Encrypted Content Key doesn't match with the ContentKey on FairPlay Programming Guide documentation?

Media Technologies Streaming
solidwrist OP
Created Aug ’16
Replies 14
Boosts 0
Views 2.2k
Participants 4

Hello,


I am implementing a Key Security Module(KSM) for FairPlay.

For now I am working with the sample spc1.bin and ckc1.bin files while implementing KSM.


I decrypted spc1.bin and all the blocks are matched with the blocks on the programming guide.(FairPlayStreaming_PG.pdf)

So far everything is OK with the SPC data.


I have started CKC part, the first thing you should do is encrypting ContentKey with the SessionKey which is sent in the SPC SKR1 payload.

These are the keys which I decrypt the SPC payload and get this SessionKey from spc1.bin.

SessionKey= AF B4 6E 7B F5 F3 15 96 C1 C6 76 DC 15 E1 4D C6


And in the sdk folders there is a file (Key.txt) for ContentKey and Initialization Vector for Asset "Twelve"

For asset Id “twelve”
Key = {0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C},
IV  = {0xD5,0xFB,0xD6,0xB8,0x2E,0xD9,0x3E,0x4E,0xF9,0x8A,0xE4,0x09,0x31,0xEE,0x33,0xB7}


For content key encryption I am using AES/ECB with no padding, with 0 InitializationVector like below. Because with ECB mode IV is ignored.

IV for AES/ECB= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00


And with all these info, this is what I got when I encrypt the ContentKey with SessionKey:

41 FF 6A 67 CF C0 75 0E 08 42 29 1C F2 16 AC 8C


But on documentation(FairPlayStreaming_PG.pdf) it is:

3d 56 43 97 87 8b 70 43 e1 54 31 f1 f8 6b c5 62


Am I doing something wrong here or did they use another ContentKey for this documentation?

As I said above my Cryptography functions work as they should be because everything except ContentKey encryption works as expected and matches with the documentation.


Best regards,

Barbaros.

Replies  14
Boosts  0
Views  2.2k
Participants  4
rotem OP
Aug ’16

Hi,

did you solve this issue?

i'm getting the the exact same results as you do,

ck input is

0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C

and output is

41 FF 6A 67 CF C0 75 0E 08 42 29 1C F2 16 AC 8C


Regards

0
solidwrist OP
Aug ’16

Hi Rotem,


Unfortunately, I couldn't.

It seems just two of us has encountered this issue.


If you come up with something please let me know.


Regards,

Barbaros.

0
larry.meadors OP
Sep ’16

I am using the AES CBC with the same IV that I used to encrypt the CKC's payload and I get the correct results you have above (0x3D56...C562).


While I'm getting the correct results, but the video still wont play for me in Safari. 😐


Larry

0
rotem OP
Sep ’16

HI Larry,

Is your content key before encryption equals to 0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C,0x3C ?

tried doing what you suggested with no luck


did they make a mistake in the KSM implementation? its clearly written in comment to use ECB

" // 2.2 In place ECB encrypt the content key with the session key"



Thanks!

0
solidwrist OP
Sep ’16

Hi Larry,


I am also curious like @rotem about the ContentKey you used to get the correct result.

Can you please writedown each key you used to get the correct result?


Best regards,

Barbaros.

0
solidwrist OP
Sep ’16

Hi Rotem,


Yes, you are right. It s clearly written to use ECB mode.

I couldn't understand how Larry has managed to do it.

0
solidwrist OP
Sep ’16

Have you found a solution? 😐

0
rotem OP
Sep ’16

unfortunately i didn't,

i thought the problem is visual studio so i implemented the ksm in xcode, got the same results exactly

0
larry.meadors OP
Sep ’16

Yeah - looking at the code in the ref impl, you're right.


Mine's broken right now, and I'm thinking I must have misread something.


Right now, all I can seem to get is "CKC parsing error! Found a problem with the CKC TLLV structure." which is not quite useless, but about as close as you can get.


Larry

0
DTS Engineer OP
Apple
Sep ’16
Accepted Answer

The content key from the "Key.txt" file in the SDK is not the correct key to use when testing with the verify_ckc utility and the SPC/CKC Data Initialization Vectors (spc1.bin, ckc1.bin, and so on).


I don't have the actual value handy at the moment, but to determine the unencrypted Content Key that was used in the CKC Data Initialization vectors, you can run the verify_ckc utility as you are doing now and get the value for the CKC Content Key TLLV (see the TLLV Tag -- 58b38165af0e3d5a), which will contain the IV followed by the Content Key encrypted with the SK. Then simply decrypt this encrypted Content Key from the Content Key TLLV using AES ECB mode and the Session Key (SK) from the SPC.

0
rotem OP
Sep ’16

THANKS!


the content key for spc1.bin+ckc1.bin is {0x3B,0x3B,0x3B......0x3B} 😮

0
solidwrist OP
Sep ’16

Wow! In the end we have found who is guilty.

Thank you srk and rotem!

0
larry.meadors OP
Sep ’16

Excellent - this is what I'm getting now as well.

0
solidwrist OP
Sep ’16

Hi srk!


I have another question about CKC TLLV. Can you please take a look?

https://forums.developer.apple.com/message/184061#184061

0
Encrypted Content Key doesn't match with the ContentKey on FairPlay Programming Guide documentation?
First post date Last post date
 
 
Q