OEMCrypto v16.1

Merge of http://go/wvgerrit/93404

This CL updates the Widevine CDM to support OEMCrypto v16.1

Test: Tested in 16.2 CL
Bug: 141247171
Change-Id: I69bd993500f6fb63bf6010c8b0250dc7acc3d71b

libwvdrmengine/oemcrypto/odk/include/odk.h

@@ -1,8 +1,6 @@
-/*
- * Copyright 2019 Google LLC. All Rights Reserved. This file and proprietary
- * source code may only be used and distributed under the Widevine Master
- * License Agreement.
- */
+/* Copyright 2019 Google LLC. All rights reserved. This file and proprietary */
+/* source code may only be used and distributed under the Widevine Master */
+/* License Agreement. */
 
 /*********************************************************************
  * odk.h
@@ -44,10 +42,11 @@
  *
  *********************************************************************/
 
-#ifndef ODK_H_
-#define ODK_H_
+#ifndef WIDEVINE_ODK_INCLUDE_ODK_H_
+#define WIDEVINE_ODK_INCLUDE_ODK_H_
 
 #include <stdint.h>
+
 #include "OEMCryptoCENCCommon.h"
 #include "odk_structs.h"
 
@@ -319,7 +318,7 @@ OEMCryptoResult ODK_PrepareCoreLicenseRequest(
  */
 OEMCryptoResult ODK_PrepareCoreRenewalRequest(
     uint8_t* message, size_t message_length, size_t* core_message_size,
-    const ODK_NonceValues* nonce_values, const ODK_ClockValues* clock_values,
+    const ODK_NonceValues* nonce_values, ODK_ClockValues* clock_values,
     uint64_t system_time_seconds);
 
 /*
@@ -327,8 +326,8 @@ OEMCryptoResult ODK_PrepareCoreRenewalRequest(
  *
  * Description:
  *   Modifies the message to include a core provisioning request at the
- *   beginning of the message buffer. The values in nonce_values are used to
- *   populate the message.
+ *   beginning of the message buffer. The values in nonce_values, clock_values
+ *   and system_time_seconds are used to populate the message.
  *
  *   This shall be called by OEMCrypto from
  *   OEMCrypto_PrepAndSignProvisioningRequest.
@@ -400,39 +399,60 @@ OEMCryptoResult ODK_InitializeV15Values(ODK_TimerLimits* timer_limits,
                                         uint32_t key_duration,
                                         uint64_t system_time_seconds);
 
+/*
+ * ODK_RefreshV15Values
+ *
+ * Description:
+ *   This function updates the clock_values as needed if the renewal is
+ *   accepted. The field nonce_values.api_level is verified to be 15.
+ *
+ * Parameters:
+ *   [in] timer_limits: The session's timer limits.
+ *   [in/out] clock_values: The session's clock values.
+ *   [in] nonce_values: The session's ODK nonce values.
+ *   [in] system_time_seconds: The current time on the system clock, as
+ *         described in the document "License Duration and Renewal".
+ *   [out] timer_value: set to the new timer value. Only used if the return
+ *         value is ODK_SET_TIMER. This must be non-null if OEMCrypto uses a
+ *         hardware timer.
+ *
+ * Returns:
+ *   OEMCrypto_SUCCESS
+ *   OEMCrypto_ERROR_UNKNOWN_FAILURE
+ *   ODK_SET_TIMER: Success. The timer should be reset to the specified value
+ *         and playback is allowed.
+ *   ODK_DISABLE_TIMER: Success, but disable timer. Unlimited playback is
+ *         allowed.
+ *   ODK_TIMER_EXPIRED: Set timer as disabled. Playback is not allowed.
+ *
+ * Version:
+ *   This method is new in version 16 of the API.
+ */
+OEMCryptoResult ODK_RefreshV15Values(const ODK_TimerLimits* timer_limits,
+                                     ODK_ClockValues* clock_values,
+                                     const ODK_NonceValues* nonce_values,
+                                     uint64_t system_time_seconds,
+                                     uint64_t* timer_value);
+
 /*
  * ODK_ParseLicense
  *
  * Description:
- *   The function ODK_ParseLicense will parse the message and verify fields in
- *   the message.
+ *   The function ODK_ParseLicense will parse the message and verify
+ *
+ *     1. Either the nonce matches the one passed in or the license does not
+ *        require a nonce.
+ *     2. The API version of the message matches.
+ *     3. The session id matches.
+ *   The function ODK_ParseLicense will parse the message and set each
+ *   substring pointer to point to a location in the message body. The message
+ *   body is the buffer starting at message + core_message_length with size
+ *   message_length - core_message_length.
  *
  *   If the message does not parse correctly, ODK_VerifyAndParseLicense will
  *   return ODK_ERROR_CORE_MESSAGE that OEMCrypto should return to the CDM
- *   layer above.
- *
- *   If the api in the message is not 16, then ODK_UNSUPPORTED_API is returned.
- *
- *   If initial_license_load is true, and nonce_required in the license is
- *   true, then the ODK library shall verify that nonce_values->nonce and
- *   nonce_values->session_id are the same as those in the message. If
- *   verification fails, then it shall return OEMCrypto_ERROR_INVALID_NONCE.
- *
- *   If initial_license_load is false, and nonce_required is true, then
- *   ODK_ParseLicense will set the values in nonce_values from those in the
- *   message.
- *
- *   The function ODK_ParseLicense will verify each substring points to a
- *   location in the message body. The message body is the buffer starting at
- *   message + core_message_length with size message_length -
- *   core_message_length.
- *
- *   If initial_license_load is true, then ODK_ParseLicense shall verify that
- *   hash matches request_hash in the parsed license. If verification fails,
- *   then it shall return ODK_ERROR_CORE_MESSAGE.
- *
- *   If usage_entry_present is true, then ODK_ParseLicense shall verify that
- *   the pst in the license has a nonzero length.
+ *   layer above. If the api in the message is larger than 16, then
+ *   ODK_UNSUPPORTED_API is returned.
  *
  * Parameters:
  *   [in] message: pointer to the message buffer.
@@ -470,12 +490,9 @@ OEMCryptoResult ODK_ParseLicense(
  * ODK_ParseRenewal
  *
  * Description:
- *   The function ODK_ParseRenewal will parse the message and verify. If the
- *   message does not parse correctly, an error of ODK_ERROR_CORE_MESSAGE is
- *   returned.
- *
- *   ODK_ParseRenewal shall verify that all fields in nonce_values match those
- *   in the license. Otherwise it shall return OEMCrypto_ERROR_INVALID_NONCE.
+ *   The function ODK_ParseRenewal will parse the message and verify that the
+ *   nonce values match those in the license. If the message does not parse
+ *   correctly, an error of ODK_ERROR_CORE_MESSAGE is returned.
  *
  *   After parsing the message, this function updates the clock_values based on
  *   the timer_limits and the current system time. If playback may not
@@ -534,21 +551,14 @@ OEMCryptoResult ODK_ParseRenewal(const uint8_t* message, size_t message_length,
  *   The function ODK_ParseProvisioning will parse the message and verify the
  *   nonce values match those in the license.
  *
+ *   The function ODK_ParseProvisioning will parse the message and set each
+ *   substring pointer to point to a location in the message body. The message
+ *   body is the buffer starting at message + core_message_length with size
+ *   message_length - core_message_length.
+ *
  *   If the message does not parse correctly, ODK_ParseProvisioning will return
  *   an error that OEMCrypto should return to the CDM layer above.
  *
- *   If the api in the message is larger than 16, then ODK_UNSUPPORTED_API is
- *   returned.
- *
- *   ODK_ParseProvisioning shall verify that nonce_values->nonce and
- *   nonce_values->session_id are the same as those in the message. Otherwise
- *   it shall return OEMCrypto_ERROR_INVALID_NONCE.
- *
- *   The function ODK_ParseProvisioning will verify each substring points to a
- *   location in the message body. The message body is the buffer starting at
- *   message + core_message_length with size message_length -
- *   core_message_length.
- *
  * Parameters:
  *   [in] message: pointer to the message buffer.
  *   [in] message_length: length of the entire message buffer.
@@ -580,4 +590,4 @@ OEMCryptoResult ODK_ParseProvisioning(
 }
 #endif
 
-#endif  // ODK_H_
+#endif /* WIDEVINE_ODK_INCLUDE_ODK_H_ */