44ba42f5cc
Merge from Widevine repo of http://go/wvgerrit/133703 and http://ag/14707867 In order to use a local provisioning server, we need to use a different test keybox system id that is in the dev device database instead of the production database. We also need to use a local license server that uses the dev license server. Bug: 187646550 Test: GtsMediaTestCases Change-Id: Ice89143dd26de22757375a770c6bac716fcbc057 Add Keybox OTA Provisioning functions to OEMCrypto header Merge from Widevine repo of http://go/wvgerrit/133704 and http://go/ag/14707868 Bug: 188228998 Change-Id: Iff54bc2870e87bf7239e179e1d02fbcc8df6198f Stub build changes to support OTA Keybox Merge from Widevine repo of http://go/wvgerrit/133725 and http://go/ag/14781459 This CL adds a new unit test file for testing OTA keybox reprovisioning functionality. This new test is built when running the dynamic adapter in the linux build, and in the Android build. Bug: 187646550 Change-Id: I625513840188f95e74831ef2ea399e827e837439 Add OTA Keybox functions to dynamic adapter Merge from Widevine repo of http://go/wvgerrit/125843 and http://go/ag/14781460 Bug: 187646550 Change-Id: Ief78ed10599c091690e0d7dc488ea71674c763b5 Refactor dynamic adapter keybox verification Merge from Widevine repo of http://go/wvgerrit/133727 http://go/ag/14812524 The keybox validation needs to be done separately from initializing the library so that we can support Keybox OTA Reprovisioning. If L1 loads, but the keybox is missing, the initialization should succeed. When the keybox is validated, the adapter should try to look for a keybox on the filesystem. if none is found, it should either return NEEDS PROVISIONING or an error. Bug: 187646550 Change-Id: I34a8c365a5a5ca35c379bea827c85c749964744c Update crypto session to use new OTA keybox functionality Merge from Widevine repo of http://go/wvgerrit/133728 and http://go/ag/14812525 This CL stubs out two new CryptoSession functions that call the new OEMCrypto functions for OTA Keybox Provisioning. It builds! Yay! It also adds a boolean needs_keybox_provisioning that is set to true when OEMCrypto reports that it needs a keybox. This should only happen if there is no keybox installed and oemcrypto supports provisioning. Bug: 187646550 Merged-In: Ide9533943125aa13b8899b652b118a0b410c882c Change-Id: Ide9533943125aa13b8899b652b118a0b410c882c
176 lines
7.1 KiB
C
176 lines
7.1 KiB
C
// Copyright 2019 Google LLC. All rights reserved. This file and proprietary
|
|
// source code may only be used and distributed under the Widevine
|
|
// License Agreement.
|
|
|
|
/*********************************************************************
|
|
* OEMCryptoCENCCommon.h
|
|
*
|
|
* Common structures and error codes between WV servers and OEMCrypto.
|
|
*
|
|
*********************************************************************/
|
|
|
|
#ifndef WIDEVINE_ODK_INCLUDE_OEMCRYPTOCENCCOMMON_H_
|
|
#define WIDEVINE_ODK_INCLUDE_OEMCRYPTOCENCCOMMON_H_
|
|
|
|
#include <stdbool.h>
|
|
#include <stddef.h>
|
|
#include <stdint.h>
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
/// @addtogroup common_types
|
|
/// @{
|
|
|
|
/* clang-format off */
|
|
/** Error and result codes returned by OEMCrypto functions. */
|
|
typedef enum OEMCryptoResult {
|
|
OEMCrypto_SUCCESS = 0,
|
|
OEMCrypto_ERROR_INIT_FAILED = 1,
|
|
OEMCrypto_ERROR_TERMINATE_FAILED = 2,
|
|
OEMCrypto_ERROR_OPEN_FAILURE = 3,
|
|
OEMCrypto_ERROR_CLOSE_FAILURE = 4,
|
|
OEMCrypto_ERROR_ENTER_SECURE_PLAYBACK_FAILED = 5, /* deprecated */
|
|
OEMCrypto_ERROR_EXIT_SECURE_PLAYBACK_FAILED = 6, /* deprecated */
|
|
OEMCrypto_ERROR_SHORT_BUFFER = 7,
|
|
OEMCrypto_ERROR_NO_DEVICE_KEY = 8, /* no keybox device key. */
|
|
OEMCrypto_ERROR_NO_ASSET_KEY = 9,
|
|
OEMCrypto_ERROR_KEYBOX_INVALID = 10,
|
|
OEMCrypto_ERROR_NO_KEYDATA = 11,
|
|
OEMCrypto_ERROR_NO_CW = 12,
|
|
OEMCrypto_ERROR_DECRYPT_FAILED = 13,
|
|
OEMCrypto_ERROR_WRITE_KEYBOX = 14,
|
|
OEMCrypto_ERROR_WRAP_KEYBOX = 15,
|
|
OEMCrypto_ERROR_BAD_MAGIC = 16,
|
|
OEMCrypto_ERROR_BAD_CRC = 17,
|
|
OEMCrypto_ERROR_NO_DEVICEID = 18,
|
|
OEMCrypto_ERROR_RNG_FAILED = 19,
|
|
OEMCrypto_ERROR_RNG_NOT_SUPPORTED = 20,
|
|
OEMCrypto_ERROR_SETUP = 21,
|
|
OEMCrypto_ERROR_OPEN_SESSION_FAILED = 22,
|
|
OEMCrypto_ERROR_CLOSE_SESSION_FAILED = 23,
|
|
OEMCrypto_ERROR_INVALID_SESSION = 24,
|
|
OEMCrypto_ERROR_NOT_IMPLEMENTED = 25,
|
|
OEMCrypto_ERROR_NO_CONTENT_KEY = 26,
|
|
OEMCrypto_ERROR_CONTROL_INVALID = 27,
|
|
OEMCrypto_ERROR_UNKNOWN_FAILURE = 28,
|
|
OEMCrypto_ERROR_INVALID_CONTEXT = 29,
|
|
OEMCrypto_ERROR_SIGNATURE_FAILURE = 30,
|
|
OEMCrypto_ERROR_TOO_MANY_SESSIONS = 31,
|
|
OEMCrypto_ERROR_INVALID_NONCE = 32,
|
|
OEMCrypto_ERROR_TOO_MANY_KEYS = 33,
|
|
OEMCrypto_ERROR_DEVICE_NOT_RSA_PROVISIONED = 34,
|
|
OEMCrypto_ERROR_INVALID_RSA_KEY = 35,
|
|
OEMCrypto_ERROR_KEY_EXPIRED = 36,
|
|
OEMCrypto_ERROR_INSUFFICIENT_RESOURCES = 37,
|
|
OEMCrypto_ERROR_INSUFFICIENT_HDCP = 38,
|
|
OEMCrypto_ERROR_BUFFER_TOO_LARGE = 39,
|
|
OEMCrypto_WARNING_GENERATION_SKEW = 40, /* Warning, not error. */
|
|
OEMCrypto_ERROR_GENERATION_SKEW = 41,
|
|
OEMCrypto_LOCAL_DISPLAY_ONLY = 42, /* Info, not an error. */
|
|
OEMCrypto_ERROR_ANALOG_OUTPUT = 43,
|
|
OEMCrypto_ERROR_WRONG_PST = 44,
|
|
OEMCrypto_ERROR_WRONG_KEYS = 45,
|
|
OEMCrypto_ERROR_MISSING_MASTER = 46,
|
|
OEMCrypto_ERROR_LICENSE_INACTIVE = 47,
|
|
OEMCrypto_ERROR_ENTRY_NEEDS_UPDATE = 48,
|
|
OEMCrypto_ERROR_ENTRY_IN_USE = 49,
|
|
OEMCrypto_ERROR_USAGE_TABLE_UNRECOVERABLE = 50, /* Obsolete. Don't use. */
|
|
/* Use OEMCrypto_ERROR_NO_CONTENT_KEY instead of KEY_NOT_LOADED. */
|
|
OEMCrypto_KEY_NOT_LOADED = 51, /* Obsolete. */
|
|
OEMCrypto_KEY_NOT_ENTITLED = 52,
|
|
OEMCrypto_ERROR_BAD_HASH = 53,
|
|
OEMCrypto_ERROR_OUTPUT_TOO_LARGE = 54,
|
|
OEMCrypto_ERROR_SESSION_LOST_STATE = 55,
|
|
OEMCrypto_ERROR_SYSTEM_INVALIDATED = 56,
|
|
OEMCrypto_ERROR_LICENSE_RELOAD = 57,
|
|
OEMCrypto_ERROR_MULTIPLE_USAGE_ENTRIES = 58,
|
|
OEMCrypto_WARNING_MIXED_OUTPUT_PROTECTION = 59,
|
|
OEMCrypto_ERROR_INVALID_ENTITLED_KEY_SESSION = 60,
|
|
OEMCrypto_ERROR_NEEDS_KEYBOX_PROVISIONING = 61,
|
|
/* ODK return values */
|
|
ODK_ERROR_BASE = 1000,
|
|
ODK_ERROR_CORE_MESSAGE = ODK_ERROR_BASE,
|
|
ODK_SET_TIMER = ODK_ERROR_BASE + 1,
|
|
ODK_DISABLE_TIMER = ODK_ERROR_BASE + 2,
|
|
ODK_TIMER_EXPIRED = ODK_ERROR_BASE + 3,
|
|
ODK_UNSUPPORTED_API = ODK_ERROR_BASE + 4,
|
|
ODK_STALE_RENEWAL = ODK_ERROR_BASE + 5,
|
|
} OEMCryptoResult;
|
|
/* clang-format on */
|
|
|
|
/**
|
|
* Valid values for status in the usage table.
|
|
*/
|
|
typedef enum OEMCrypto_Usage_Entry_Status {
|
|
kUnused = 0,
|
|
kActive = 1,
|
|
kInactive = 2, /* Deprecated. Use kInactiveUsed or kInactiveUnused. */
|
|
kInactiveUsed = 3,
|
|
kInactiveUnused = 4,
|
|
} OEMCrypto_Usage_Entry_Status;
|
|
|
|
/**
|
|
* OEMCrypto_LicenseType is used in the license message to indicate if the key
|
|
* objects are for content keys, or for entitlement keys.
|
|
*/
|
|
typedef enum OEMCrypto_LicenseType {
|
|
OEMCrypto_ContentLicense = 0,
|
|
OEMCrypto_EntitlementLicense = 1,
|
|
OEMCrypto_LicenseType_MaxValue = OEMCrypto_EntitlementLicense,
|
|
} OEMCrypto_LicenseType;
|
|
|
|
/* Private key type used in the provisioning response. */
|
|
typedef enum OEMCrypto_PrivateKeyType {
|
|
OEMCrypto_RSA_Private_Key = 0,
|
|
OEMCrypto_ECC_Private_Key = 1,
|
|
} OEMCrypto_PrivateKeyType;
|
|
|
|
/**
|
|
* Used to indicate a substring of a signed message in OEMCrypto_LoadKeys and
|
|
* other functions which must verify that a parameter is contained within a
|
|
* signed message.
|
|
*/
|
|
typedef struct {
|
|
size_t offset;
|
|
size_t length;
|
|
} OEMCrypto_Substring;
|
|
|
|
/**
|
|
* Points to the relevant fields for a content key. The fields are extracted
|
|
* from the License Response message offered to OEMCrypto_LoadKeys(). Each
|
|
* field points to one of the components of the key. Key data, key control,
|
|
* and both IV fields are 128 bits (16 bytes):
|
|
* @param key_id: the unique id of this key.
|
|
* @param key_id_length: the size of key_id. OEMCrypto may assume this is at
|
|
* most 16. However, OEMCrypto shall correctly handle key id lengths
|
|
* from 1 to 16 bytes.
|
|
* @param key_data_iv: the IV for performing AES-128-CBC decryption of the
|
|
* key_data field.
|
|
* @param key_data - the key data. It is encrypted (AES-128-CBC) with the
|
|
* session's derived encrypt key and the key_data_iv.
|
|
* @param key_control_iv: the IV for performing AES-128-CBC decryption of the
|
|
* key_control field.
|
|
* @param key_control: the key control block. It is encrypted (AES-128-CBC) with
|
|
* the content key from the key_data field.
|
|
*
|
|
* The memory for the OEMCrypto_KeyObject fields is allocated and freed
|
|
* by the caller of OEMCrypto_LoadKeys().
|
|
*/
|
|
typedef struct {
|
|
OEMCrypto_Substring key_id;
|
|
OEMCrypto_Substring key_data_iv;
|
|
OEMCrypto_Substring key_data;
|
|
OEMCrypto_Substring key_control_iv;
|
|
OEMCrypto_Substring key_control;
|
|
} OEMCrypto_KeyObject;
|
|
|
|
/// @}
|
|
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
|
|
#endif // WIDEVINE_ODK_INCLUDE_OEMCRYPTOCENCCOMMON_H_
|