Source release 18.5.0

oemcrypto/odk/src/odk.c

@@ -9,6 +9,7 @@
 #include <stdio.h>
 #include <string.h>
 
+#include "odk_message.h"
 #include "odk_overflow.h"
 #include "odk_serialize.h"
 #include "odk_structs.h"
@@ -45,12 +46,23 @@ static OEMCryptoResult ODK_PrepareRequest(
    * message buffer has been correctly initialized by the caller. */
   switch (message_type) {
     case ODK_License_Request_Type: {
-      core_message->message_length = ODK_LICENSE_REQUEST_SIZE;
-      if (sizeof(ODK_PreparedLicenseRequest) > prepared_request_buffer_length) {
-        return ODK_ERROR_CORE_MESSAGE;
+      if (nonce_values->api_major_version > 17) {
+        core_message->message_length = ODK_LICENSE_REQUEST_SIZE;
+        if (sizeof(ODK_PreparedLicenseRequest) >
+            prepared_request_buffer_length) {
+          return ODK_ERROR_CORE_MESSAGE;
+        }
+        Pack_ODK_PreparedLicenseRequest(
+            &msg, (ODK_PreparedLicenseRequest*)prepared_request_buffer);
+      } else {
+        core_message->message_length = ODK_LICENSE_REQUEST_SIZE_V17;
+        if (sizeof(ODK_PreparedLicenseRequestV17) >
+            prepared_request_buffer_length) {
+          return ODK_ERROR_CORE_MESSAGE;
+        }
+        Pack_ODK_PreparedLicenseRequestV17(
+            &msg, (ODK_PreparedLicenseRequestV17*)prepared_request_buffer);
       }
-      Pack_ODK_PreparedLicenseRequest(
-          &msg, (ODK_PreparedLicenseRequest*)prepared_request_buffer);
       break;
     }
     case ODK_Renewal_Request_Type: {
@@ -63,13 +75,23 @@ static OEMCryptoResult ODK_PrepareRequest(
       break;
     }
     case ODK_Provisioning_Request_Type: {
-      core_message->message_length = ODK_PROVISIONING_REQUEST_SIZE;
-      if (sizeof(ODK_PreparedProvisioningRequest) >
-          prepared_request_buffer_length) {
-        return ODK_ERROR_CORE_MESSAGE;
+      if (nonce_values->api_major_version > 17) {
+        core_message->message_length = ODK_PROVISIONING_REQUEST_SIZE;
+        if (sizeof(ODK_PreparedProvisioningRequest) >
+            prepared_request_buffer_length) {
+          return ODK_ERROR_CORE_MESSAGE;
+        }
+        Pack_ODK_PreparedProvisioningRequest(
+            &msg, (ODK_PreparedProvisioningRequest*)prepared_request_buffer);
+      } else {
+        core_message->message_length = ODK_PROVISIONING_REQUEST_SIZE_V17;
+        if (sizeof(ODK_PreparedProvisioningRequestV17) >
+            prepared_request_buffer_length) {
+          return ODK_ERROR_CORE_MESSAGE;
+        }
+        Pack_ODK_PreparedProvisioningRequestV17(
+            &msg, (ODK_PreparedProvisioningRequestV17*)prepared_request_buffer);
       }
-      Pack_ODK_PreparedProvisioningRequest(
-          &msg, (ODK_PreparedProvisioningRequest*)prepared_request_buffer);
       break;
     }
     case ODK_Provisioning40_Request_Type: {
@@ -186,12 +208,19 @@ OEMCryptoResult ODK_PrepareCoreLicenseRequest(
       counter_info == NULL) {
     return ODK_ERROR_CORE_MESSAGE;
   }
-  ODK_PreparedLicenseRequest license_request = {0};
-  memcpy(&license_request.counter_info, counter_info,
-         sizeof(license_request.counter_info));
-  return ODK_PrepareRequest(
-      message, message_length, core_message_size, ODK_License_Request_Type,
-      nonce_values, &license_request, sizeof(ODK_PreparedLicenseRequest));
+  if (nonce_values->api_major_version > 17) {
+    ODK_PreparedLicenseRequest license_request = {0};
+    memcpy(&license_request.counter_info, counter_info,
+           sizeof(license_request.counter_info));
+    return ODK_PrepareRequest(
+        message, message_length, core_message_size, ODK_License_Request_Type,
+        nonce_values, &license_request, sizeof(ODK_PreparedLicenseRequest));
+  } else {
+    ODK_PreparedLicenseRequestV17 license_request = {0};
+    return ODK_PrepareRequest(
+        message, message_length, core_message_size, ODK_License_Request_Type,
+        nonce_values, &license_request, sizeof(ODK_PreparedLicenseRequestV17));
+  }
 }
 
 OEMCryptoResult ODK_PrepareCoreRenewalRequest(uint8_t* message,
@@ -250,14 +279,22 @@ OEMCryptoResult ODK_PrepareCoreProvisioningRequest(
       counter_info == NULL) {
     return ODK_ERROR_CORE_MESSAGE;
   }
-  ODK_PreparedProvisioningRequest provisioning_request = {0};
-  memcpy(&provisioning_request.counter_info, counter_info,
-         sizeof(ODK_MessageCounterInfo));
+  if (nonce_values->api_major_version > 17) {
+    ODK_PreparedProvisioningRequest provisioning_request = {0};
+    memcpy(&provisioning_request.counter_info, counter_info,
+           sizeof(ODK_MessageCounterInfo));
 
-  return ODK_PrepareRequest(message, message_length, core_message_length,
-                            ODK_Provisioning_Request_Type, nonce_values,
-                            &provisioning_request,
-                            sizeof(ODK_PreparedProvisioningRequest));
+    return ODK_PrepareRequest(message, message_length, core_message_length,
+                              ODK_Provisioning_Request_Type, nonce_values,
+                              &provisioning_request,
+                              sizeof(ODK_PreparedProvisioningRequest));
+  } else {
+    ODK_PreparedProvisioningRequestV17 provisioning_request = {0};
+    return ODK_PrepareRequest(message, message_length, core_message_length,
+                              ODK_Provisioning_Request_Type, nonce_values,
+                              &provisioning_request,
+                              sizeof(ODK_PreparedProvisioningRequestV17));
+  }
 }
 
 OEMCryptoResult ODK_PrepareCoreProvisioning40Request(
@@ -434,10 +471,14 @@ OEMCryptoResult ODK_ParseRenewal(const uint8_t* message, size_t message_length,
    */
   /* If a renewal request is lost in transit, we should throw it out and create
    * a new one. We use the timestamp to make sure we have the latest request.
-   * We only do this if playback has already started. This allows us to reload
-   * an offline license and also reload a renewal before starting playback.
+   * We only do this if a renewal has been requested for this session. This
+   * allows us to reload an offline license and also reload a renewal from a
+   * previous session before starting playback.
+   * TODO: b/290249855 - This is reversed. It should be "!=" instead of "<".
+   * We will not fix this in the current release, because it is already in
+   * production code. Instead, this will be fixed in v19.
    */
-  if (clock_values->timer_status != ODK_CLOCK_TIMER_STATUS_LICENSE_LOADED &&
+  if (clock_values->time_of_renewal_request > 0 &&
       clock_values->time_of_renewal_request <
           renewal_response.request.playback_time) {
     return ODK_STALE_RENEWAL;
@@ -489,14 +530,6 @@ OEMCryptoResult ODK_ParseProvisioning(
                       device_id_length) != 0) {
       return ODK_ERROR_CORE_MESSAGE;
     }
-
-    const uint8_t zero[ODK_DEVICE_ID_LEN_MAX] = {0};
-    /* check bytes beyond device_id_length are 0 */
-    if (crypto_memcmp(
-            zero, provisioning_response.request.device_id + device_id_length,
-            ODK_DEVICE_ID_LEN_MAX - device_id_length) != 0) {
-      return ODK_ERROR_CORE_MESSAGE;
-    }
   } else {
     // v18
     ODK_ProvisioningResponse provisioning_response = {0};