[RESTRICT AUTOMERGE] Sync OEMCrypto, ODK files and unit tests

run android/copy_files from cdm repo to sync files in Android
tm-widevine-release.

Changes include:
1. Update ODK to 17.1
2. update in license_protocol.proto
3. updates in oemcrypto unit tests
4. A few cdm and util test updates
5. Prov4 unit test fixes

Originating CLs:
https://widevine-internal-review.googlesource.com/c/cdm/+/155289/
https://widevine-internal-review.googlesource.com/c/cdm/+/155429/
https://widevine-internal-review.googlesource.com/c/cdm/+/155430/
https://widevine-internal-review.googlesource.com/c/cdm/+/154415/
https://widevine-internal-review.googlesource.com/c/cdm/+/156457/
https://widevine-internal-review.googlesource.com/c/cdm/+/156878/
https://widevine-internal-review.googlesource.com/c/cdm/+/156879/
https://widevine-internal-review.googlesource.com/c/cdm/+/156425/
https://widevine-internal-review.googlesource.com/c/cdm/+/156486/
https://widevine-internal-review.googlesource.com/c/cdm/+/156539/
https://widevine-internal-review.googlesource.com/c/cdm/+/156542/

Test: ran oemcrypto unit tests and ODK tests
Test: ran gts media test cases
Bug: 239201888

Change-Id: Iad9aff72aec5ba42296582837f34dd704bc11810

libwvdrmengine/oemcrypto/odk/include/OEMCryptoCENCCommon.h

@@ -120,6 +120,11 @@ typedef enum OEMCrypto_Usage_Entry_Status {
   kInactiveUnused = 4,
 } OEMCrypto_Usage_Entry_Status;
 
+typedef enum OEMCrypto_ProvisioningRenewalType {
+  OEMCrypto_NoRenewal = 0,
+  OEMCrypto_RenewalACert = 1,
+} OEMCrypto_ProvisioningRenewalType;
+
 /**
  *  OEMCrypto_LicenseType is used in the license message to indicate if the key
  *  objects are for content keys, or for entitlement keys.

libwvdrmengine/oemcrypto/odk/include/core_message_deserialize.h

@@ -17,6 +17,8 @@
 #ifndef WIDEVINE_ODK_INCLUDE_CORE_MESSAGE_DESERIALIZE_H_
 #define WIDEVINE_ODK_INCLUDE_CORE_MESSAGE_DESERIALIZE_H_
 
+#include <string>
+
 #include "core_message_types.h"
 
 namespace oemcrypto_core_message {
@@ -53,6 +55,18 @@ bool CoreProvisioningRequestFromMessage(
     const std::string& oemcrypto_core_message,
     ODK_ProvisioningRequest* core_provisioning_request);
 
+/**
+ * Counterpart (deserializer) of ODK_PrepareCoreRenewedProvisioningRequest
+ * (serializer)
+ *
+ * Parameters:
+ *   [in] oemcrypto_core_message
+ *   [out] core_provisioning_request
+ */
+bool CoreRenewedProvisioningRequestFromMessage(
+    const std::string& oemcrypto_core_message,
+    ODK_ProvisioningRequest* core_provisioning_request);
+
 /**
  * Serializer counterpart is not used and is therefore not implemented.
  *

libwvdrmengine/oemcrypto/odk/include/core_message_features.h

@@ -30,13 +30,13 @@ struct CoreMessageFeatures {
   uint32_t maximum_major_version = 17;
   uint32_t maximum_minor_version = 0;
 
-  bool operator==(const CoreMessageFeatures& other) const;
-  bool operator!=(const CoreMessageFeatures& other) const {
+  bool operator==(const CoreMessageFeatures &other) const;
+  bool operator!=(const CoreMessageFeatures &other) const {
     return !(*this == other);
   }
 };
 
-std::ostream& operator<<(std::ostream& os, const CoreMessageFeatures& features);
+std::ostream &operator<<(std::ostream &os, const CoreMessageFeatures &features);
 
 }  // namespace features
 }  // namespace oemcrypto_core_message

libwvdrmengine/oemcrypto/odk/include/core_message_serialize.h

@@ -17,6 +17,8 @@
 #ifndef WIDEVINE_ODK_INCLUDE_CORE_MESSAGE_SERIALIZE_H_
 #define WIDEVINE_ODK_INCLUDE_CORE_MESSAGE_SERIALIZE_H_
 
+#include <string>
+
 #include "core_message_features.h"
 #include "core_message_types.h"
 #include "odk_structs.h"

libwvdrmengine/oemcrypto/odk/include/core_message_types.h

@@ -96,7 +96,8 @@ struct ODK_RenewalRequest {
 };
 
 /**
- * Output structure for CoreProvisioningRequestFromMessage
+ * Output structure for CoreProvisioningRequestFromMessage and
+ * CoreRenewedProvisioningRequestFromMessage
  * Input structure for CreateCoreProvisioningResponse
  */
 struct ODK_ProvisioningRequest {
@@ -105,6 +106,8 @@ struct ODK_ProvisioningRequest {
   uint32_t nonce;
   uint32_t session_id;
   std::string device_id;
+  uint16_t renewal_type;
+  std::string renewal_data;
 };
 
 }  // namespace oemcrypto_core_message

libwvdrmengine/oemcrypto/odk/include/odk.h

@@ -326,7 +326,7 @@ OEMCryptoResult ODK_PrepareCoreRenewalRequest(uint8_t* message,
  * OEMCrypto_GetDeviceID. The device ID shall be unique to the device, and
  * stable across reboots and factory resets for an L1 device.
  *
- * NOTE: if the message pointer is null and/or input core_message_size is
+ * NOTE: if the message pointer is null and/or input core_message_length is
  * zero, this function returns OEMCrypto_ERROR_SHORT_BUFFER and sets output
  * core_message_size to the size needed.
  *
@@ -351,10 +351,56 @@ OEMCryptoResult ODK_PrepareCoreRenewalRequest(uint8_t* message,
  * This method is new in version 16 of the API.
  */
 OEMCryptoResult ODK_PrepareCoreProvisioningRequest(
-    uint8_t* message, size_t message_length, size_t* core_message_size,
+    uint8_t* message, size_t message_length, size_t* core_message_length,
     const ODK_NonceValues* nonce_values, const uint8_t* device_id,
     size_t device_id_length);
 
+/**
+ * Modifies the message to include a core renewal provisioning request at the
+ * beginning of the message buffer. The values in nonce_values are used to
+ * populate the message.
+ *
+ * This shall be called by OEMCrypto from
+ * OEMCrypto_PrepAndSignProvisioningRequest.
+ *
+ * The buffer device_id shall be the same string returned by
+ * OEMCrypto_GetDeviceID. The device ID shall be unique to the device, and
+ * stable across reboots and factory resets for an L1 device.
+ *
+ * NOTE: if the message pointer is null and/or input core_message_length is
+ * zero, this function returns OEMCrypto_ERROR_SHORT_BUFFER and sets output
+ * core_message_size to the size needed.
+ *
+ * @param[in,out] message: pointer to memory for the entire message. Modified by
+ *       the ODK library.
+ * @param[in] message_length: length of the entire message buffer.
+ * @param[in,out] core_message_size: length of the core message at the beginning
+ *       of the message. (in) size of buffer reserved for the core message, in
+ *       bytes. (out) actual length of the core message, in bytes.
+ * @param[in] nonce_values: pointer to the session's nonce data.
+ * @param[in] device_id: For devices with a keybox, this is the device ID from
+ *       the keybox. For devices with an OEM Certificate, this is a device
+ *       unique id string.
+ * @param[in] device_id_length: length of device_id. The device ID can be at
+ *       most 64 bytes.
+ * @param[in] renewal_type: type of renewal used
+ * @param[in] renewal_data: renewal data used. For renewal_type = 1,
+ *       renewal_data is the Android attestation batch certificate.
+ * @param[in] renewal_data_length: length of renewal_data
+ *
+ * @retval OEMCrypto_SUCCESS
+ * @retval OEMCrypto_ERROR_SHORT_BUFFER: core_message_size is too small
+ * @retval OEMCrypto_ERROR_INVALID_CONTEXT
+ *
+ * @version
+ * This method is new in version 17 of the API.
+ */
+OEMCryptoResult ODK_PrepareCoreRenewedProvisioningRequest(
+    uint8_t* message, size_t message_length, size_t* core_message_length,
+    const ODK_NonceValues* nonce_values, const uint8_t* device_id,
+    size_t device_id_length, uint16_t renewal_type, const uint8_t* renewal_data,
+    size_t renewal_data_length);
+
 /// @}
 
 /// @addtogroup odk_timer

libwvdrmengine/oemcrypto/odk/include/odk_message.h

@@ -35,10 +35,10 @@ extern "C" {
  */
 
 #if defined(__GNUC__) || defined(__clang__)
-#  define ALIGNED __attribute__((aligned))
+#define ALIGNED __attribute__((aligned))
 #else
-#  define ALIGNED
-#  error ODK_Message must be aligned to the maximum useful alignment of the \
+#define ALIGNED
+#error ODK_Message must be aligned to the maximum useful alignment of the \
   machine you are compiling for. Define the ALIGNED macro accordingly.
 #endif
 
@@ -48,19 +48,19 @@ typedef struct {
 } ALIGNED ODK_Message;
 
 typedef enum {
-  MESSAGE_STATUS_OK = 0xe937fcf7,
-  MESSAGE_STATUS_UNKNOWN_ERROR = 0xe06c1190,
-  MESSAGE_STATUS_OVERFLOW_ERROR = 0xc43ae4bc,
+  MESSAGE_STATUS_OK = 0x7937fcf7,
+  MESSAGE_STATUS_UNKNOWN_ERROR = 0x706c1190,
+  MESSAGE_STATUS_OVERFLOW_ERROR = 0x543ae4bc,
   MESSAGE_STATUS_UNDERFLOW_ERROR = 0x7123cd0b,
   MESSAGE_STATUS_PARSE_ERROR = 0x0b9f6189,
   MESSAGE_STATUS_NULL_POINTER_ERROR = 0x2d66837a,
   MESSAGE_STATUS_API_VALUE_ERROR = 0x6ba34f47,
-  MESSAGE_STATUS_END_OF_MESSAGE_ERROR = 0x998db72a,
-  MESSAGE_STATUS_INVALID_ENUM_VALUE = 0xedb88197,
+  MESSAGE_STATUS_END_OF_MESSAGE_ERROR = 0x798db72a,
+  MESSAGE_STATUS_INVALID_ENUM_VALUE = 0x7db88197,
   MESSAGE_STATUS_INVALID_TAG_ERROR = 0x14dce06a,
   MESSAGE_STATUS_NOT_INITIALIZED = 0x2990b6c6,
-  MESSAGE_STATUS_OUT_OF_MEMORY = 0xfc5c64cc,
-  MESSAGE_STATUS_MAP_SHARED_MEMORY_FAILED = 0xfafecacf,
+  MESSAGE_STATUS_OUT_OF_MEMORY = 0x7c5c64cc,
+  MESSAGE_STATUS_MAP_SHARED_MEMORY_FAILED = 0x7afecacf,
   MESSAGE_STATUS_SECURE_BUFFER_ERROR = 0x78f0e873
 } ODK_MessageStatus;
 

libwvdrmengine/oemcrypto/odk/include/odk_structs.h

@@ -16,10 +16,10 @@ extern "C" {
 
 /* The version of this library. */
 #define ODK_MAJOR_VERSION 17
-#define ODK_MINOR_VERSION 0
+#define ODK_MINOR_VERSION 1
 
 /* ODK Version string. Date changed automatically on each release. */
-#define ODK_RELEASE_DATE "ODK v17.0 2022-02-15"
+#define ODK_RELEASE_DATE "ODK v17.1 2022-06-17"
 
 /* The lowest version number for an ODK message. */
 #define ODK_FIRST_VERSION 16
@@ -27,6 +27,7 @@ extern "C" {
 /* Some useful constants. */
 #define ODK_DEVICE_ID_LEN_MAX 64
 #define ODK_SHA256_HASH_SIZE 32
+#define ODK_KEYBOX_RENEWAL_DATA_SIZE 1600
 
 /// @addtogroup odk_timer
 /// @{

libwvdrmengine/oemcrypto/odk/src/core_message_deserialize.cpp

@@ -10,6 +10,7 @@
 #include <cstring>
 #include <string>
 
+#include "OEMCryptoCENCCommon.h"
 #include "odk_serialize.h"
 #include "odk_structs.h"
 #include "odk_structs_priv.h"
@@ -52,6 +53,7 @@ bool ParseRequest(uint32_t message_type,
   core_request->api_minor_version = core_message.nonce_values.api_minor_version;
   core_request->nonce = core_message.nonce_values.nonce;
   core_request->session_id = core_message.nonce_values.session_id;
+
   // Verify that the minor version matches the released version for the given
   // major version.
   if (core_request->api_major_version < ODK_FIRST_VERSION) {
@@ -68,10 +70,13 @@ bool ParseRequest(uint32_t message_type,
   // For v16, a release and a renewal use the same message structure.
   // However, for future API versions, the release might be a separate
   // message. Otherwise, we expect an exact match of message types.
+  // A provisioning request may contain a renewed provisioning message.
   if (message_type != ODK_Common_Request_Type &&
       core_message.message_type != message_type &&
       !(message_type == ODK_Renewal_Request_Type &&
-        core_message.message_type == ODK_Release_Request_Type)) {
+        core_message.message_type == ODK_Release_Request_Type) &&
+      !(message_type == ODK_Provisioning_Request_Type &&
+        core_message.message_type == ODK_Renewed_Provisioning_Request_Type)) {
     return false;
   }
   // Verify that the amount of buffer we read, which is GetOffset, is not more
@@ -125,6 +130,42 @@ bool CoreProvisioningRequestFromMessage(
   }
   core_provisioning_request->device_id.assign(
       reinterpret_cast<const char*>(device_id), device_id_length);
+  core_provisioning_request->renewal_type = OEMCrypto_NoRenewal;
+  core_provisioning_request->renewal_data.clear();
+  return true;
+}
+
+bool CoreRenewedProvisioningRequestFromMessage(
+    const std::string& oemcrypto_core_message,
+    ODK_ProvisioningRequest* core_provisioning_request) {
+  const auto unpacker = Unpack_ODK_PreparedRenewedProvisioningRequest;
+  ODK_PreparedRenewedProvisioningRequest prepared_provision = {};
+  if (!ParseRequest(ODK_Renewed_Provisioning_Request_Type,
+                    oemcrypto_core_message, core_provisioning_request,
+                    &prepared_provision, unpacker)) {
+    return false;
+  }
+  const uint8_t* device_id = prepared_provision.device_id;
+  const uint32_t device_id_length = prepared_provision.device_id_length;
+  if (device_id_length > ODK_DEVICE_ID_LEN_MAX) {
+    return false;
+  }
+  uint8_t zero[ODK_DEVICE_ID_LEN_MAX] = {};
+  if (memcmp(zero, device_id + device_id_length,
+             ODK_DEVICE_ID_LEN_MAX - device_id_length)) {
+    return false;
+  }
+  core_provisioning_request->device_id.assign(
+      reinterpret_cast<const char*>(device_id), device_id_length);
+
+  if (prepared_provision.renewal_data_length >
+      sizeof(prepared_provision.renewal_data)) {
+    return false;
+  }
+  core_provisioning_request->renewal_type = OEMCrypto_RenewalACert;
+  core_provisioning_request->renewal_data.assign(
+      reinterpret_cast<const char*>(prepared_provision.renewal_data),
+      prepared_provision.renewal_data_length);
   return true;
 }
 

libwvdrmengine/oemcrypto/odk/src/core_message_features.cpp

@@ -8,7 +8,7 @@ namespace oemcrypto_core_message {
 namespace features {
 const CoreMessageFeatures CoreMessageFeatures::kDefaultFeatures;
 
-bool CoreMessageFeatures::operator==(const CoreMessageFeatures& other) const {
+bool CoreMessageFeatures::operator==(const CoreMessageFeatures &other) const {
   return maximum_major_version == other.maximum_major_version &&
          maximum_minor_version == other.maximum_minor_version;
 }
@@ -23,7 +23,7 @@ CoreMessageFeatures CoreMessageFeatures::DefaultFeatures(
       features.maximum_minor_version = 5;  // 16.5
       break;
     case 17:
-      features.maximum_minor_version = 0;  // 17.0
+      features.maximum_minor_version = 1;  // 17.1
       break;
     default:
       features.maximum_minor_version = 0;
@@ -31,8 +31,8 @@ CoreMessageFeatures CoreMessageFeatures::DefaultFeatures(
   return features;
 }
 
-std::ostream& operator<<(std::ostream& os,
-                         const CoreMessageFeatures& features) {
+std::ostream &operator<<(std::ostream &os,
+                         const CoreMessageFeatures &features) {
   return os << "v" << features.maximum_major_version << "."
             << features.maximum_minor_version;
 }

libwvdrmengine/oemcrypto/odk/src/core_message_serialize.cpp

@@ -13,6 +13,7 @@
 #include "odk_serialize.h"
 #include "odk_structs.h"
 #include "odk_structs_priv.h"
+#include "odk_target.h"
 #include "serialization_base.h"
 
 namespace oemcrypto_core_message {
@@ -122,6 +123,9 @@ bool CreateCoreLicenseResponse(const CoreMessageFeatures& features,
                             license_response)) {
     return false;
   }
+  if (ODK_MAX_NUM_KEYS < license_response.parsed_license->key_array_length) {
+    return false;
+  }
   if (license_response.request.core_message.nonce_values.api_major_version ==
       16) {
     ODK_LicenseResponseV16 license_response_v16;
@@ -143,7 +147,9 @@ bool CreateCoreLicenseResponse(const CoreMessageFeatures& features,
     license_response_v16.parsed_license.key_array_length =
         license_response.parsed_license->key_array_length;
     uint32_t i;
-    for (i = 0; i < license_response_v16.parsed_license.key_array_length; i++) {
+    for (i = 0; i < license_response_v16.parsed_license.key_array_length &&
+                i < license_response.parsed_license->key_array_length;
+         i++) {
       license_response_v16.parsed_license.key_array[i] =
           license_response.parsed_license->key_array[i];
     }

libwvdrmengine/oemcrypto/odk/src/core_message_serialize_proto.cpp

@@ -101,8 +101,11 @@ bool CreateCoreLicenseResponseFromProto(const CoreMessageFeatures& features,
       }
       case video_widevine::License_KeyContainer::CONTENT:
       case video_widevine::License_KeyContainer::OPERATOR_SESSION:
+      case video_widevine::License_KeyContainer::OEM_CONTENT:
+      case video_widevine::License_KeyContainer::OEM_ENTITLEMENT:
       case video_widevine::License_KeyContainer::ENTITLEMENT: {
-        if (k.type() == video_widevine::License_KeyContainer::ENTITLEMENT) {
+        if (k.type() == video_widevine::License_KeyContainer::ENTITLEMENT ||
+            k.type() == video_widevine::License_KeyContainer::OEM_ENTITLEMENT) {
           any_entitlement = true;
         } else {
           any_content = true;

libwvdrmengine/oemcrypto/odk/src/odk.c

@@ -72,6 +72,17 @@ static OEMCryptoResult ODK_PrepareRequest(
           &msg, (ODK_PreparedProvisioningRequest*)prepared_request_buffer);
       break;
     }
+    case ODK_Renewed_Provisioning_Request_Type: {
+      core_message->message_length = ODK_RENEWED_PROVISIONING_REQUEST_SIZE;
+      if (sizeof(ODK_PreparedRenewedProvisioningRequest) >
+          prepared_request_buffer_length) {
+        return ODK_ERROR_CORE_MESSAGE;
+      }
+      Pack_ODK_PreparedRenewedProvisioningRequest(
+          &msg,
+          (ODK_PreparedRenewedProvisioningRequest*)prepared_request_buffer);
+      break;
+    }
     default: {
       return ODK_ERROR_CORE_MESSAGE;
     }
@@ -238,6 +249,37 @@ OEMCryptoResult ODK_PrepareCoreProvisioningRequest(
                             sizeof(ODK_PreparedProvisioningRequest));
 }
 
+OEMCryptoResult ODK_PrepareCoreRenewedProvisioningRequest(
+    uint8_t* message, size_t message_length, size_t* core_message_length,
+    const ODK_NonceValues* nonce_values, const uint8_t* device_id,
+    size_t device_id_length, uint16_t renewal_type, const uint8_t* renewal_data,
+    size_t renewal_data_length) {
+  if (core_message_length == NULL || nonce_values == NULL) {
+    return ODK_ERROR_CORE_MESSAGE;
+  }
+  ODK_PreparedRenewedProvisioningRequest provisioning_request = {0};
+  if (device_id_length > sizeof(provisioning_request.device_id)) {
+    return ODK_ERROR_CORE_MESSAGE;
+  }
+  provisioning_request.device_id_length = (uint32_t)device_id_length;
+  if (device_id) {
+    memcpy(provisioning_request.device_id, device_id, device_id_length);
+  }
+  if (renewal_data_length > sizeof(provisioning_request.renewal_data)) {
+    return ODK_ERROR_CORE_MESSAGE;
+  }
+  provisioning_request.renewal_type = renewal_type;
+  provisioning_request.renewal_data_length = (uint32_t)renewal_data_length;
+  if (renewal_data) {
+    memcpy(provisioning_request.renewal_data, renewal_data,
+           renewal_data_length);
+  }
+  return ODK_PrepareRequest(message, message_length, core_message_length,
+                            ODK_Renewed_Provisioning_Request_Type, nonce_values,
+                            &provisioning_request,
+                            sizeof(provisioning_request));
+}
+
 /* @@ parse response functions */
 
 OEMCryptoResult ODK_ParseLicense(

libwvdrmengine/oemcrypto/odk/src/odk_serialize.c

@@ -128,12 +128,22 @@ void Pack_ODK_PreparedRenewalRequest(ODK_Message* msg,
 }
 
 void Pack_ODK_PreparedProvisioningRequest(
-    ODK_Message* msg, ODK_PreparedProvisioningRequest const* obj) {
+    ODK_Message* msg, const ODK_PreparedProvisioningRequest* obj) {
   Pack_ODK_CoreMessage(msg, &obj->core_message);
   Pack_uint32_t(msg, &obj->device_id_length);
   PackArray(msg, &obj->device_id[0], sizeof(obj->device_id));
 }
 
+void Pack_ODK_PreparedRenewedProvisioningRequest(
+    ODK_Message* msg, const ODK_PreparedRenewedProvisioningRequest* obj) {
+  Pack_ODK_CoreMessage(msg, &obj->core_message);
+  Pack_uint32_t(msg, &obj->device_id_length);
+  PackArray(msg, &obj->device_id[0], sizeof(obj->device_id));
+  Pack_uint16_t(msg, &obj->renewal_type);
+  Pack_uint32_t(msg, &obj->renewal_data_length);
+  PackArray(msg, &obj->renewal_data[0], sizeof(obj->renewal_data));
+}
+
 /* @@ kdo serialize */
 
 void Pack_ODK_LicenseResponse(ODK_Message* msg,
@@ -156,7 +166,7 @@ void Pack_ODK_RenewalResponse(ODK_Message* msg,
 }
 
 void Pack_ODK_ProvisioningResponse(ODK_Message* msg,
-                                   ODK_ProvisioningResponse const* obj) {
+                                   const ODK_ProvisioningResponse* obj) {
   Pack_ODK_PreparedProvisioningRequest(msg, &obj->request);
   Pack_ODK_ParsedProvisioning(
       msg, (const ODK_ParsedProvisioning*)obj->parsed_provisioning);
@@ -302,6 +312,16 @@ void Unpack_ODK_PreparedProvisioningRequest(
   UnpackArray(msg, &obj->device_id[0], sizeof(obj->device_id));
 }
 
+void Unpack_ODK_PreparedRenewedProvisioningRequest(
+    ODK_Message* msg, ODK_PreparedRenewedProvisioningRequest* obj) {
+  Unpack_ODK_CoreMessage(msg, &obj->core_message);
+  Unpack_uint32_t(msg, &obj->device_id_length);
+  UnpackArray(msg, &obj->device_id[0], sizeof(obj->device_id));
+  Unpack_uint16_t(msg, &obj->renewal_type);
+  Unpack_uint32_t(msg, &obj->renewal_data_length);
+  UnpackArray(msg, &obj->renewal_data[0], obj->renewal_data_length);
+}
+
 void Unpack_ODK_PreparedCommonRequest(ODK_Message* msg,
                                       ODK_PreparedCommonRequest* obj) {
   Unpack_ODK_CoreMessage(msg, &obj->core_message);

libwvdrmengine/oemcrypto/odk/src/odk_serialize.h

@@ -22,6 +22,8 @@ void Pack_ODK_PreparedRenewalRequest(ODK_Message* msg,
                                      const ODK_PreparedRenewalRequest* obj);
 void Pack_ODK_PreparedProvisioningRequest(
     ODK_Message* msg, const ODK_PreparedProvisioningRequest* obj);
+void Pack_ODK_PreparedRenewedProvisioningRequest(
+    ODK_Message* msg, const ODK_PreparedRenewedProvisioningRequest* obj);
 
 /* odk unpack */
 void Unpack_ODK_CoreMessage(ODK_Message* msg, ODK_CoreMessage* obj);
@@ -47,6 +49,8 @@ void Unpack_ODK_PreparedRenewalRequest(ODK_Message* msg,
                                        ODK_PreparedRenewalRequest* obj);
 void Unpack_ODK_PreparedProvisioningRequest(
     ODK_Message* msg, ODK_PreparedProvisioningRequest* obj);
+void Unpack_ODK_PreparedRenewedProvisioningRequest(
+    ODK_Message* msg, ODK_PreparedRenewedProvisioningRequest* obj);
 
 void Unpack_ODK_PreparedCommonRequest(ODK_Message* msg,
                                       ODK_PreparedCommonRequest* obj);

libwvdrmengine/oemcrypto/odk/src/odk_structs_priv.h

@@ -24,6 +24,7 @@ typedef uint32_t ODK_MessageType;
 #define ODK_Renewal_Response_Type ((ODK_MessageType)4u)
 #define ODK_Provisioning_Request_Type ((ODK_MessageType)5u)
 #define ODK_Provisioning_Response_Type ((ODK_MessageType)6u)
+#define ODK_Renewed_Provisioning_Request_Type ((ODK_MessageType)11u)
 
 // Reserve future message types to support forward compatibility.
 #define ODK_Release_Request_Type ((ODK_MessageType)7u)
@@ -52,6 +53,15 @@ typedef struct {
   uint8_t device_id[ODK_DEVICE_ID_LEN_MAX];
 } ODK_PreparedProvisioningRequest;
 
+typedef struct {
+  ODK_CoreMessage core_message;
+  uint32_t device_id_length;
+  uint8_t device_id[ODK_DEVICE_ID_LEN_MAX];
+  uint16_t renewal_type;
+  uint32_t renewal_data_length;
+  uint8_t renewal_data[ODK_KEYBOX_RENEWAL_DATA_SIZE];
+} ODK_PreparedRenewedProvisioningRequest;
+
 typedef struct {
   ODK_CoreMessage core_message;
 } ODK_PreparedCommonRequest;
@@ -96,6 +106,7 @@ typedef struct {
 #define ODK_LICENSE_REQUEST_SIZE 20u
 #define ODK_RENEWAL_REQUEST_SIZE 28u
 #define ODK_PROVISIONING_REQUEST_SIZE 88u
+#define ODK_RENEWED_PROVISIONING_REQUEST_SIZE 1694u
 
 // These are the possible timer status values.
 #define ODK_CLOCK_TIMER_STATUS_UNDEFINED 0u  // Should not happen.

libwvdrmengine/oemcrypto/odk/src/serialization_base.c

@@ -38,7 +38,7 @@ static void PackBytes(ODK_Message* message, const uint8_t* ptr, size_t count) {
 }
 
 void Pack_enum(ODK_Message* message, int value) {
-  uint32_t v32 = value;
+  uint32_t v32 = (uint32_t)value;
   Pack_uint32_t(message, &v32);
 }
 

libwvdrmengine/oemcrypto/odk/test/odk_core_message_test.cpp

@@ -2,6 +2,8 @@
 // source code may only be used and distributed under the Widevine
 // License Agreement.
 
+#include <string>
+
 #include "OEMCryptoCENCCommon.h"
 #include "gtest/gtest.h"
 #include "odk.h"

libwvdrmengine/oemcrypto/odk/test/odk_test.cpp

@@ -6,6 +6,7 @@
 
 #include <cstdlib>
 #include <cstring>
+#include <string>
 
 #include "OEMCryptoCENCCommon.h"
 #include "core_message_deserialize.h"
@@ -27,6 +28,8 @@ using oemcrypto_core_message::ODK_RenewalRequest;
 using oemcrypto_core_message::deserialize::CoreLicenseRequestFromMessage;
 using oemcrypto_core_message::deserialize::CoreProvisioningRequestFromMessage;
 using oemcrypto_core_message::deserialize::CoreRenewalRequestFromMessage;
+using oemcrypto_core_message::deserialize::
+    CoreRenewedProvisioningRequestFromMessage;
 
 using oemcrypto_core_message::features::CoreMessageFeatures;
 
@@ -270,6 +273,35 @@ TEST(OdkTest, NullRequestTest) {
             ODK_PrepareCoreProvisioningRequest(
                 message, ODK_PROVISIONING_REQUEST_SIZE, &core_message_length,
                 &nonce_values, nullptr, 0uL));
+
+  EXPECT_EQ(ODK_ERROR_CORE_MESSAGE,
+            ODK_PrepareCoreRenewedProvisioningRequest(
+                nullptr, 0uL, &core_message_length, nullptr, nullptr, 0uL,
+                OEMCrypto_RenewalACert, nullptr, 0uL));
+  EXPECT_EQ(ODK_ERROR_CORE_MESSAGE,
+            ODK_PrepareCoreRenewedProvisioningRequest(
+                nullptr, 0uL, nullptr, &nonce_values, nullptr, 0uL,
+                OEMCrypto_RenewalACert, nullptr, 0uL));
+
+  // Null device id in renewed provisioning request is ok
+  uint8_t renewed_message[ODK_RENEWED_PROVISIONING_REQUEST_SIZE] = {0};
+  uint8_t renewal_data[ODK_KEYBOX_RENEWAL_DATA_SIZE] = {0};
+  uint32_t renewal_data_length = ODK_KEYBOX_RENEWAL_DATA_SIZE;
+  core_message_length = ODK_RENEWED_PROVISIONING_REQUEST_SIZE;
+  EXPECT_EQ(OEMCrypto_SUCCESS,
+            ODK_PrepareCoreRenewedProvisioningRequest(
+                renewed_message, ODK_RENEWED_PROVISIONING_REQUEST_SIZE,
+                &core_message_length, &nonce_values, nullptr, 0uL,
+                OEMCrypto_RenewalACert, renewal_data, renewal_data_length));
+
+  // Null renewal data in renewed provisioning request is ok
+  uint8_t device_id[ODK_DEVICE_ID_LEN_MAX] = {0};
+  uint32_t device_id_length = ODK_DEVICE_ID_LEN_MAX;
+  core_message_length = ODK_RENEWED_PROVISIONING_REQUEST_SIZE;
+  ODK_PrepareCoreRenewedProvisioningRequest(
+      renewed_message, ODK_RENEWED_PROVISIONING_REQUEST_SIZE,
+      &core_message_length, &nonce_values, device_id, device_id_length,
+      OEMCrypto_RenewalACert, nullptr, 0uL);
 }
 
 TEST(OdkTest, NullResponseTest) {
@@ -422,6 +454,21 @@ TEST(OdkTest, PrepareCoreProvisioningRequest) {
           &core_message_length, &nonce_values, device_id, sizeof(device_id)));
 }
 
+TEST(OdkTest, PrepareCoreRenewedProvisioningRequest) {
+  uint8_t provisioning_message[ODK_RENEWED_PROVISIONING_REQUEST_SIZE] = {0};
+  size_t core_message_length = sizeof(provisioning_message);
+  ODK_NonceValues nonce_values;
+  memset(&nonce_values, 0, sizeof(nonce_values));
+  uint8_t device_id[ODK_DEVICE_ID_LEN_MAX] = {0};
+  uint8_t renewal_data[ODK_KEYBOX_RENEWAL_DATA_SIZE] = {0};
+  EXPECT_EQ(
+      OEMCrypto_SUCCESS,
+      ODK_PrepareCoreRenewedProvisioningRequest(
+          provisioning_message, sizeof(provisioning_message),
+          &core_message_length, &nonce_values, device_id, sizeof(device_id),
+          OEMCrypto_RenewalACert, renewal_data, sizeof(renewal_data)));
+}
+
 TEST(OdkTest, PrepareCoreProvisioningRequestDeviceId) {
   uint8_t provisioning_message[ODK_PROVISIONING_REQUEST_SIZE] = {0};
   size_t core_message_length = sizeof(provisioning_message);
@@ -435,6 +482,36 @@ TEST(OdkTest, PrepareCoreProvisioningRequestDeviceId) {
                 sizeof(device_id_invalid)));
 }
 
+TEST(OdkTest, PrepareCoreRenewedProvisioningRequestDeviceId) {
+  uint8_t provisioning_message[ODK_PROVISIONING_REQUEST_SIZE] = {0};
+  size_t core_message_length = sizeof(provisioning_message);
+  ODK_NonceValues nonce_values;
+  memset(&nonce_values, 0, sizeof(nonce_values));
+  uint8_t device_id_invalid[ODK_DEVICE_ID_LEN_MAX + 1] = {0};
+  uint8_t renewal_data[ODK_KEYBOX_RENEWAL_DATA_SIZE] = {0};
+  EXPECT_EQ(ODK_ERROR_CORE_MESSAGE,
+            ODK_PrepareCoreRenewedProvisioningRequest(
+                provisioning_message, sizeof(provisioning_message),
+                &core_message_length, &nonce_values, device_id_invalid,
+                sizeof(device_id_invalid), OEMCrypto_RenewalACert, renewal_data,
+                sizeof(renewal_data)));
+}
+
+TEST(OdkTest, PrepareCoreRenewedProvisioningRequestRenewalDataInvalid) {
+  uint8_t provisioning_message[ODK_PROVISIONING_REQUEST_SIZE] = {0};
+  size_t core_message_length = sizeof(provisioning_message);
+  ODK_NonceValues nonce_values;
+  memset(&nonce_values, 0, sizeof(nonce_values));
+  uint8_t device_id[ODK_DEVICE_ID_LEN_MAX] = {0};
+  uint8_t renewal_data_invalid[ODK_KEYBOX_RENEWAL_DATA_SIZE + 1] = {0};
+  EXPECT_EQ(ODK_ERROR_CORE_MESSAGE,
+            ODK_PrepareCoreRenewedProvisioningRequest(
+                provisioning_message, sizeof(provisioning_message),
+                &core_message_length, &nonce_values, device_id,
+                sizeof(device_id), OEMCrypto_RenewalACert, renewal_data_invalid,
+                sizeof(renewal_data_invalid)));
+}
+
 // Serialize and de-serialize license request
 TEST(OdkTest, LicenseRequestRoundtrip) {
   std::vector<ODK_Field> empty;
@@ -497,6 +574,39 @@ TEST(OdkTest, ProvisionRequestRoundtrip) {
                                            kdo_parse_func);
 }
 
+TEST(OdkTest, RenewedProvisionRequestRoundtrip) {
+  uint32_t device_id_length = ODK_DEVICE_ID_LEN_MAX / 2;
+  uint8_t device_id[ODK_DEVICE_ID_LEN_MAX] = {0};
+  memset(device_id, 0xff, device_id_length);
+  uint16_t renewal_type = OEMCrypto_RenewalACert;
+  uint32_t renewal_data_length = ODK_KEYBOX_RENEWAL_DATA_SIZE / 2;
+  uint8_t renewal_data[ODK_KEYBOX_RENEWAL_DATA_SIZE] = {0};
+  memset(renewal_data, 0xff, renewal_data_length);
+  std::vector<ODK_Field> extra_fields = {
+      {ODK_UINT32, &device_id_length, "device_id_length"},
+      {ODK_DEVICEID, device_id, "device_id"},
+      {ODK_UINT16, &renewal_type, "renewal_type"},
+      {ODK_UINT32, &renewal_data_length, "renewal_data_length"},
+      {ODK_RENEWALDATA, renewal_data, "renewal_data"},
+  };
+  auto odk_prepare_func = [&](uint8_t* const buf, size_t* size,
+                              const ODK_NonceValues* nonce_values) {
+    return ODK_PrepareCoreRenewedProvisioningRequest(
+        buf, SIZE_MAX, size, nonce_values, device_id, device_id_length,
+        renewal_type, renewal_data, renewal_data_length);
+  };
+  auto kdo_parse_func =
+      [&](const std::string& oemcrypto_core_message,
+          ODK_ProvisioningRequest* core_provisioning_request) {
+        bool ok = CoreRenewedProvisioningRequestFromMessage(
+            oemcrypto_core_message, core_provisioning_request);
+        return ok;
+      };
+  ValidateRequest<ODK_ProvisioningRequest>(
+      ODK_Renewed_Provisioning_Request_Type, extra_fields, odk_prepare_func,
+      kdo_parse_func);
+}
+
 TEST(OdkTest, ParseLicenseErrorNonce) {
   ODK_LicenseResponseParams params;
   ODK_SetDefaultLicenseResponseParams(&params, ODK_MAJOR_VERSION);
@@ -761,6 +871,7 @@ std::vector<VersionParameters> TestCases() {
       {17, 16, 4, 16, 4},
       {17, 16, 5, 16, 5},
       {17, 17, 0, 17, 0},
+      {17, 17, 1, 17, 1},
   };
   return test_cases;
 }

libwvdrmengine/oemcrypto/odk/test/odk_test_helper.cpp

@@ -9,6 +9,7 @@
 #include <cstring>
 #include <fstream>
 #include <iostream>
+#include <string>
 #include <vector>
 
 #include "OEMCryptoCENCCommon.h"
@@ -329,6 +330,8 @@ size_t ODK_FieldLength(ODK_FieldType type) {
       return sizeof(uint32_t) + sizeof(uint32_t);
     case ODK_DEVICEID:
       return ODK_DEVICE_ID_LEN_MAX;
+    case ODK_RENEWALDATA:
+      return ODK_KEYBOX_RENEWAL_DATA_SIZE;
     case ODK_HASH:
       return ODK_SHA256_HASH_SIZE;
     default:
@@ -385,6 +388,7 @@ OEMCryptoResult ODK_WriteSingleField(uint8_t* buf, const ODK_Field* field) {
       break;
     }
     case ODK_DEVICEID:
+    case ODK_RENEWALDATA:
     case ODK_HASH: {
       const size_t field_len = ODK_FieldLength(field->type);
       const uint8_t* const id = static_cast<uint8_t*>(field->value);
@@ -444,6 +448,7 @@ OEMCryptoResult ODK_ReadSingleField(const uint8_t* buf,
       break;
     }
     case ODK_DEVICEID:
+    case ODK_RENEWALDATA:
     case ODK_HASH: {
       const size_t field_len = ODK_FieldLength(field->type);
       uint8_t* const id = static_cast<uint8_t*>(field->value);
@@ -503,6 +508,7 @@ OEMCryptoResult ODK_DumpSingleField(const uint8_t* buf,
       break;
     }
     case ODK_DEVICEID:
+    case ODK_RENEWALDATA:
     case ODK_HASH: {
       const size_t field_len = ODK_FieldLength(field->type);
       std::cerr << field->name << ": ";

libwvdrmengine/oemcrypto/odk/test/odk_test_helper.h

@@ -21,6 +21,7 @@ enum ODK_FieldType {
   ODK_UINT64,
   ODK_SUBSTRING,
   ODK_DEVICEID,
+  ODK_RENEWALDATA,
   ODK_HASH,
   // The "stressable" types are the ones we can put in a stress test that packs
   // and unpacks random data and can expect to get back the same thing.