1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
|
<html>
<head>
<meta http-equiv=Content-Type content="text/html; charset=windows-1252">
<meta name=Generator content="Microsoft Word 12 (filtered)">
<title>Forward Lock Converter and Decoder</title>
<style>
<!--
/* Font Definitions */
@font-face
{font-family:SimSun;
panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:"Lucida Console","DejaVu Sans Mono";
panose-1:2 11 6 9 4 5 4 2 2 4;}
@font-face
{font-family:"\@SimSun";
panose-1:2 1 6 0 3 1 1 1 1 1;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
h1
{margin-right:0cm;
margin-left:21.6pt;
text-indent:-21.6pt;
page-break-after:avoid;
font-size:16.0pt;
font-family:"Arial","sans-serif";}
h2
{margin-top:12.0pt;
margin-right:0cm;
margin-bottom:3.0pt;
margin-left:28.8pt;
text-indent:-28.8pt;
page-break-after:avoid;
font-size:14.0pt;
font-family:"Arial","sans-serif";
font-style:italic;}
h3
{margin-top:12.0pt;
margin-right:0cm;
margin-bottom:3.0pt;
margin-left:36.0pt;
text-indent:-36.0pt;
page-break-after:avoid;
font-size:13.0pt;
font-family:"Arial","sans-serif";}
h4
{margin-top:12.0pt;
margin-right:0cm;
margin-bottom:3.0pt;
margin-left:43.2pt;
text-indent:-43.2pt;
page-break-after:avoid;
font-size:14.0pt;
font-family:"Times New Roman","serif";}
h5
{margin-top:12.0pt;
margin-right:0cm;
margin-bottom:3.0pt;
margin-left:50.4pt;
text-indent:-50.4pt;
font-size:13.0pt;
font-family:"Times New Roman","serif";
font-style:italic;}
h6
{margin-top:12.0pt;
margin-right:0cm;
margin-bottom:3.0pt;
margin-left:57.6pt;
text-indent:-57.6pt;
font-size:11.0pt;
font-family:"Times New Roman","serif";}
p.MsoHeading7, li.MsoHeading7, div.MsoHeading7
{margin-top:12.0pt;
margin-right:0cm;
margin-bottom:3.0pt;
margin-left:64.8pt;
text-indent:-64.8pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
p.MsoHeading8, li.MsoHeading8, div.MsoHeading8
{margin-top:12.0pt;
margin-right:0cm;
margin-bottom:3.0pt;
margin-left:72.0pt;
text-indent:-72.0pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";
font-style:italic;}
p.MsoHeading9, li.MsoHeading9, div.MsoHeading9
{margin-top:12.0pt;
margin-right:0cm;
margin-bottom:3.0pt;
margin-left:79.2pt;
text-indent:-79.2pt;
font-size:11.0pt;
font-family:"Arial","sans-serif";}
p.MsoToc1, li.MsoToc1, div.MsoToc1
{margin-top:6.0pt;
margin-right:0cm;
margin-bottom:6.0pt;
margin-left:0cm;
line-height:150%;
font-size:10.5pt;
font-family:"Times New Roman","serif";
text-transform:uppercase;
font-weight:bold;}
p.MsoToc2, li.MsoToc2, div.MsoToc2
{margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:12.0pt;
margin-bottom:.0001pt;
line-height:150%;
font-size:10.5pt;
font-family:"Times New Roman","serif";
font-variant:small-caps;}
p.MsoToc3, li.MsoToc3, div.MsoToc3
{margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:24.0pt;
margin-bottom:.0001pt;
line-height:150%;
font-size:10.5pt;
font-family:"Times New Roman","serif";
font-style:italic;}
p.MsoToc4, li.MsoToc4, div.MsoToc4
{margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
margin-bottom:.0001pt;
font-size:9.0pt;
font-family:"Times New Roman","serif";}
p.MsoToc5, li.MsoToc5, div.MsoToc5
{margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:48.0pt;
margin-bottom:.0001pt;
font-size:9.0pt;
font-family:"Times New Roman","serif";}
p.MsoToc6, li.MsoToc6, div.MsoToc6
{margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:60.0pt;
margin-bottom:.0001pt;
font-size:9.0pt;
font-family:"Times New Roman","serif";}
p.MsoToc7, li.MsoToc7, div.MsoToc7
{margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:72.0pt;
margin-bottom:.0001pt;
font-size:9.0pt;
font-family:"Times New Roman","serif";}
p.MsoToc8, li.MsoToc8, div.MsoToc8
{margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:84.0pt;
margin-bottom:.0001pt;
font-size:9.0pt;
font-family:"Times New Roman","serif";}
p.MsoToc9, li.MsoToc9, div.MsoToc9
{margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:96.0pt;
margin-bottom:.0001pt;
font-size:9.0pt;
font-family:"Times New Roman","serif";}
p.MsoFootnoteText, li.MsoFootnoteText, div.MsoFootnoteText
{margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Times New Roman","serif";}
p.MsoHeader, li.MsoHeader, div.MsoHeader
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
p.MsoFooter, li.MsoFooter, div.MsoFooter
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
p.MsoCaption, li.MsoCaption, div.MsoCaption
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Times New Roman","serif";
font-weight:bold;}
span.MsoFootnoteReference
{vertical-align:super;}
p.MsoTitle, li.MsoTitle, div.MsoTitle
{margin-top:12.0pt;
margin-right:0cm;
margin-bottom:120.0pt;
margin-left:0cm;
text-align:center;
font-size:16.0pt;
font-family:"Arial","sans-serif";
font-weight:bold;}
p.MsoBodyText, li.MsoBodyText, div.MsoBodyText
{mso-style-link:"Body Text Char";
margin-top:0cm;
margin-right:0cm;
margin-bottom:6.0pt;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{margin:0cm;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";}
span.BodyTextChar
{mso-style-name:"Body Text Char";
mso-style-link:"Body Text";}
/* Page Definitions */
@page WordSection1
{size:595.45pt 841.7pt;
margin:72.0pt 90.0pt 72.0pt 90.0pt;}
div.WordSection1
{page:WordSection1;}
@page WordSection2
{size:595.45pt 841.7pt;
margin:72.0pt 90.0pt 72.0pt 90.0pt;}
div.WordSection2
{page:WordSection2;}
/* List Definitions */
ol
{margin-bottom:0cm;}
ul
{margin-bottom:0cm;}
-->
</style>
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=WordSection1>
<p class=MsoTitle>Forward Lock Converter And Decoder</p>
<p class=MsoToc1><span
class=MsoHyperlink><a href="#_Toc276471422">1<span style='font-size:12.0pt;
line-height:150%;color:windowtext;text-transform:none;font-weight:normal;
text-decoration:none'> </span>Introduction<span style='color:windowtext;
display:none;text-decoration:none'>. </span><span
style='color:windowtext;display:none;text-decoration:none'>3</span></a></span></p>
<p class=MsoToc1><span class=MsoHyperlink><a href="#_Toc276471423">2<span
style='font-size:12.0pt;line-height:150%;color:windowtext;text-transform:none;
font-weight:normal;text-decoration:none'> </span>Overview<span
style='color:windowtext;display:none;text-decoration:none'>... </span><span
style='color:windowtext;display:none;text-decoration:none'>3</span></a></span></p>
<p class=MsoToc1><span class=MsoHyperlink><a href="#_Toc276471424">3<span
style='font-size:12.0pt;line-height:150%;color:windowtext;text-transform:none;
font-weight:normal;text-decoration:none'> </span>Use Cases<span
style='color:windowtext;display:none;text-decoration:none'>. </span><span
style='color:windowtext;display:none;text-decoration:none'>4</span></a></span></p>
<p class=MsoToc2><span class=MsoHyperlink><span style='font-variant:normal !important;
text-transform:uppercase'><a href="#_Toc276471425">3.1<span style='font-size:
12.0pt;line-height:150%;color:windowtext;text-transform:none;text-decoration:
none'> </span>Converter<span style='color:windowtext;display:none;
text-decoration:none'>. </span><span
style='color:windowtext;display:none;text-decoration:none'>4</span></a></span></span></p>
<p class=MsoToc3><span class=MsoHyperlink><a href="#_Toc276471426">3.1.1<span
style='font-size:12.0pt;line-height:150%;color:windowtext;font-style:normal;
text-decoration:none'> </span>Convert Data (Push-Mode Conversion)<span
style='color:windowtext;display:none;text-decoration:none'> </span><span
style='color:windowtext;display:none;text-decoration:none'>4</span></a></span></p>
<p class=MsoToc3><span class=MsoHyperlink><a href="#_Toc276471427">3.1.2<span
style='font-size:12.0pt;line-height:150%;color:windowtext;font-style:normal;
text-decoration:none'> </span>Convert File (Pull-Mode Conversion)<span
style='color:windowtext;display:none;text-decoration:none'> </span><span
style='color:windowtext;display:none;text-decoration:none'>6</span></a></span></p>
<p class=MsoToc2><span class=MsoHyperlink><span style='font-variant:normal !important;
text-transform:uppercase'><a href="#_Toc276471428">3.2<span style='font-size:
12.0pt;line-height:150%;color:windowtext;text-transform:none;text-decoration:
none'> </span>Decoder<span style='color:windowtext;display:none;
text-decoration:none'>. </span><span
style='color:windowtext;display:none;text-decoration:none'>7</span></a></span></span></p>
<p class=MsoToc3><span class=MsoHyperlink><a href="#_Toc276471429">3.2.1<span
style='font-size:12.0pt;line-height:150%;color:windowtext;font-style:normal;
text-decoration:none'> </span>Check Integrity<span style='color:windowtext;
display:none;text-decoration:none'>. </span><span
style='color:windowtext;display:none;text-decoration:none'>8</span></a></span></p>
<p class=MsoToc3><span class=MsoHyperlink><a href="#_Toc276471430">3.2.2<span
style='font-size:12.0pt;line-height:150%;color:windowtext;font-style:normal;
text-decoration:none'> </span>Get Content Type<span style='color:windowtext;
display:none;text-decoration:none'>. </span><span
style='color:windowtext;display:none;text-decoration:none'>9</span></a></span></p>
<p class=MsoToc3><span class=MsoHyperlink><a href="#_Toc276471431">3.2.3<span
style='font-size:12.0pt;line-height:150%;color:windowtext;font-style:normal;
text-decoration:none'> </span>Decode File<span style='color:windowtext;
display:none;text-decoration:none'>. </span><span
style='color:windowtext;display:none;text-decoration:none'>10</span></a></span></p>
<p class=MsoToc1><span class=MsoHyperlink><a href="#_Toc276471432">4<span
style='font-size:12.0pt;line-height:150%;color:windowtext;text-transform:none;
font-weight:normal;text-decoration:none'> </span>Definition of the
Internal Forward Lock File Format<span style='color:windowtext;display:none;
text-decoration:none'>. </span><span
style='color:windowtext;display:none;text-decoration:none'>11</span></a></span></p>
<p class=MsoToc2><span class=MsoHyperlink><span style='font-variant:normal !important;
text-transform:uppercase'><a href="#_Toc276471433">4.1<span style='font-size:
12.0pt;line-height:150%;color:windowtext;text-transform:none;text-decoration:
none'> </span>Key Derivation<span style='color:windowtext;display:none;
text-decoration:none'>.. </span><span
style='color:windowtext;display:none;text-decoration:none'>11</span></a></span></span></p>
<p class=MsoToc2><span class=MsoHyperlink><span style='font-variant:normal !important;
text-transform:uppercase'><a href="#_Toc276471434">4.2<span style='font-size:
12.0pt;line-height:150%;color:windowtext;text-transform:none;text-decoration:
none'> </span>Calculation of the Counters<span style='color:windowtext;
display:none;text-decoration:none'>. </span><span
style='color:windowtext;display:none;text-decoration:none'>12</span></a></span></span></p>
<p class=MsoToc1><span class=MsoHyperlink><a href="#_Toc276471435">5<span
style='font-size:12.0pt;line-height:150%;color:windowtext;text-transform:none;
font-weight:normal;text-decoration:none'> </span>Unit Test Cases<span
style='color:windowtext;display:none;text-decoration:none'>. </span><span
style='color:windowtext;display:none;text-decoration:none'>12</span></a></span></p>
<p class=MsoToc1><span class=MsoHyperlink><a href="#_Toc276471436">6<span
style='font-size:12.0pt;line-height:150%;color:windowtext;text-transform:none;
font-weight:normal;text-decoration:none'> </span>References<span
style='color:windowtext;display:none;text-decoration:none'>. </span><span
style='color:windowtext;display:none;text-decoration:none'>12</span></a></span></p>
<p class=MsoBodyText></p>
</div>
<span style='font-size:12.0pt;font-family:"Times New Roman","serif"'><br
clear=all style='page-break-before:right'>
</span>
<div class=WordSection2>
<h1><a name="_Toc276471422"></a><a name="_Ref263085474">1<span
style='font:7.0pt "Times New Roman"'> </span>Introduction</a></h1>
<p class=MsoBodyText>The internal Forward Lock file format is used for encrypting
inherently unencrypted OMA DRM version 1 Forward Lock and Combined Delivery
files so they can be securely stored on externally accessible file system partitions
such as memory stick.</p>
<p class=MsoBodyText>Our general strategy is to convert such <i>OMA DRM Message</i>
(‘.dm’) files to internal Forward Lock (‘.fl’) files as soon as they are
downloaded or otherwise transferred to the phone, and not actually provide any
decoders for ‘.dm’ files.</p>
<h1><a name="_Toc276471423">2<span style='font:7.0pt "Times New Roman"'>
</span>Overview</a></h1>
<p class=MsoBodyText>The <i>Forward Lock Converter</i> converts OMA DRM Message
files to the internal file format. The <i>Forward Lock Decoder</i> provides a
POSIX-level API for transparent reading and seeking through such a converted
file as if it were unencrypted. The API also includes functions for checking a
file’s integrity and getting the MIME type of its embedded content.</p>
<p class=MsoBodyText style='margin-bottom:24.0pt'>The converter and decoder are
built into two separate libraries, which share common code for random number
generation and key encryption in a third library. For test purposes there is
also a unit test application. See Figure 1.</p>
<p class=MsoBodyText style='page-break-after:avoid'><img width=288 height=364
src="images/image001.gif"></p>
<p class=MsoCaption style='margin-top:12.0pt;margin-right:0cm;margin-bottom:
12.0pt;margin-left:0cm'><a name="_Ref262730885">Figure </a>1. Block diagram illustrating the dependencies between the executable modules.</p>
<b><span style='font-size:16.0pt;font-family:"Arial","sans-serif"'><br
clear=all style='page-break-before:always'>
</span></b>
<h1><a name="_Toc276471424">3<span style='font:7.0pt "Times New Roman"'>
</span>Use Cases</a></h1>
<p class=MsoBodyText>This section describes all the use cases for the converter
and decoder. It shows the sequence of API calls that should be used to solve
these use cases.</p>
<h2><a name="_Toc276471425">3.1<span style='font:7.0pt "Times New Roman"'>
</span>Converter</a></h2>
<p class=MsoBodyText>Through the converter API, conversion can be performed in one
of two ways:</p>
<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>1.<span
style='font:7.0pt "Times New Roman"'> </span><i>Push-mode
conversion</i> is when the client progressively feeds data to the converter as
it arrives. This is appropriate when data arrives gradually in chunks, with
idle time in between. Consequently, push mode is used for converting files
being downloaded through HTTP. See section 3.1.1.</p>
<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>2.<span
style='font:7.0pt "Times New Roman"'> </span><i>Pull-mode
conversion</i> is when the converter drives the process and consumes data from
the client as it needs it. This is appropriate when the entire file to be
converted is readily available. Hence, pull mode is used by the unit test application.
See section 3.1.2.</p>
<p class=MsoBodyText>Internally, pull-mode conversion is implemented in terms
of the API for push-mode conversion.</p>
<h3><a name="_Toc276471426"></a><a name="_Ref263085478">3.1.1<span
style='font:7.0pt "Times New Roman"'> </span>Convert Data
(Push-Mode Conversion)</a></h3>
<p class=MsoBodyText>Push-mode conversion is performed as follows (see also Figure 2):</p>
<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>1.<span
style='font:7.0pt "Times New Roman"'> </span><span
style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockConv_OpenSession</span>
initializes the output parameter and returns a <i>session ID</i> to be used in
subsequent calls to the API. The output parameter is a union of return values
whose correct use at any given moment is determined by the API function last
called.</p>
<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>2.<span
style='font:7.0pt "Times New Roman"'> </span><span
style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockConv_ConvertData</span>
is called repeatedly until no more input data remains. Each call converts the
maximum amount of data possible and writes it to the output buffer. The client then
writes this data to file.</p>
<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>3.<span
style='font:7.0pt "Times New Roman"'> </span><span
style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockConv_CloseSession</span>
cleans up the session and deallocates the output buffer. If all has gone well, a
two-part cryptographic signature of the output file is calculated. The client
must go back and rewrite part of the file header with this updated signature
information.</p>
<p class=MsoBodyText>Every time a file is being converted, the converter calls <span
style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockGlue_GetRandomNumber</span>
to generate a new, unique session key. No two converted files look alike, even
if the original files are the same.</p>
<p class=MsoBodyText><b>Note:</b> The random bytes cannot come from any bare-minimum
implementation of the C-library <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>rand</span>
function—they must be cryptographically secure. Otherwise, security will be
compromised.</p>
<p class=MsoBodyText>The session key is encrypted and stored within the
converted file. Key encryption is performed using <span style='font-size:10.0pt;
font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockGlue_GetEncryptedKeyLength</span> and <span
style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockGlue_EncryptKey</span>.
These two functions, together with the corresponding decryption function (<span
style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockGlue_DecryptKey</span>),
are the integration points where an OEM manufacturer may implement their own
key-encryption scheme.</p>
<p class=MsoBodyText><b>Note:</b> The key-encryption key must be unique to each
device; this is what makes the files forward lock–protected. Ideally, it should
be derived from secret hardware parameters, but at the very least it should be
persistent from one master reset to the next.</p>
<div style='margin-bottom:24.0pt;border:solid windowtext 1.0pt;padding:1.0pt 4.0pt 1.0pt 4.0pt;
background:#F2F2F2'>
<p class=MsoBodyText style='background:#F2F2F2;border:
none;padding:0cm'><b>Note:</b> In the open-source implementation of the <span
style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>libfwdlock-common</span>
library, a random key-encryption key is generated and stored in plaintext in
the file system, without being obfuscated in any way (doing so would be futile
since the source code is openly available). This key must be kept secret from
the user, and shouldn’t be possible to extract through backup-and-restore
functionality or the like. OEM manufacturers will probably want to implement a
truly hardware-based device-unique key.</p>
</div>
<p class=MsoBodyText style='page-break-after:avoid'><img width=531 height=563
src="images/image002.gif"></p>
<p class=MsoCaption style='margin-top:6.0pt;margin-right:0cm;margin-bottom:
12.0pt;margin-left:0cm'><a name="_Ref263085187">Figure </a>2. Converter UC: Convert Data.</p>
<b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'><br
clear=all style='page-break-before:always'>
</span></b>
<h3><a name="_Toc276471427"></a><a name="_Ref263163082">3.1.2<span
style='font:7.0pt "Times New Roman"'> </span>Convert File
(Pull-Mode Conversion)</a></h3>
<p class=MsoBodyText>Pull-mode conversion is performed by calling <span
style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_ConvertFile</span>
with the filename, unless there is need for a specialized <span
style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>read</span> function, in
which case <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_ConvertOpenFile</span>
should be used directly instead. See Figure 3.</p>
<p class=MsoBodyText style='margin-bottom:24.0pt'>Internally, <span
style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_ConvertFile</span>
calls <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_ConvertOpenFile</span>.
The latter then proceeds with the conversion using the push-mode API, acting as
the client in the previous use case; see section 3.1.1.</p>
<p class=MsoBodyText style='page-break-after:avoid'><img width=531 height=731
src="images/image003.gif"></p>
<p class=MsoCaption style='margin-top:6.0pt;margin-right:0cm;margin-bottom:
12.0pt;margin-left:0cm'><a name="_Ref263085208">Figure </a>3. Converter UC: Convert File.</p>
<b><i><span style='font-size:14.0pt;font-family:"Arial","sans-serif"'><br
clear=all style='page-break-before:always'>
</span></i></b>
<h2><a name="_Toc276471428">3.2<span style='font:7.0pt "Times New Roman"'>
</span>Decoder</a></h2>
<p class=MsoBodyText>The decoder API allows the client to do the following:</p>
<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>1.<span
style='font:7.0pt "Times New Roman"'> </span>Check
the integrity of an internal Forward Lock file, i.e., detect whether it has
been manipulated in any way; see section 3.2.1.</p>
<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>2.<span
style='font:7.0pt "Times New Roman"'> </span>Get
the MIME type of the embedded content (the “original” MIME type before DRM protection
was applied); see section 3.2.2.</p>
<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>3.<span
style='font:7.0pt "Times New Roman"'> </span>Decode
the file by random access, i.e., read and seek through it in an arbitrary
manner; see section 3.2.3.</p>
<p class=MsoBodyText>All subsequent operations on a file first require it to be
opened. Opening a file returns a <i>file descriptor</i>—a handle to be used in
these subsequent operations.</p>
<p class=MsoBodyText>If the filename is known, an internal Forward Lock file
can be opened using <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_open</span>.
If only the file descriptor of an already open file is available, a decoding
session can instead be initialized using <span style='font-size:10.0pt;
font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_attach</span>.</p>
<p class=MsoBodyText>Internally, <span style='font-size:10.0pt;font-family:
"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_open</span> calls <span style='font-size:10.0pt;
font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_attach</span>. For efficiency
reasons, <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_attach</span>
therefore assumes that the file position is at the beginning of the file when
the function gets called. A client who calls it directly must make sure that
this assumption holds.</p>
<p class=MsoBodyText>When a file is being attached, the session key stored in
the file during conversion is decrypted using <span style='font-size:10.0pt;
font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockGlue_GetEncryptedKeyLength</span> and <span
style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockGlue_DecryptKey</span>,
in order to set up for decoding and integrity checking.</p>
<p class=MsoBodyText>For just getting the content type, however, retrieving the
session key would strictly speaking not be necessary, so there is an
opportunity here to optimize for that if it proves necessary later.</p>
<p class=MsoBodyText>Symmetrical to <span style='font-size:10.0pt;font-family:
"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_open</span> and <span style='font-size:10.0pt;
font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_attach</span>, there are also functions
for closing a file or detaching from it:</p>
<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>1.<span
style='font:7.0pt "Times New Roman"'> </span>If
it was opened with <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_open</span>
it should be closed with <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_close</span>.</p>
<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>2.<span
style='font:7.0pt "Times New Roman"'> </span>If
it was attached with <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_attach</span>
it should be detached with <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_detach</span>.</p>
<b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'><br
clear=all style='page-break-before:always'>
</span></b>
<h3><a name="_Ref263163099"></a><a name="_Toc276471429">3.2.1<span
style='font:7.0pt "Times New Roman"'> </span>Check Integrity</a></h3>
<p class=MsoBodyText>There are three methods for checking the integrity of an
internal Forward Lock file, in whole or in part (see also Figure 4):</p>
<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>1.<span
style='font:7.0pt "Times New Roman"'> </span><span
style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_CheckDataIntegrity</span>,
which checks the integrity of the encrypted content data.</p>
<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>2.<span
style='font:7.0pt "Times New Roman"'> </span><span
style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_CheckHeaderIntegrity</span>,
which checks the integrity of the file header, including the content type and
other fields not currently supported but reserved for future use.</p>
<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>3.<span
style='font:7.0pt "Times New Roman"'> </span><span
style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_CheckIntegrity</span>,
which internally calls first <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_CheckHeaderIntegrity</span>
and then <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_CheckDataIntegrity</span>.</p>
<p class=MsoBodyText style='margin-bottom:24.0pt'><span style='font-size:10.0pt;
font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_CheckHeaderIntegrity</span> is
generally much faster than <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_CheckDataIntegrity</span>,
whose running time is directly proportional to the size of the file.</p>
<p class=MsoBodyText style='page-break-after:avoid'><img width=543 height=575
src="images/image004.gif"></p>
<p class=MsoCaption style='margin-top:6.0pt;margin-right:0cm;margin-bottom:
12.0pt;margin-left:0cm'><a name="_Ref263163308">Figure </a>4. Decoder UC: Check Integrity.</p>
<b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'><br
clear=all style='page-break-before:always'>
</span></b>
<h3><a name="_Toc276471430"></a><a name="_Ref263163117">3.2.2<span
style='font:7.0pt "Times New Roman"'> </span>Get Content Type</a></h3>
<p class=MsoBodyText style='margin-bottom:24.0pt'><span style='font-size:10.0pt;
font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_GetContentType</span> returns a
read-only reference to an ASCII string containing the MIME type of the
embedded content. This reference is valid as long as the file is kept open.
Clients who need access to the content type after closing the file should make
a copy of the string. See Figure 5 below.</p>
<p class=MsoBodyText style='page-break-after:avoid'><img width=543 height=488
src="images/image005.gif"></p>
<p class=MsoCaption style='margin-top:6.0pt;margin-right:0cm;margin-bottom:
12.0pt;margin-left:0cm'><a name="_Ref263163392">Figure </a>5. Decoder UC: Get Content Type.</p>
<b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'><br
clear=all style='page-break-before:always'>
</span></b>
<h3><a name="_Toc276471431"></a><a name="_Ref263163137">3.2.3<span
style='font:7.0pt "Times New Roman"'> </span>Decode File</a></h3>
<p class=MsoBodyText>After opening an internal Forward Lock file (or attaching
to an already open one), it can be transparently read from as if it were
unencrypted. Any number of calls to read data from the current file position or
set it to a new one (which is what <span style='font-size:10.0pt;font-family:
"Lucida Console","DejaVu Sans Mono"'>lseek</span> does) can be made in any order; this is what we
call <i>random access</i>. See Figure 6.</p>
<p class=MsoBodyText>The Forward Lock Decoder versions of the <span
style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>read</span>, <span
style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>lseek</span>, and <span
style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>close</span> functions
have the exact same signatures as their POSIX counterparts. So, for example,
the call <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_lseek(fd,
0, SEEK_END)</span> returns the size of the embedded content data, i.e., the
size of the original file before DRM protection.</p>
<p class=MsoBodyText style='margin-bottom:24.0pt'>Moreover, <span
style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>FwdLockFile_open</span>
is like regular POSIX <span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>open</span>
except it takes only the filename as a parameter—access is always read-only.</p>
<p class=MsoBodyText style='page-break-after:avoid'><img width=543 height=522
src="images/image006.gif"></p>
<p class=MsoCaption style='margin-top:6.0pt;margin-right:0cm;margin-bottom:
12.0pt;margin-left:0cm'><a name="_Ref263166303">Figure </a>6. Decoder UC: Decode File.</p>
<b><span style='font-size:16.0pt;font-family:"Arial","sans-serif"'><br
clear=all style='page-break-before:always'>
</span></b>
<h1><a name="_Toc276471432">4<span style='font:7.0pt "Times New Roman"'>
</span>Definition of the Internal Forward Lock File Format</a></h1>
<p class=MsoBodyText style='margin-bottom:12.0pt'>The inner structure of an internal
Forward Lock file is defined in Table 1 below.</p>
<table class=MsoNormalTable border=1 cellspacing=0 cellpadding=0
style='border-collapse:collapse;border:none'>
<tr>
<td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'><b>Offset [bytes]</b></p>
</td>
<td width=96 valign=top style='width:72.0pt;border:solid windowtext 1.0pt;
border-left:none;padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'><b>Size [bytes]</b></p>
</td>
<td width=361 valign=top style='width:270.85pt;border:solid windowtext 1.0pt;
border-left:none;padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'><b>Description</b></p>
</td>
</tr>
<tr>
<td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt;
border-top:none;padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>0</p>
</td>
<td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none;
border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>4</p>
</td>
<td width=361 valign=top style='width:270.85pt;border-top:none;border-left:
none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>The file signature (so-called
<i>magic number</i>): a four-character code consisting of the letters
F-W-L-K.</p>
</td>
</tr>
<tr>
<td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt;
border-top:none;padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>4</p>
</td>
<td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none;
border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>1</p>
</td>
<td width=361 valign=top style='width:270.85pt;border-top:none;border-left:
none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>Version number (0 for the
first version).</p>
</td>
</tr>
<tr>
<td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt;
border-top:none;padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>5</p>
</td>
<td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none;
border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>1</p>
</td>
<td width=361 valign=top style='width:270.85pt;border-top:none;border-left:
none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>Indicates the subformat:</p>
<p class=MsoNormal style='page-break-after:avoid'><i>0x00 Forward Lock</i></p>
<p class=MsoNormal style='page-break-after:avoid'><i>0x01 Combined Delivery</i></p>
</td>
</tr>
<tr>
<td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt;
border-top:none;padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>6</p>
</td>
<td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none;
border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>1</p>
</td>
<td width=361 valign=top style='width:270.85pt;border-top:none;border-left:
none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>Usage restriction flags (prohibitions
against usage as ringtone or as wallpaper and screen saver). Also indicates
if the file is bound to a specific SIM card.</p>
<p class=MsoNormal style='page-break-after:avoid'><i>0x00 No usage
restrictions</i></p>
<p class=MsoNormal style='page-break-after:avoid'><i>0x01 Ringtone usage
prohibited</i></p>
<p class=MsoNormal style='page-break-after:avoid'><i>0x02 Screen usage
prohibited</i></p>
<p class=MsoNormal style='page-break-after:avoid'><i>0x80 Bound to SIM</i></p>
<p class=MsoNormal style='page-break-after:avoid'>(Any number of these may be
OR-ed together.)</p>
</td>
</tr>
<tr>
<td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt;
border-top:none;padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>7</p>
</td>
<td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none;
border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>1</p>
</td>
<td width=361 valign=top style='width:270.85pt;border-top:none;border-left:
none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>Length of the MIME content
type (<i>k</i>).</p>
</td>
</tr>
<tr>
<td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt;
border-top:none;padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>8</p>
</td>
<td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none;
border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'><i>k</i></p>
</td>
<td width=361 valign=top style='width:270.85pt;border-top:none;border-left:
none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>The MIME content type
(ASCII-encoded without null-character termination).</p>
</td>
</tr>
<tr>
<td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt;
border-top:none;padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>8+<i>k</i></p>
</td>
<td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none;
border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'><i>l </i>= 0 or 16</p>
</td>
<td width=361 valign=top style='width:270.85pt;border-top:none;border-left:
none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>If the subformat is
Combined Delivery, this field contains the auto-generated content ID (16 bytes).
If not, this field is zero-size.</p>
</td>
</tr>
<tr>
<td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt;
border-top:none;padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>8+<i>k</i>+<i>l</i></p>
</td>
<td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none;
border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'><i>m </i>= 0 or 9</p>
</td>
<td width=361 valign=top style='width:270.85pt;border-top:none;border-left:
none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>If the file is bound to a
specific SIM card, this field contains the 9-byte packed IMSI number. If not,
this field is zero-size.</p>
</td>
</tr>
<tr>
<td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt;
border-top:none;padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>8+<i>k</i>+<i>l</i>+<i>m</i></p>
</td>
<td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none;
border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'><i>n</i> ≥ 16</p>
</td>
<td width=361 valign=top style='width:270.85pt;border-top:none;border-left:
none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>The encrypted session key, the
first sixteen bytes of which are also used as the CTR-mode <i>nonce</i> (similar
to the CBC-mode <i>initialization vector</i>).</p>
</td>
</tr>
<tr>
<td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt;
border-top:none;padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>8+<i>k</i>+<i>l</i>+<i>m</i>+<i>n</i></p>
</td>
<td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none;
border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>20</p>
</td>
<td width=361 valign=top style='width:270.85pt;border-top:none;border-left:
none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>Data signature—the SHA-1
HMAC of the encrypted content data.</p>
</td>
</tr>
<tr>
<td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt;
border-top:none;padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>28+<i>k</i>+<i>l</i>+<i>m</i>+<i>n</i></p>
</td>
<td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none;
border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>20</p>
</td>
<td width=361 valign=top style='width:270.85pt;border-top:none;border-left:
none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>Header signature—the SHA-1
HMAC of all the fields above, including the encrypted session key and data
signature.</p>
</td>
</tr>
<tr>
<td width=111 valign=top style='width:83.4pt;border:solid windowtext 1.0pt;
border-top:none;padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>48+<i>k</i>+<i>l</i>+<i>m</i>+<i>n</i></p>
</td>
<td width=96 valign=top style='width:72.0pt;border-top:none;border-left:none;
border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'><i><to the end of the
file></i></p>
</td>
<td width=361 valign=top style='width:270.85pt;border-top:none;border-left:
none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;
padding:0cm 5.4pt 0cm 5.4pt'>
<p class=MsoNormal style='page-break-after:avoid'>The content data encrypted
using 128-bit AES in CTR mode.</p>
</td>
</tr>
</table>
<p class=MsoCaption style='margin-top:6.0pt;margin-right:0cm;margin-bottom:
12.0pt;margin-left:0cm;page-break-after:avoid'><a name="_Ref151269206">Table </a>1. Definition of the fields of an internal Forward Lock file.</p>
<p class=MsoBodyText>As of now, neither Combined Delivery nor usage
restrictions (including SIM binding) are supported. These fields are reserved
for future use.</p>
<h2><a name="_Toc276471433">4.1<span style='font:7.0pt "Times New Roman"'>
</span>Key Derivation</a></h2>
<p class=MsoBodyText>The session key consists of sixteen bytes fetched from a
cryptographically secure random number generator. From the session key, two
separate keys are derived: one used for encryption, the other for signing.</p>
<p class=MsoBodyText>The encryption key is the output from encrypting the
16-byte all-zero input block {0, 0, …, 0} using 128-bit AES with the random session
key as the key. The signing key is the output from encrypting the 16-byte input
block {1, 0, …, 0} the same way. The keys so derived will be cryptographically
independent from each other.</p>
<p class=MsoBodyText>The session key is encrypted using a hardware-dependent
key-encryption key unique to each device. The encrypted session key is stored
inside the file, and its first sixteen bytes are also used as the <i>nonce</i>
for the CTR-mode encryption of the content data.</p>
<h2><a name="_Toc276471434">4.2<span style='font:7.0pt "Times New Roman"'>
</span>Calculation of the Counters</a></h2>
<p class=MsoBodyText>Using CTR (“counter”) mode, a block cipher such as AES can
be turned into a stream cipher. The process of encryption and decryption is
well defined in [1], except for the specifics of the calculation of the
counters. For the internal Forward Lock file format, the counters are
calculated as follows:</p>
<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>1.<span
style='font:7.0pt "Times New Roman"'> </span>The
nonce is interpreted as a 128-bit unsigned integer in little-endian format.</p>
<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>2.<span
style='font:7.0pt "Times New Roman"'> </span>The
zero-based block sequence number (also a little-endian unsigned integer) is
added modulo 2<sup>128</sup> to the nonce to produce the counter for a given
block.</p>
<h1><a name="_Toc276471435">5<span style='font:7.0pt "Times New Roman"'>
</span>Unit Test Cases</a></h1>
<p class=MsoBodyText>Unit test cases for the converter and decoder come in two
varieties:</p>
<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>1.<span
style='font:7.0pt "Times New Roman"'> </span><i>Black-box</i>
test cases aim to verify that you get sensible results from malformed or
“tricky” input data.</p>
<p class=MsoBodyText style='margin-left:36.0pt;text-indent:-18.0pt'>2.<span
style='font:7.0pt "Times New Roman"'> </span><i>White-box</i>
test cases aim to maximize code coverage using knowledge of code internals.</p>
<p class=MsoBodyText>The black-box test cases are dependent on a specifically
designed set of input files found in the <span style='font-size:10.0pt;
font-family:"Lucida Console","DejaVu Sans Mono"'>forward-lock/internal-format/test/res</span>
directory in the repository. For ‘tests’ variants of the software, these input
files will be automatically installed in the file system image during build.</p>
<p class=MsoBodyText>Run the test cases from the ADB shell command line as
follows:</p>
<p class=MsoNormal style='margin-top:0cm;margin-right:0cm;margin-bottom:6.0pt;
margin-left:21.55pt'><span style='font-size:10.0pt;font-family:"Lucida Console","DejaVu Sans Mono"'>#
gtest_fwdlock</span></p>
<p class=MsoBodyText>If all black-box but no white-box test cases fail, the
input files probably can’t be found in the working directory.</p>
<h1><a name="_Toc276471436">6<span style='font:7.0pt "Times New Roman"'>
</span>References</a></h1>
<p class=MsoBodyText style='margin-left:28.9pt;text-indent:-28.9pt'>[1]<span
style='font:7.0pt "Times New Roman"'>
</span><a
href="http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf">Dworkin,
Morris: “Recommendation for Block Cipher Modes of Operation—Methods and
Techniques,” NIST Special Publication 800-38A, December 2001.</a><a
name="_Ref151269073"></a></p>
</div>
</body>
</html>
|
