OEMCrypto v16.1

Merge of http://go/wvgerrit/93404 This CL updates the Widevine CDM to support OEMCrypto v16.1 Test: Tested in 16.2 CL Bug: 141247171 Change-Id: I69bd993500f6fb63bf6010c8b0250dc7acc3d71b
2020-01-18 10:11:24 -08:00
parent 7e2619e379
commit 7665614b2e
132 changed files with 12331 additions and 9341 deletions
--- a/libwvdrmengine/oemcrypto/odk/src/odk_timer.c
+++ b/libwvdrmengine/oemcrypto/odk/src/odk_timer.c
@@ -1,8 +1,6 @@
-/*
- * Copyright 2019 Google LLC. All Rights Reserved. This file and proprietary
- * source code may only be used and distributed under the Widevine Master
- * License Agreement.
- */
+/* Copyright 2019 Google LLC. All rights reserved. This file and proprietary */
+/* source code may only be used and distributed under the Widevine Master */
+/* License Agreement. */

 #include <stdint.h>
 #include <string.h>
@@ -57,11 +55,11 @@ OEMCryptoResult ODK_InitializeClockValues(ODK_ClockValues* clock_values,
 }

 OEMCryptoResult ODK_ReloadClockValues(ODK_ClockValues* clock_values,
-                           uint64_t time_of_license_signed,
-                           uint64_t time_of_first_decrypt,
-                           uint64_t time_of_last_decrypt,
-                           enum OEMCrypto_Usage_Entry_Status status,
-                           uint64_t system_time_seconds) {
+                                      uint64_t time_of_license_signed,
+                                      uint64_t time_of_first_decrypt,
+                                      uint64_t time_of_last_decrypt,
+                                      enum OEMCrypto_Usage_Entry_Status status,
+                                      uint64_t system_time_seconds) {
  if (clock_values == NULL) return OEMCrypto_ERROR_INVALID_CONTEXT;
  clock_values->time_of_license_signed = time_of_license_signed;
  clock_values->time_of_first_decrypt = time_of_first_decrypt;
@@ -98,7 +96,8 @@ uint32_t ODK_AttemptFirstPlayback(uint64_t system_time_seconds,
   * session. */
  if (clock_values->status == kUnused) {
    /* If the rental clock has expired, the license has expired. */
-    if (rental_time > timer_limits->latest_playback_start_seconds) {
+    if (rental_time > timer_limits->latest_playback_start_seconds &&
+        timer_limits->latest_playback_start_seconds > 0) {
      clock_values->timer_status = ODK_TIMER_EXPIRED;
      return ODK_TIMER_EXPIRED;
    }
@@ -187,6 +186,13 @@ OEMCryptoResult ODK_UpdateLastPlaybackTime(uint64_t system_time_seconds,
  if (clock_values->timer_status == ODK_TIMER_EXPIRED) {
    return ODK_TIMER_EXPIRED;
  }
+  /* If the clock status is already marked as inactive, then playback is
+   * not allowed. */
+  /* TODO(b/142415188): add helper function. */
+  if (clock_values->status > kActive) {
+    clock_values->timer_status = ODK_TIMER_EXPIRED;
+    return ODK_TIMER_EXPIRED;
+  }
  if (clock_values->time_when_timer_expires > 0 &&
      system_time_seconds > clock_values->time_when_timer_expires) {
    clock_values->timer_status = ODK_TIMER_EXPIRED;
@@ -200,7 +206,7 @@ OEMCryptoResult ODK_DeactivateUsageEntry(ODK_ClockValues* clock_values) {
  if (clock_values == NULL) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
  if (clock_values->status == kUnused) {
    clock_values->status = kInactiveUnused;
-  } else {
+  } else if (clock_values->status == kActive) {
    clock_values->status = kInactiveUsed;
  }
  return OEMCrypto_SUCCESS;
@@ -227,3 +233,53 @@ OEMCryptoResult ODK_InitializeV15Values(ODK_TimerLimits* timer_limits,
  }
  return OEMCrypto_SUCCESS;
 }
+
+OEMCryptoResult ODK_RefreshV15Values(const ODK_TimerLimits* timer_limits,
+                                     ODK_ClockValues* clock_values,
+                                     const ODK_NonceValues* nonce_values,
+                                     uint64_t system_time_seconds,
+                                     uint64_t* timer_value) {
+  if (timer_limits == NULL || clock_values == NULL || nonce_values == NULL)
+    return OEMCrypto_ERROR_INVALID_CONTEXT;
+  if (nonce_values->api_version != 15) return OEMCrypto_ERROR_INVALID_NONCE;
+  if (clock_values->status > kActive) {
+    clock_values->timer_status = ODK_TIMER_EXPIRED;
+    return ODK_TIMER_EXPIRED;
+  }
+  /* If this is before the license was signed, something is odd. Return an
+   * error. */
+  if (system_time_seconds < clock_values->time_of_license_signed)
+    return OEMCrypto_ERROR_UNKNOWN_FAILURE;
+
+  /* All times are relative to when the license was signed. */
+  const uint64_t rental_time =
+      system_time_seconds - clock_values->time_of_license_signed;
+
+  /* The timer should be limited by the renewal playback duration.  This is
+   * similar to code in AttemptFirstPlayback, above, except we use the
+   * renewal_playback_duration here, and we do not change clock_values->status.
+   */
+  uint64_t time_left = timer_limits->renewal_playback_duration_seconds;
+  /* If there is a license duration, it also limits the timer. Remember, a
+   * limit of 0 means no limit, or infinite. */
+  if (timer_limits->license_duration_seconds > 0) {
+    if (timer_limits->license_duration_seconds < rental_time) {
+      clock_values->timer_status = ODK_TIMER_EXPIRED;
+      return ODK_TIMER_EXPIRED;
+    }
+    if (timer_limits->license_duration_seconds - rental_time < time_left ||
+        time_left == 0) {
+      time_left = timer_limits->license_duration_seconds - rental_time;
+    }
+  }
+  if (time_left == 0 || timer_limits->soft_expiry) { /* Unlimited. */
+    clock_values->time_when_timer_expires = 0;
+    clock_values->timer_status = ODK_DISABLE_TIMER;
+    return ODK_DISABLE_TIMER;
+  }
+  /* Set timer to limit playback. */
+  if (timer_value) *timer_value = time_left;
+  clock_values->time_when_timer_expires = system_time_seconds + time_left;
+  clock_values->timer_status = ODK_SET_TIMER;
+  return ODK_SET_TIMER;
+}