The current mbedtls integration was not working for some modes. See for
example #1316 and also lots of failing integration tests.
For example in pattern encryptor it works on one block at a time so it
cannot assume it's going to always get a buffer with a padding for an
extra block.
From what I can tell when the padding mode is correctly set to
`MBEDTLS_PADDING_NONE` there is no extra block being written to or
required.
This passes all crypto unit tests and integration tests.
Closes#1316
This work was done over ~80 individual commits in the `cmake` branch,
which are now being merged back into `main`. As a roll-up commit, it is
too big to be reviewable, but each change was reviewed individually in
context of the `cmake` branch. After this, the `cmake` branch will be
renamed `cmake-porting-history` and preserved.
---------
Co-authored-by: Geoff Jukes <geoffjukes@users.noreply.github.com>
Co-authored-by: Bartek Zdanowski <bartek.zdanowski@gmail.com>
Co-authored-by: Carlos Bentzen <cadubentzen@gmail.com>
Co-authored-by: Dennis E. Mungai <2356871+Brainiarc7@users.noreply.github.com>
Co-authored-by: Cosmin Stejerean <cstejerean@gmail.com>
Co-authored-by: Carlos Bentzen <carlos.bentzen@bitmovin.com>
Co-authored-by: Cosmin Stejerean <cstejerean@meta.com>
Co-authored-by: Cosmin Stejerean <cosmin@offbytwo.com>
- CBC cryptors should accept IV of size 8 bytes - it will be zero
extended to 16 bytes.
- Fixed iv() not updated problem in AesPatternCryptor.
- Replace kChainAcrossCalls with ConstantIvFlag enum flags.
Change-Id: I3fb4de0e8abbe891e6271e779373ba53f8df660d
- Create AesCryptor class as the common base
- AesCryptor::Crypt function will serve as an Encrypt function for
encryptor and a Decrypt function for Decryptor.
Change-Id: Ie91fb14964b5091786705bf510656f40d73af160
- Optimize and clean up encryption and decryption code.
- Consolidate various CBC encryption/decryption schemes into a
common class.
- Make it a constructor argument whether cipher block chain is
continuous across Encrypt/Decrypt calls.
- Also align protected region size as required in CENC spec.
Issue #77
Change-Id: I533d92ada3cd80933b532b9c3a1cca105ba66f8e
- Part 1.
- Add packager command line argument "protection_scheme" to specify
protection scheme. Plumb through packager code to enable CBC
encryption/decryption.
- Add scheme type "cbc1" to sinf.
- Refactor AES encryptor and decryptor.
- Need more work in the subsample handling.
Issue #77
Change-Id: I3a9304d89adf5efbfb226b6e805a3077b6cb8c68
Cosmin Stejerean
Joey Parrish
Kongqun Yang
Bei Li