Merge branch 'master' into development/correct-lisa

.github/workflows/Build ThunderInterfaces on Linux.yml

@@ -6,20 +6,20 @@ on:
   pull_request:
     branches: ["master"]
   workflow_call:
-    
+
 jobs:
   Thunder:
     uses: rdkcentral/Thunder/.github/workflows/Build Thunder on Linux.yml@master
-    
+
   ThunderInterfaces:
     needs: Thunder
-    
+
     runs-on: ubuntu-latest
-    
+
     strategy:
       matrix:
         build_type: [Debug, Release, MinSizeRel]
-    
+
     name: Build type - ${{matrix.build_type}}
     steps:
     - name: Install necessary packages
@@ -34,30 +34,50 @@ jobs:
           sudo apt install python3-pip
           pip install jsonref
           sudo apt install build-essential cmake ninja-build libusb-1.0-0-dev zlib1g-dev libssl-dev
-    
+
     - name: Checkout Thunder
       uses: actions/checkout@v3
       with:
         path: Thunder
         repository: rdkcentral/Thunder
-        
+
     - name: Download artifacts
       uses: actions/download-artifact@v3
       with:
         name: Thunder-${{matrix.build_type}}-artifact
         path: ${{matrix.build_type}}
-        
+
     - name: Unpack files
       run: |
         tar -xvzf ${{matrix.build_type}}/${{matrix.build_type}}.tar.gz
         rm ${{matrix.build_type}}/${{matrix.build_type}}.tar.gz
-        
-    - name: Checkout ThunderInterfaces
+
+# ----- ThunderInterfaces -----
+    - name: Checkout ThunderInterfaces - default
+      if: ${{ !contains(github.event.pull_request.body, '[DependsOn=ThunderInterfaces:') }}
+      uses: actions/checkout@v3
+      with:
+        path: ThunderInterfaces
+        repository: rdkcentral/ThunderInterfaces
+
+    - name: Regex ThunderInterfaces
+      if: contains(github.event.pull_request.body, '[DependsOn=ThunderInterfaces:')
+      id: thunderinterfaces
+      uses: AsasInnab/regex-action@v1
+      with:
+        regex_pattern: '(?<=\[DependsOn=ThunderInterfaces:).*(?=\])'
+        regex_flags: 'gim'
+        search_string: ${{github.event.pull_request.body}}
+
+    - name: Checkout ThunderInterfaces - ${{steps.thunderinterfaces.outputs.first_match}}
+      if: contains(github.event.pull_request.body, '[DependsOn=ThunderInterfaces:')
       uses: actions/checkout@v3
       with:
         path: ThunderInterfaces
         repository: rdkcentral/ThunderInterfaces
+        ref: ${{steps.thunderinterfaces.outputs.first_match}}
 
+# ----- Building -----
     - name: Build ThunderInterfaces
       run: |
         cmake -G Ninja -S ThunderInterfaces -B ${{matrix.build_type}}/build/ThunderInterfaces \

definitions/Definitions.cpp

@@ -30,6 +30,7 @@
 #include <interfaces/IComposition.h>
 #include <interfaces/IConfiguration.h>
 #include <interfaces/IContentDecryption.h>
+#include <interfaces/ICryptography.h>
 #include <interfaces/ICustomerCareOperations.h>
 #include <interfaces/IDeviceInfo.h>
 #include <interfaces/IDictionary.h>
@@ -50,6 +51,7 @@
 #include <interfaces/IMessageControl.h>
 #include <interfaces/INetworkControl.h>
 #include <interfaces/INetflix.h>
+#include <interfaces/INetflixSecurity.h>
 #include <interfaces/IPackager.h>
 #include <interfaces/IPerformance.h>
 #include <interfaces/IPlayerInfo.h>

interfaces/ICryptography.h

@@ -0,0 +1,197 @@
+/*
+ * If not stated otherwise in this file or this component's LICENSE file the
+ * following copyright and licenses apply:
+ *
+ * Copyright 2020 Metrological
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include "Module.h"
+
+namespace WPEFramework {
+namespace Exchange {
+
+    enum CryptographyVault : uint8_t {
+        CRYPTOGRAPHY_VAULT_DEFAULT = 0,
+        CRYPTOGRAPHY_VAULT_PLATFORM = 1,
+        CRYPTOGRAPHY_VAULT_PROVISIONING = 0x10,
+        CRYPTOGRAPHY_VAULT_NETFLIX = 0x11
+    };
+
+    enum IDs : uint32_t {
+        ID_HASH = 0x00001100,
+        ID_VAULT,
+        ID_CIPHER,
+        ID_DIFFIE_HELLMAN,
+        ID_CRYPTOGRAPHY,
+        ID_PERSISTENT
+    };
+
+    enum aesmode : uint8_t {
+        ECB,
+        CBC,
+        OFB,
+        CFB1,
+        CFB8,
+        CFB128,
+        CTR
+    };
+
+    enum hashtype : uint8_t {
+        SHA1 = 20,
+        SHA224 = 28,
+        SHA256 = 32,
+        SHA384 = 48,
+        SHA512 = 64
+    };
+
+    struct EXTERNAL IHash : virtual public Core::IUnknown {
+
+        enum { ID = ID_HASH };
+
+        ~IHash() override = default;
+
+        /* Ingest data into the hash calculator (multiple calls possible) */
+        virtual uint32_t Ingest(const uint32_t length, const uint8_t data[] /* @in @length:length */) = 0;
+
+        /* Calculate the hash from all ingested data */
+        virtual uint8_t Calculate(const uint8_t maxLength, uint8_t data[] /* @out @maxlength:maxLength */) = 0;
+    };
+
+    struct EXTERNAL ICipher : virtual public Core::IUnknown {
+
+        enum { ID = ID_CIPHER };
+
+        ~ICipher()  override = default;
+
+        // Encryption and decryption, might require more bytes of data to complete succefully (like padding) to indicate the
+        // the encryption or decryption failed due to a lack of storage space, a negative length is returned. The abs(length)
+        // indicates the number of bytes required in the output buffer to succefully complete.
+
+        /* Encrypt data */
+        virtual int32_t Encrypt(const uint8_t ivLength, const uint8_t iv[] /* @in @length:ivLength */,
+                                const uint32_t inputLength, const uint8_t input[] /* @in @length:inputLength */,
+                                const uint32_t maxOutputLength, uint8_t output[] /* @out @maxlength:maxOutputLength */) const = 0;
+
+        /* Decrypt data */
+        virtual int32_t Decrypt(const uint8_t ivLength, const uint8_t iv[] /* @in @length:ivLength */,
+                                const uint32_t inputLength, const uint8_t input[] /* @in @length:inputLength */,
+                                const uint32_t maxOutputLength, uint8_t output[] /* @out @maxlength:maxOutputLength */) const = 0;
+    };
+
+    struct EXTERNAL IDiffieHellman : virtual public Core::IUnknown {
+
+        enum { ID = ID_DIFFIE_HELLMAN };
+
+        ~IDiffieHellman() override = default;
+
+        /* Generate DH private/public keys */
+        virtual uint32_t Generate(const uint8_t generator, const uint16_t modulusSize, const uint8_t modulus[]/* @in @length:modulusSize */ ,
+                                  uint32_t& privKeyId /* @out */, uint32_t& pubKeyId /* @out */) = 0;
+
+        /* Calculate a DH shared secret */
+        virtual uint32_t Derive(const uint32_t privateKey, const uint32_t peerPublicKeyId, uint32_t& secretId /* @out */) = 0;
+    };
+
+    struct IPersistent : virtual public Core::IUnknown {
+
+    enum { ID = ID_PERSISTENT };
+
+    enum keytype {
+        AES128,
+        AES256,
+        HMAC128,
+        HMAC160,
+        HMAC256
+    };
+
+    virtual ~IPersistent() { }
+
+    //Check if a named key exists in peristent storage
+    virtual uint32_t Exists(const string& locator, bool& result /* @out */) const =0;
+
+    //Load persistent key details to vault
+    virtual uint32_t Load(const string& locator, uint32_t&  id /* @out */) = 0;
+
+    //Create a new key on persistent storage
+    virtual uint32_t Create(const string& locator, const keytype keyType, uint32_t& id /* @out */) = 0 ;
+
+    //To explicitly flush resources at the backend
+    virtual uint32_t Flush() = 0;
+
+    };
+
+
+    struct EXTERNAL IVault : virtual public Core::IUnknown {
+
+        enum { ID = ID_VAULT };
+
+        ~IVault()  override = default;
+
+        // Operations manipulating items in the vault
+        // ---------------------------------------------------
+
+        // Return size of a vault data blob
+        // (-1 if the blob exists in the vault but is not extractable and 0 if the ID does not exist)
+        virtual uint16_t Size(const uint32_t id) const = 0;
+
+        // Import unencrypted data blob into the vault (returns blob ID)
+        // Note: User IDs are always greater than 0x80000000, values below 0x80000000 are reserved for implementation-specific internal data blobs.
+        virtual uint32_t Import(const uint16_t length, const uint8_t blob[] /* @in @length:length */) = 0;
+
+        // Export unencrypted data blob out of the vault (returns blob ID), only public blobs are exportable
+        virtual uint16_t Export(const uint32_t id, const uint16_t maxLength, uint8_t blob[] /* @out @maxlength:maxLength */) const = 0;
+
+        // Set encrypted data blob in the vault (returns blob ID)
+        virtual uint32_t Set(const uint16_t length, const uint8_t blob[] /* @in @length:length */) = 0;
+
+        // Get encrypted data blob out of the vault (data identified by ID, returns size of the retrieved data)
+        virtual uint16_t Get(const uint32_t id, const uint16_t maxLength, uint8_t blob[] /* @out @maxlength:maxLength */) const = 0;
+
+        // Delete a data blob from the vault
+        virtual bool Delete(const uint32_t id) = 0;
+
+
+        // Crypto operations using the vault for key storage
+        // -----------------------------------------------------
+
+        // Retrieve a HMAC calculator
+        virtual IHash* HMAC(const hashtype hashType, const uint32_t keyId) = 0;
+
+        // Retrieve an AES encryptor/decryptor
+        virtual ICipher* AES(const aesmode aesMode, const uint32_t keyId) = 0;
+
+        // Retrieve a Diffie-Hellman key creator
+        virtual IDiffieHellman* DiffieHellman() = 0;
+    };
+
+    struct EXTERNAL ICryptography : virtual public Core::IUnknown {
+        enum { ID = ID_CRYPTOGRAPHY };
+
+        ~ICryptography()  override = default;
+
+        static ICryptography* Instance(const std::string& connectionPoint);
+
+        // Retrieve a hash calculator
+        virtual IHash* Hash(const hashtype hashType) = 0;
+
+        // Retrieve a vault (TEE identified by ID)
+        virtual IVault* Vault(const CryptographyVault id) = 0;
+    };
+
+} // namespace Cryptography
+
+}

interfaces/INetflixSecurity.h

@@ -0,0 +1,55 @@
+/*
+ * If not stated otherwise in this file or this component's LICENSE file the
+ * following copyright and licenses apply:
+ *
+ * Copyright 2020 Metrological
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include "Module.h"
+
+namespace WPEFramework {
+
+namespace Cryptography {
+
+struct EXTERNAL INetflixSecurity : public Core::IUnknown
+{
+    enum { ID = 0x00001200 };
+
+    virtual ~INetflixSecurity() { }
+
+    /* Retrieve the ESN */
+    virtual std::string ESN() const = 0;
+
+    /* Retrieve the pre-shared encryption key */
+    virtual uint32_t EncryptionKey() const = 0;
+
+    /* Retrieve the pre-shared HMAC key */
+    virtual uint32_t HMACKey() const = 0;
+
+    /* Retrieve the pre-shared wrapping key */
+    virtual uint32_t WrappingKey() const = 0;
+
+    /* Derive encryption keys based on an authenticated Diffie-Hellman procedure */
+    virtual uint32_t DeriveKeys(const uint32_t privateDhKeyId, const uint32_t peerPublicDhKeyId, const uint32_t derivationKeyId,
+                                uint32_t& encryptionKeyId /* @out */, uint32_t& hmacKeyId /* @out */, uint32_t& wrappingKeyId /* @out */) = 0;
+
+    static INetflixSecurity* Instance();
+};
+
+} // namespace Cryptography
+
+}

interfaces/ITextToSpeech.h

@@ -14,6 +14,7 @@ namespace Exchange {
             std::string ttsEndPointSecured;
             std::string language;
             std::string voice;
+            std::string speechRate;
             uint8_t volume;
             uint8_t rate;
         };
@@ -79,7 +80,6 @@ namespace Exchange {
         virtual uint32_t SetFallbackText(const string scenario,const string value) = 0;
         virtual uint32_t SetAPIKey(const string apikey) = 0;
         virtual uint32_t SetPrimaryVolDuck(const uint8_t prim) = 0;
-        virtual uint32_t SetSpeechRate(const string speechRate) = 0;
 
         // @brief Retrieve tts configuration attributes 
         // @param config tts configuration

interfaces/Ids.h

@@ -44,6 +44,8 @@
 //       than 16 interface in that group so that the next ID is indeed elevated (and rounded
 //       up to a multiple of 16) if the next entry is made in the future.
 
+// @insert <com/Ids.h>
+
 namespace WPEFramework {
 
 namespace Exchange {

interfaces/Interfaces.vcxproj

@@ -74,6 +74,7 @@
     <ClInclude Include="IComposition.h" />
     <ClInclude Include="IConfiguration.h" />
     <ClInclude Include="IContentDecryption.h" />
+    <ClInclude Include="ICryptography.h" />
     <ClInclude Include="IDeviceInfo.h" />
     <ClInclude Include="IDIALServer.h" />
     <ClInclude Include="IDictionary.h" />
@@ -90,6 +91,7 @@
     <ClInclude Include="IMemory.h" />
     <ClInclude Include="IMessageControl.h" />
     <ClInclude Include="INetflix.h" />
+    <ClInclude Include="INetflixSecurity.h" />
     <ClInclude Include="IOCDM.h" />
     <ClInclude Include="IPackager.h" />
     <ClInclude Include="IPerformance.h" />
@@ -336,4 +338,4 @@
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
   <ImportGroup Label="ExtensionTargets">
   </ImportGroup>
-</Project>
+</Project>