C++程序  |  212行  |  6.18 KB

/*
 * Copyright (C) 2007 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#ifndef _DRMCRYPTO_H_
#define _DRMCRYPTO_H_

#include <Drm2CommonTypes.h>
#include <openssl/aes.h>
#include <openssl/hmac.h>
#include <openssl/sha.h>
#include <openssl/rsa.h>

// AES encrypt mode
typedef enum {AES_128_CBC = 0x01,AES_128_CTR = 0x02}AesMode;

// aes crypto for decrypt
class AesAgent
{
    public:
        AesAgent(const AesMode method,const unsigned char* decryptedKey)
            :mode(method),AesKey(decryptedKey){};

        /**
         * decrypt data using AES, now only support 128 bits CBC
         * \param iv       128 bits initialization vector/counter
         *                 prefixing the ciphertext
         * \param encData  encrypted data
         * \param encLen   the length of encData
         * \param decData  the buffer to store decrypted data
         * \param decLen   the actual length of decrypted data
         * \return
         *   >=   succeed, the padding length
         *   < 0  failed
         */
        int32_t decContent( unsigned char* iv,
                            const unsigned char* encData,
                            const unsigned long encLen,
                            unsigned char* decData);
        static const int32_t AES_DEC_FAILED = -1;

    PRIVATE:
        static const uint32_t AES_KEY_BITS = 128;
        const AesMode mode;
        const unsigned char* AesKey;

    PRIVATE:
        // get the actual length of decrypt data
        void discardPaddingByte(unsigned char* decryptedBuf,unsigned long* decryptedBufLen);
};

// Sha1 crypto for hash
class Sha1Agent
{
    public:
        /**
         * compute hash using Sha1
         * \param inData   the data to be hashed
         * \param inLen    the length of inData
         * \param outHash  the hash of inData
         * \return   none
         */
        void computeHash( const unsigned char* inData,
                          unsigned long inLen,
                          unsigned char* outHash) const;

        /**
         * get the length of SHA1 hash
         * \param  none
         * \return
         *      the length of SHA1 hash
         */
        unsigned long getShaLen(void) const
        {
            return SHA_DIGEST_LENGTH;
        }
};

// Hmac-Sha1 crypto for MAC
class HmacSha1Agent
{
    public:
        HmacSha1Agent(const unsigned char* Key, int key_len)
          :macKey(Key),keyLen(key_len){};

        /**
         * compute MAC using Hmac-Sha1
         * \param inData  the data to be MAC
         * \param inLen   the length of inData
         * \param outMac  the MAC of inData
         * \return   none
         */
        void computeMac( const unsigned char* inData,
                         unsigned long inLen,
                         unsigned char* outMac) const;

        /**
         * get the length of HMAC-SHA1 MAC
         * \param  none
         * \return
         *      the length of HMAC-SHA1 MAC
         */
        unsigned long getHmacLen(void) const
        {
            return SHA_DIGEST_LENGTH;
        }

    PRIVATE:
        const unsigned char* macKey;
        const int keyLen;
};

// Rsa crypto for signature,verify signature and key transport
class RsaAgent
{
    public:
        RsaAgent(RSA& Key):rsaKey(Key)
        {
            rsaSize = (unsigned int)RSA_size(&Key);
        };

        // signature algorithm
        typedef enum {RSA_PSS,RSA_SHA1}RsaAlg;

        /**
         * Do signature using RSA-PSS
         * \param rawData  the data to be signature
         * \param rawLen   the length of inData
         * \param sigData  the buffer to store the signature of rawData
         * \param sigAlg   signature algorithm
         * \return
         *   true   succeed
         *   false  failed
         */
        bool signature( const unsigned char* rawData,
                        const unsigned long rawLen,
                        unsigned char* sigData,
                        const RsaAlg sigAlg);

        /**
         * get the length of signature
         * \param  none
         * \return
         *      the length of signature
         */
        unsigned int getSigLen(void) const
        {
            return rsaSize;
        }

        /**
         * Verify signature using RSA-PSS
         * \param sigData  the data to be verify
         * \param sigLen   the length of sigData
         * \param rawData  the data from which the sigData generated
         * \param rawLen   the length of rawData
         * \param sigAlg   signature algorithm
         * \return
         *   true   succeed
         *   false  failed
         */
        bool sigVerify(unsigned char* sigData,
                       unsigned long sigLen,
                       const unsigned char* rawData,
                       const unsigned long rawLen,
                       const RsaAlg sigAlg);


        /**
         * Decrypt data using RSA
         * \param encData  encrypted data
         * \param encLen   the length of encData
         * \param decData  the buffer to store decrypted data
         * \return
         *   -1  decrypted failed
         *   >0  the actual length of decrypted data
         */
        int decrypt( const unsigned char* encData,
                     const unsigned long encLen,
                     unsigned char* decData);

        /**
         * get the length of decrypted data
         * \param none
         * \return
         *      the length of decrypted data
         */
        unsigned int getDecLen(void) const
        {
           return rsaSize;
        }

    PRIVATE:
        RSA& rsaKey;
        unsigned int rsaSize;
};


#endif /* _DRMCRYPTO_H_ */