Revert "Merge latest oemcrypto-v17 change"

This reverts commit 642965c678.

Reason for revert: Droidfood Blocking Bug: 217145027

Change-Id: I669b72fcd91c62e28883b5f55eb36af274d85806
(cherry picked from commit 8dbea15e5da05b371572297041454569dc166c90)
Merged-In:I669b72fcd91c62e28883b5f55eb36af274d85806

libwvdrmengine/oemcrypto/odk/include/OEMCryptoCENCCommon.h

@@ -89,9 +89,6 @@ typedef enum OEMCryptoResult {
   OEMCrypto_WARNING_MIXED_OUTPUT_PROTECTION    = 59,
   OEMCrypto_ERROR_INVALID_ENTITLED_KEY_SESSION = 60,
   OEMCrypto_ERROR_NEEDS_KEYBOX_PROVISIONING    = 61,
-  OEMCrypto_ERROR_UNSUPPORTED_CIPHER           = 62,
-  OEMCrypto_ERROR_DVR_FORBIDDEN                = 63,
-  OEMCrypto_ERROR_INSUFFICIENT_PRIVILEGE       = 64,
   OEMCrypto_ERROR_INVALID_KEY                  = 65,
   /* ODK return values */
   ODK_ERROR_BASE                               = 1000,
@@ -146,62 +143,6 @@ typedef struct {
   size_t length;
 } OEMCrypto_Substring;
 
-/**
- * Used to specify information about CMI Descriptor 0.
- * @param id: ID value of CMI Descriptor assigned by DTLA.
- * @param length: byte length of the usage rules field.
- * @param data: usage rules data.
- */
-typedef struct {
-  uint8_t id;         // 0x00
-  uint8_t extension;  // 0x00
-  uint16_t length;    // 0x01
-  uint8_t data;
-} OEMCrypto_DTCP2_CMI_Descriptor_0;
-
-/**
- * Used to specify information about CMI Descriptor 1.
- * @param id: ID value of CMI Descriptor assigned by DTLA.
- * @param extension: specified by the CMI descriptor
- * @param length: byte length of the usage rules field.
- * @param data: usage rules data.
- */
-typedef struct {
-  uint8_t id;         // 0x01
-  uint8_t extension;  // 0x00
-  uint16_t length;    // 0x03
-  uint8_t data[3];
-} OEMCrypto_DTCP2_CMI_Descriptor_1;
-
-/**
- * Used to specify information about CMI Descriptor 2.
- * @param id: ID value of CMI Descriptor assigned by DTLA.
- * @param extension: specified by the CMI descriptor
- * @param length: byte length of the usage rules field.
- * @param data: usage rules data.
- */
-typedef struct {
-  uint8_t id;         // 0x02
-  uint8_t extension;  // 0x00
-  uint16_t length;    // 0x03
-  uint8_t data[3];
-} OEMCrypto_DTCP2_CMI_Descriptor_2;
-
-/**
- *  Used to specify the required DTCP2 level. If dtcp2_required is 0, there are
- *  no requirements on any of the keys. If dtcp2_required is 1, any key with the
- *  kControlHDCPRequired bit set requires DTCP2 in its output.
- * @param dtcp2_required: specifies whether dtcp2 is required. 0 = not required,
- *        1 = DTCP2 required.
- * @param cmi_descriptor_1: three bytes of CMI descriptor 1
- */
-typedef struct {
-  uint8_t dtcp2_required;  // 0 = not required. 1 = DTCP2 v1 required.
-  OEMCrypto_DTCP2_CMI_Descriptor_0 cmi_descriptor_0;
-  OEMCrypto_DTCP2_CMI_Descriptor_1 cmi_descriptor_1;
-  OEMCrypto_DTCP2_CMI_Descriptor_2 cmi_descriptor_2;
-} OEMCrypto_DTCP2_CMI_Packet;
-
 /**
  *  Points to the relevant fields for a content key. The fields are extracted
  *  from the License Response message offered to OEMCrypto_LoadKeys(). Each

libwvdrmengine/oemcrypto/odk/include/core_message_features.h

@@ -1,44 +0,0 @@
-// Copyright 2021 Google LLC. All rights reserved. This file and proprietary
-// source code may only be used and distributed under the Widevine
-// License Agreement.
-
-#ifndef WIDEVINE_ODK_INCLUDE_CORE_MESSAGE_FEATURES_H_
-#define WIDEVINE_ODK_INCLUDE_CORE_MESSAGE_FEATURES_H_
-
-#include <stdint.h>
-
-#include <iostream>
-#include <string>
-
-namespace oemcrypto_core_message {
-namespace features {
-
-// Features that may be supported by core messages. By restricting values in
-// this structure, we can turn off features at runtime. This is plain data, and
-// is essentially a version number.
-struct CoreMessageFeatures {
-  // A default set of features.
-  static const CoreMessageFeatures kDefaultFeatures;
-
-  // Create the default feature set for the given major version number.
-  static CoreMessageFeatures DefaultFeatures(uint32_t maximum_major_version);
-
-  // This is the published version of the ODK Core Message library. The default
-  // behavior is for the server to restrict messages to at most this version
-  // number. The default is 16.5, the last version used by Chrome. This will
-  // change to 17.0 when v17 has been released.
-  uint32_t maximum_major_version = 17;
-  uint32_t maximum_minor_version = 0;
-
-  bool operator==(const CoreMessageFeatures &other) const;
-  bool operator!=(const CoreMessageFeatures &other) const {
-    return !(*this == other);
-  }
-};
-
-std::ostream &operator<<(std::ostream &os, const CoreMessageFeatures &features);
-
-}  // namespace features
-}  // namespace oemcrypto_core_message
-
-#endif  // WIDEVINE_ODK_INCLUDE_CORE_MESSAGE_FEATURES_H_

libwvdrmengine/oemcrypto/odk/include/core_message_serialize.h

@@ -17,27 +17,23 @@
 #ifndef WIDEVINE_ODK_INCLUDE_CORE_MESSAGE_SERIALIZE_H_
 #define WIDEVINE_ODK_INCLUDE_CORE_MESSAGE_SERIALIZE_H_
 
-#include "core_message_features.h"
 #include "core_message_types.h"
 #include "odk_structs.h"
 
 namespace oemcrypto_core_message {
 namespace serialize {
-using oemcrypto_core_message::features::CoreMessageFeatures;
 
 /**
  * Counterpart (serializer) of ODK_ParseLicense (deserializer)
  * struct-input variant
  *
  * Parameters:
- *   [in] features feature support for response message.
  *   [in] parsed_lic
  *   [in] core_request
  *   [in] core_request_sha256
  *   [out] oemcrypto_core_message
  */
-bool CreateCoreLicenseResponse(const CoreMessageFeatures& features,
-                               const ODK_ParsedLicense& parsed_lic,
+bool CreateCoreLicenseResponse(const ODK_ParsedLicense& parsed_lic,
                                const ODK_LicenseRequest& core_request,
                                const std::string& core_request_sha256,
                                std::string* oemcrypto_core_message);
@@ -46,13 +42,11 @@ bool CreateCoreLicenseResponse(const CoreMessageFeatures& features,
  * Counterpart (serializer) of ODK_ParseRenewal (deserializer)
  *
  * Parameters:
- *   [in] features feature support for response message.
  *   [in] core_request
  *   [in] renewal_duration_seconds
  *   [out] oemcrypto_core_message
  */
-bool CreateCoreRenewalResponse(const CoreMessageFeatures& features,
-                               const ODK_RenewalRequest& core_request,
+bool CreateCoreRenewalResponse(const ODK_RenewalRequest& core_request,
                                uint64_t renewal_duration_seconds,
                                std::string* oemcrypto_core_message);
 
@@ -61,13 +55,11 @@ bool CreateCoreRenewalResponse(const CoreMessageFeatures& features,
  * struct-input variant
  *
  * Parameters:
- *   [in] features feature support for response message.
  *   [in] parsed_prov
  *   [in] core_request
  *   [out] oemcrypto_core_message
  */
-bool CreateCoreProvisioningResponse(const CoreMessageFeatures& features,
-                                    const ODK_ParsedProvisioning& parsed_prov,
+bool CreateCoreProvisioningResponse(const ODK_ParsedProvisioning& parsed_prov,
                                     const ODK_ProvisioningRequest& core_request,
                                     std::string* oemcrypto_core_message);
 }  // namespace serialize

libwvdrmengine/oemcrypto/odk/include/core_message_serialize_proto.h

@@ -17,46 +17,41 @@
 #include <cstdint>
 #include <string>
 
-#include "core_message_features.h"
 #include "core_message_types.h"
 #include "license_protocol.pb.h"
 
 namespace oemcrypto_core_message {
 namespace serialize {
+
 // @ public create response (serializer) functions accepting proto input
 
 /**
  * Counterpart (serializer) of ODK_ParseLicense (deserializer)
  *
  * Parameters:
- *   [in] features feature support for response message.
  *   [in] serialized_license
           serialized video_widevine::License
  *   [in] core_request oemcrypto core message from request.
  *   [in] core_request_sha256 - hash of serialized core request.
  *   [in] nonce_required - if the device should require a nonce match.
- *   [in] uses_padding - if the keys use padding.
  *   [out] oemcrypto_core_message - the serialized oemcrypto core response.
  */
-bool CreateCoreLicenseResponseFromProto(
-    const oemcrypto_core_message::features::CoreMessageFeatures& features,
-    const std::string& serialized_license,
-    const ODK_LicenseRequest& core_request,
-    const std::string& core_request_sha256, const bool nonce_required,
-    const bool uses_padding, std::string* oemcrypto_core_message);
+bool CreateCoreLicenseResponseFromProto(const std::string& serialized_license,
+                                        const ODK_LicenseRequest& core_request,
+                                        const std::string& core_request_sha256,
+                                        const bool nonce_required,
+                                        std::string* oemcrypto_core_message);
 
 /**
  * Counterpart (serializer) of ODK_ParseProvisioning (deserializer)
  *
  * Parameters:
- *   [in] features feature support for response message.
  *   [in] serialized_provisioning_response
  *        serialized video_widevine::ProvisioningResponse
  *   [in] core_request
  *   [out] oemcrypto_core_message
  */
 bool CreateCoreProvisioningResponseFromProto(
-    const oemcrypto_core_message::features::CoreMessageFeatures& features,
     const std::string& serialized_provisioning_response,
     const ODK_ProvisioningRequest& core_request,
     std::string* oemcrypto_core_message);

libwvdrmengine/oemcrypto/odk/include/odk.h

@@ -132,11 +132,11 @@ OEMCryptoResult ODK_InitializeClockValues(ODK_ClockValues* clock_values,
  * This function sets the values in the clock_values structure. It shall be
  * called from OEMCrypto_LoadUsageEntry. When a usage entry from a v15 or
  * earlier license is loaded, the value time_of_license_loaded shall be used
- * in place of time_of_license_request_signed.
+ * in place of time_of_license_signed.
  *
  * @param[in,out]  clock_values: the session's clock data.
- * @param[in] time_of_license_request_signed: the value time_license_received
- *       from the loaded usage entry.
+ * @param[in] time_of_license_signed: the value time_license_received from the
+ *       loaded usage entry.
  * @param[in] time_of_first_decrypt: the value time_of_first_decrypt from the
  *       loaded usage entry.
  * @param[in] time_of_last_decrypt: the value time_of_last_decrypt from the
@@ -152,7 +152,7 @@ OEMCryptoResult ODK_InitializeClockValues(ODK_ClockValues* clock_values,
  * This method is new in version 16 of the API.
  */
 OEMCryptoResult ODK_ReloadClockValues(ODK_ClockValues* clock_values,
-                                      uint64_t time_of_license_request_signed,
+                                      uint64_t time_of_license_signed,
                                       uint64_t time_of_first_decrypt,
                                       uint64_t time_of_last_decrypt,
                                       enum OEMCrypto_Usage_Entry_Status status,
@@ -469,6 +469,8 @@ OEMCryptoResult ODK_RefreshV15Values(const ODK_TimerLimits* timer_limits,
  *       and false when called for OEMCrypto_ReloadLicense.
  * @param[in] usage_entry_present: true if the session has a new usage entry
  *       associated with it created via OEMCrypto_CreateNewUsageEntry.
+ * @param[in] request_hash: the hash of the license request core message. This
+ *       was computed by OEMCrypto when the license request was signed.
  * @param[in,out] timer_limits: The session's timer limits. These will be
  *       updated.
  * @param[in,out] clock_values: The session's clock values. These will be
@@ -490,6 +492,7 @@ OEMCryptoResult ODK_RefreshV15Values(const ODK_TimerLimits* timer_limits,
 OEMCryptoResult ODK_ParseLicense(
     const uint8_t* message, size_t message_length, size_t core_message_length,
     bool initial_license_load, bool usage_entry_present,
+    const uint8_t request_hash[ODK_SHA256_HASH_SIZE],
     ODK_TimerLimits* timer_limits, ODK_ClockValues* clock_values,
     ODK_NonceValues* nonce_values, ODK_ParsedLicense* parsed_license);
 
@@ -595,20 +598,6 @@ OEMCryptoResult ODK_ParseProvisioning(
     const ODK_NonceValues* nonce_values, const uint8_t* device_id,
     size_t device_id_length, ODK_ParsedProvisioning* parsed_response);
 
-/**
- * The function ODK_ParseProvisioning will parse the message and verify the
- * API version is at most the version passed in.
- *
- * @param[in] nonce_values: pointer to the session's nonce data.
- * @param[in] major_versioh: current API major version.
- * @param[in] minor_version: current API minor version.
- *
- * @version
- * This method is new in version 17 of the API.
- */
-bool CheckApiVersionAtMost(const ODK_NonceValues* nonce_values,
-                           uint16_t major_version, uint16_t minor_version);
-
 /// @}
 
 #ifdef __cplusplus

libwvdrmengine/oemcrypto/odk/include/odk_message.h

@@ -1,6 +1,8 @@
-// Copyright 2019 Google LLC. All rights reserved. This file and proprietary
-// source code may only be used and distributed under the Widevine
-// License Agreement.
+/*
+ * Copyright 2019 Google LLC. All Rights Reserved. This file and proprietary
+ * source code may only be used and distributed under the Widevine
+ * License Agreement.
+ */
 
 #ifndef WIDEVINE_ODK_INCLUDE_ODK_MESSAGE_H_
 #define WIDEVINE_ODK_INCLUDE_ODK_MESSAGE_H_
@@ -35,10 +37,10 @@ extern "C" {
  */
 
 #if defined(__GNUC__) || defined(__clang__)
-#define ALIGNED __attribute__((aligned))
+#  define ALIGNED __attribute__((aligned))
 #else
-#define ALIGNED
-#error ODK_Message must be aligned to the maximum useful alignment of the \
+#  define ALIGNED
+#  error ODK_Message must be aligned to the maximum useful alignment of the \
   machine you are compiling for. Define the ALIGNED macro accordingly.
 #endif
 

libwvdrmengine/oemcrypto/odk/include/odk_structs.h

@@ -5,21 +5,21 @@
 #ifndef WIDEVINE_ODK_INCLUDE_ODK_STRUCTS_H_
 #define WIDEVINE_ODK_INCLUDE_ODK_STRUCTS_H_
 
-#ifdef __cplusplus
-extern "C" {
-#endif
-
 #include <stdint.h>
 
 #include "OEMCryptoCENCCommon.h"
 #include "odk_target.h"
 
 /* The version of this library. */
-#define ODK_MAJOR_VERSION 17
-#define ODK_MINOR_VERSION 0
+#define ODK_MAJOR_VERSION 16
+// TODO(b/163416999): Do not change minor version to 16.5 on master branch.  The
+// version 16.5 is reserved for Alcatraz, iOS, and other L3 platforms using
+// third-party obfuscation tools. The version should not be used for CE CDM or
+// Android CDM. We should jump straight to 17.0.
+#define ODK_MINOR_VERSION 4
 
 /* ODK Version string. Date changed automatically on each release. */
-#define ODK_RELEASE_DATE "ODK v17.0 2022-01-24"
+#define ODK_RELEASE_DATE "ODK v16.4 2020-10-23"
 
 /* The lowest version number for an ODK message. */
 #define ODK_FIRST_VERSION 16
@@ -89,9 +89,9 @@ typedef struct {
  * on OEMCrypto's system clock, as described in the document "License
  * Duration and Renewal".
  *
- * @param time_of_license_request_signed: Time that the license request was
- *        signed, based on OEMCrypto's system clock. This value shall be stored
- *        and reloaded with usage entry as time_of_license_received.
+ * @param time_of_license_signed: Time that the license request was signed,
+ *        based on OEMCrypto's system clock. This value shall be stored and
+ *        reloaded with usage entry as time_of_license_received.
  * @param time_of_first_decrypt: Time of the first decrypt or call select key,
  *        based on OEMCrypto's system clock. This is 0 if the license has not
  *        been used to decrypt any data. This value shall be stored and reloaded
@@ -114,7 +114,7 @@ typedef struct {
  * This struct changed in API version 16.2.
  */
 typedef struct {
-  uint64_t time_of_license_request_signed;
+  uint64_t time_of_license_signed;
   uint64_t time_of_first_decrypt;
   uint64_t time_of_last_decrypt;
   uint64_t time_of_renewal_request;
@@ -175,13 +175,11 @@ typedef struct {
  *        entitlement keys.
  * @param nonce_required: indicates if the license requires a nonce.
  * @param timer_limits: time limits of the for the license.
- * @param watermarking: specifies if device supports watermarking.
- * @param dtcp2_required: specifies if device supports DTCP.
  * @param key_array_length: number of keys present.
  * @param key_array: set of keys to be installed.
  *
  * @version
- * This struct changed in API version 17.
+ * This struct changed in API version 16.2.
  */
 typedef struct {
   OEMCrypto_Substring enc_mac_keys_iv;
@@ -191,8 +189,6 @@ typedef struct {
   OEMCrypto_LicenseType license_type;
   bool nonce_required;
   ODK_TimerLimits timer_limits;
-  uint32_t watermarking;
-  OEMCrypto_DTCP2_CMI_Packet dtcp2_required;
   uint32_t key_array_length;
   OEMCrypto_KeyObject key_array[ODK_MAX_NUM_KEYS];
 } ODK_ParsedLicense;
@@ -220,8 +216,4 @@ typedef struct {
 
 /// @}
 
-#ifdef __cplusplus
-}  // extern "C"
-#endif
-
 #endif  // WIDEVINE_ODK_INCLUDE_ODK_STRUCTS_H_