864 border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 865 padding:0cm 5.4pt 0cm 5.4pt'> 866 <p class=MsoNormal style='page-break-after:avoid'><i>m </i>= 0 or 9</p> 867 </td> 868 <td width=361 valign=top style='width:270.85pt;border-top:none;border-left: 869 none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 870 padding:0cm 5.4pt 0cm 5.4pt'> 871 <p class=MsoNormal style='page-break-after:avoid'>If the file is bound to a 872 specific SIM card, this field contains the 9-byte packed IMSI number. If not, 873 this field is zero-size.</p> 874 </td> 875 </tr> 876 <tr> 877 <td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt; 878 border-top:none;padding:0cm 5.4pt 0cm 5.4pt'> 879 <p class=MsoNormal style='page-break-after:avoid'>8+<i>k</i>+<i>l</i>+<i>m</i></p> 880 </td> 881 <td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none; 882 border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 883 padding:0cm 5.4pt 0cm 5.4pt'> 884 <p class=MsoNormal style='page-break-after:avoid'><i>n</i> ≥ 16</p> 885 </td> 886 <td width=361 valign=top style='width:270.85pt;border-top:none;border-left: 887 none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 888 padding:0cm 5.4pt 0cm 5.4pt'> 889 <p class=MsoNormal style='page-break-after:avoid'>The encrypted session key, the 890 first sixteen bytes of which are also used as the CTR-mode <i>nonce</i> (similar 891 to the CBC-mode <i>initialization vector</i>).</p> 892 </td> 893 </tr> 894 <tr> 895 <td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt; 896 border-top:none;padding:0cm 5.4pt 0cm 5.4pt'> 897 <p class=MsoNormal style='page-break-after:avoid'>8+<i>k</i>+<i>l</i>+<i>m</i>+<i>n</i></p> 898 </td> 899 <td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none; 900 border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 901 padding:0cm 5.4pt 0cm 5.4pt'> 902 <p class=MsoNormal style='page-break-after:avoid'>20</p> 903 </td> 904 <td width=361 valign=top style='width:270.85pt;border-top:none;border-left: 905 none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 906 padding:0cm 5.4pt 0cm 5.4pt'> 907 <p class=MsoNormal style='page-break-after:avoid'>Data signature�the SHA-1 908 HMAC of the encrypted content data.</p> 909 </td> 910 </tr> 911 <tr> 912 <td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt; 913 border-top:none;padding:0cm 5.4pt 0cm 5.4pt'> 914 <p class=MsoNormal style='page-break-after:avoid'>28+<i>k</i>+<i>l</i>+<i>m</i>+<i>n</i></p> 915 </td> 916 <td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none; 917 border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 918 padding:0cm 5.4pt 0cm 5.4pt'> 919 <p class=MsoNormal style='page-break-after:avoid'>20</p> 920 </td> 921 <td width=361 valign=top style='width:270.85pt;border-top:none;border-left: 922 none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 923 padding:0cm 5.4pt 0cm 5.4pt'> 924 <p class=MsoNormal style='page-break-after:avoid'>Header signature�the SHA-1 925 HMAC of all the fields above, including the encrypted session key and data 926 signature.</p> 927 </td> 928 </tr> 929 <tr> 930 <td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt; 931 border-top:none;padding:0cm 5.4pt 0cm 5.4pt'> 932 <p class=MsoNormal style='page-break-after:avoid'>48+<i>k</i>+<i>l</i>+<i>m</i>+<i>n</i></p> 933 </td> 934 <td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none; 935 border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 936 padding:0cm 5.4pt 0cm 5.4pt'> 937 <p class=MsoNormal style='page-break-after:avoid'><i><to the end of the 938 file></i></p> 939 </td> 940 <td width=361 valign=top style='width:270.85pt;border-top:none;border-left: 941 none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt; 942 padding:0cm 5.4pt 0cm 5.4pt'> 943 <p class=MsoNormal style='page-break-after:avoid'>The content data encrypted 944 using 128-bit AES in CTR mode.</p> 945 </td> 946 </tr> 947</table> 948 949<p class=MsoCaption style='margin-top:6.0pt;margin-right:0cm;margin-bottom: 95012.0pt;margin-left:0cm;page-break-after:avoid'><a name="_Ref151269206">Table </a>1. Definition of the fields of an internal Forward Lock file.</p> 951 952<p class=MsoBodyText>As of now, neither Combined Delivery nor usage 953restrictions (including SIM binding) are supported. These fields are reserved 954for future use.</p> 955 956<h2><a name="_Toc276471433">4.1<span style='font:7.0pt "Times New Roman"'> 957</span>Key Derivation</a></h2> 958 959<p class=MsoBodyText>The session key consists of sixteen bytes fetched from a 960cryptographically secure random number generator. From the session key, two 961separate keys are derived: one used for encryption, the other for signing.</p> 962 963<p class=MsoBodyText>The encryption key is the output from encrypting the 96416-byte all-zero input block {0, 0, �, 0} using 128-bit AES with the random session 965key as the key. The signing key is the output from encrypting the 16-byte input 966block {1, 0, �, 0} the same way. The keys so derived will be cryptographically 967independent from each other.</p> 968 969<p class=MsoBodyText>The session key is encrypted using a hardware-dependent 970key-encryption key unique to each device. The encrypted session key is stored 971inside the file, and its first sixteen bytes are also used as the <i>nonce</i> 972for the CTR-mode encryption of the content data.</p> 973 974<h2><a name="_Toc276471434">4.2<span style='font:7.0pt "Times New Roman"'> 975</span>Calculation of the Counters</a></h2> 976 977<p class=MsoBodyText>Using CTR (�counter�) mode, a block cipher such as AES can 978be turned into a stream cipher. The process of encryption and decryption is 979well defined in [1], except for the specifics of the calculation of the 980counters. For the internal Forward Lock file format, the counters are 981calculated as follows:</p> 982 983<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>1.<span 984style='font:7.0pt "Times New Roman"'> </span>The 985nonce is interpreted as a 128-bit unsigned integer in little-endian format.</p> 986 987<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>2.<span 988style='font:7.0pt "Times New Roman"'> </span>The 989zero-based block sequence number (also a little-endian unsigned integer) is 990added modulo 2<sup>128</sup> to the nonce to produce the counter for a given 991block.</p> 992 993<h1><a name="_Toc276471435">5<span style='font:7.0pt "Times New Roman"'> 994</span>Unit Test Cases</a></h1> 995 996<p class=MsoBodyText>Unit test cases for the converter and decoder come in two 997varieties:</p> 998 999<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>1.<span 1000style='font:7.0pt "Times New Roman"'> </span><i>Black-box</i> 1001test cases aim to verify that you get sensible results from malformed or 1002�tricky� input data.</p> 1003 1004<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>2.<span 1005style='font:7.0pt "Times New Roman"'> </span><i>White-box</i> 1006test cases aim to maximize code coverage using knowledge of code internals.</p> 1007 1008<p class=MsoBodyText>The black-box test cases are dependent on a specifically 1009designed set of input files found in the <span style='font-size:10.0pt; 1010font-family:"Lucida Console","DejaVu Sans Mono"'>forward-lock/internal-format/test/res</span> 1011directory in the repository. For �tests� variants of the software, these input 1012files will be automatically installed in the file system image during build.</p> 1013 1014<p class=MsoBodyText>Run the test cases from the ADB shell command line as 1015follows:</p> 1016 1017<p class=MsoNormal style='margin-top:0cm;margin-right:0cm;margin-bottom:6.0pt; 1018margin-left:21.55pt'><span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'># 1019gtest_fwdlock</span></p> 1020 1021<p class=MsoBodyText>If all black-box but no white-box test cases fail, the 1022input files probably can�t be found in the working directory.</p> 1023 1024<h1><a name="_Toc276471436">6<span style='font:7.0pt "Times New Roman"'> 1025</span>References</a></h1> 1026 1027<p class=MsoBodyText style='margin-left:28.9pt;text-indent:-28.9pt'>[1]<span 1028style='font:7.0pt "Times New Roman"'> 1029</span><a 1030href="http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf">Dworkin, 1031Morris: �Recommendation for Block Cipher Modes of Operation�Methods and 1032Techniques,� NIST Special Publication 800-38A, December 2001.</a><a 1033name="_Ref151269073"></a></p> 1034 1035</div> 1036 1037</body> 1038 1039</html> 1040
