116dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce/* 216dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce * Copyright (C) 2014 The Android Open Source Project 316dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce * 416dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce * Licensed under the Apache License, Version 2.0 (the "License"); 516dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce * you may not use this file except in compliance with the License. 616dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce * You may obtain a copy of the License at 716dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce * 816dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce * http://www.apache.org/licenses/LICENSE-2.0 916dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce * 1016dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce * Unless required by applicable law or agreed to in writing, software 1116dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce * distributed under the License is distributed on an "AS IS" BASIS, 1216dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1316dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce * See the License for the specific language governing permissions and 1416dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce * limitations under the License. 1516dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce */ 1616dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce 1716dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce//#define LOG_NDEBUG 0 1816dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce#define LOG_TAG "ClearKeyCryptoPlugin" 1916dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce#include <utils/Log.h> 2016dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce 2116dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce#include <openssl/aes.h> 2216dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce 2316dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce#include "AesCtrDecryptor.h" 2416dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce 2516dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Brucenamespace clearkeydrm { 2616dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce 2716dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Brucestatic const size_t kBlockBitCount = kBlockSize * 8; 2816dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce 2916dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruceandroid::status_t AesCtrDecryptor::decrypt(const android::Vector<uint8_t>& key, 3016dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce const Iv iv, const uint8_t* source, 3116dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce uint8_t* destination, 3216dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce const SubSample* subSamples, 3316dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce size_t numSubSamples, 3416dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce size_t* bytesDecryptedOut) { 3516dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce uint32_t blockOffset = 0; 3616dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce uint8_t previousEncryptedCounter[kBlockSize]; 3716dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce memset(previousEncryptedCounter, 0, kBlockSize); 3816dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce 3916dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce size_t offset = 0; 4016dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce AES_KEY opensslKey; 4116dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce AES_set_encrypt_key(key.array(), kBlockBitCount, &opensslKey); 4216dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce Iv opensslIv; 4316dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce memcpy(opensslIv, iv, sizeof(opensslIv)); 4416dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce 4516dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce for (size_t i = 0; i < numSubSamples; ++i) { 4616dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce const SubSample& subSample = subSamples[i]; 4716dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce 4816dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce if (subSample.mNumBytesOfClearData > 0) { 4916dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce memcpy(destination + offset, source + offset, 5016dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce subSample.mNumBytesOfClearData); 5116dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce offset += subSample.mNumBytesOfClearData; 5216dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce } 5316dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce 5416dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce if (subSample.mNumBytesOfEncryptedData > 0) { 5516dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce AES_ctr128_encrypt(source + offset, destination + offset, 5616dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce subSample.mNumBytesOfEncryptedData, &opensslKey, 5716dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce opensslIv, previousEncryptedCounter, 5816dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce &blockOffset); 5916dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce offset += subSample.mNumBytesOfEncryptedData; 6016dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce } 6116dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce } 6216dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce 6316dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce *bytesDecryptedOut = offset; 6416dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce return android::OK; 6516dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce} 6616dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce 6716dfdcff6e4bb025220b88d5fc132ae48e7cb437John "Juce" Bruce} // namespace clearkeydrm 68