Source release 17.1.2

oemcrypto/include/OEMCryptoCENC.h

@@ -121,7 +121,7 @@
  * application or the license server.
  *
  * @defgroup drm_cert DRM Certificate Provisioning API
- * This section of functions are used to provision the device with an DRM
+ * This section of functions are used to provision the device with a DRM
  * certificate.  This certificate is obtained by a device in the field from a
  * Google/Widevine provisioning server, or from a third party server running the
  * Google/Widevine provisioning server SDK.  Since the DRM certificate may be
@@ -574,6 +574,13 @@ typedef enum OEMCrypto_WatermarkingSupport {
 
 /**
  * Obfuscation Renames.
+ *
+ * The function signatures of each oecc obfuscated name should remain static
+ * across multiple versions. When we want to change the function signature of a
+ * function, we will give the new signature a new oecc number and keep the
+ * original oecc name with the original function signature. This allows us to
+ * maintain backwards compatibility when the CDM loads an older version of
+ * liboemcrypto.so using dlopen.
  */
 // clang-format off
 #define OEMCrypto_Initialize                  _oecc01
@@ -702,6 +709,7 @@ typedef enum OEMCrypto_WatermarkingSupport {
 #define OEMCrypto_ReuseUsageEntry             _oecc127
 #define OEMCrypto_GetDTCP2Capability          _oecc128
 #define OEMCrypto_GetWatermarkingSupport      _oecc129
+#define OEMCrypto_GetOEMKeyToken              _oecc130
 // clang-format on
 
 /// @addtogroup initcontrol
@@ -917,6 +925,9 @@ OEMCryptoResult OEMCrypto_CloseSession(OEMCrypto_SESSION session);
 
 /**
  * This method creates an entitled key session.
+ * OEMCrypto is required to support at least one entitled key session per
+ * license. For CAS support, we also require that OEMCrypto support at least
+ * six entitled key sessions per license.
  *
  * @param[in] oec_session: handle for the OEMCrypto session to be associated
  *    with the created entitled key session.
@@ -925,6 +936,14 @@ OEMCryptoResult OEMCrypto_CloseSession(OEMCrypto_SESSION session);
  * @retval OEMCrypto_SUCCESS success
  * @retval OEMCrypto_ERROR_NOT_IMPLEMENTED
  * @retval OEMCrypto_ERROR_INVALID_SESSION
+ * @retval OEMCrypto_ERROR_TOO_MANY_SESSIONS
+ *
+ * @threading
+ *   This is a "Session Function" and may be called simultaneously with session
+ *   functions for other sessions but not simultaneously with other functions
+ *   for this oec_session. It will not be called simultaneously with
+ *   initialization or usage table functions. It is as if the CDM holds a write
+ *   lock for this session, and a read lock on the OEMCrypto system.
  *
  * @version
  *   This method is new in API version 17.
@@ -942,6 +961,13 @@ OEMCryptoResult OEMCrypto_CreateEntitledKeySession(
  * @retval OEMCrypto_ERROR_NOT_IMPLEMENTED
  * @retval OEMCrypto_ERROR_INVALID_ENTITLED_KEY_SESSION
  *
+ * @threading
+ *   This is a "Session Function" and may be called simultaneously with session
+ *   functions for other sessions but not simultaneously with other functions
+ *   for this session. It will not be called simultaneously with initialization
+ *   or usage table functions. It is as if the CDM holds a write lock for this
+ *   session, and a read lock on the OEMCrypto system.
+ *
  * @version
  *   This method is new in API version 17.
  */
@@ -1796,18 +1822,18 @@ OEMCryptoResult OEMCrypto_LoadLicense(OEMCrypto_SESSION session,
                                       size_t signature_length);
 
 /**
- * Load content keys into a session which already has entitlement keys
- * loaded. This function will only be called for a session after a call to
- * OEMCrypto_LoadKeys() with the parameter type license_type equal to
- * OEMCrypto_EntitlementLicense. This function may be called multiple times
+ * Load content keys into an entitled session which is associated with an
+ * entitlement sessions. This function will only be called for an entitled
+ * session after a call to OEMCrypto_LoadLicense() has been called on the
+ * associated entitlement session. This function may be called multiple times
  * for the same session.
  *
- * If the session does not have license_type equal to
- * OEMCrypto_EntitlementLicense, return OEMCrypto_ERROR_INVALID_CONTEXT and
- * perform no work.
+ * If the session is not an entitled session, return
+ * OEMCrypto_ERROR_INVALID_CONTEXT and perform no work.
  *
  * For each key object in key_array, OEMCrypto shall look up the entry in the
- * key table with the corresponding entitlement_key_id.
+ * key table for the entitlement session with the corresponding
+ * entitlement_key_id.
  *
  *   1. If no entry is found, return OEMCrypto_KEY_NOT_ENTITLED.
  *   2. If the entry already has a content_key_id and content_key_data, that
@@ -1841,12 +1867,19 @@ OEMCryptoResult OEMCrypto_LoadLicense(OEMCrypto_SESSION session,
  * @retval OEMCrypto_ERROR_SYSTEM_INVALIDATED
  * @retval OEMCrypto_ERROR_INVALID_ENTITLED_KEY_SESSION
  *
+ * @buffer_size
+ *   OEMCrypto shall support message sizes as described in the section
+ *   OEMCrypto_ResourceRatingTier().
+ *   OEMCrypto shall return OEMCrypto_ERROR_BUFFER_TOO_LARGE if the buffer is
+ *   larger than the supported size.
+ *
  * @threading
  *   This is a "Session Function" and may be called simultaneously with session
  *   functions for other sessions but not simultaneously with other functions
- *   for this session. It will not be called simultaneously with initialization
- *   or usage table functions. It is as if the CDM holds a write lock for this
- *   session, and a read lock on the OEMCrypto system.
+ *   for this session, or its entitlement session. It will not be called
+ *   simultaneously with initialization or usage table functions. It is as if
+ *   the CDM holds a write lock for this session, and a read lock on the
+ *   OEMCrypto system.
  *
  * @version
  *   This method changed in API version 17.
@@ -3868,11 +3901,14 @@ OEMCrypto_WatermarkingSupport OEMCrypto_GetWatermarkingSupport(void);
  * key and signing key generated using an algorithm at least as strong as
  * that in GenerateDerivedKeys.
  *
- * First, OEMCrypto shall verify the signature of the message using
- * HMAC-SHA256 with the derived mac_key[server]. The signature verification
- * shall use a constant-time algorithm (a signature mismatch will always take
- * the same time as a successful comparison). The signature is over the
- * entire message buffer starting at message with length message_length. If
+ * First, OEMCrypto shall verify the signature of the message using the correct
+ * algorithm depending on if the device supports Provisioning 2.0, 3.0 or 4.0.
+ *
+ * For Provisioning 2.0, OEMCrypto shall verify the signature of the message
+ * using HMAC-SHA256 with the derived mac_key[server]. The signature
+ * verification shall use a constant-time algorithm (a signature mismatch will
+ * always take the same time as a successful comparison). The signature is over
+ * the entire message buffer starting at message with length message_length. If
  * the signature verification fails, ignore all other arguments and return
  * OEMCrypto_ERROR_SIGNATURE_FAILURE.
  *
@@ -3880,7 +3916,10 @@ OEMCrypto_WatermarkingSupport OEMCrypto_GetWatermarkingSupport(void);
  * and encrypt_key with a call to OEMCrypto_DeriveKeysFromSessionKey() or
  * OEMCrypto_GenerateDerivedKeys().
  *
- * The function ODK_ParseProvisioning is called to parse the message. If it
+ * For Provisioning 3.0 and 4.0, the signature is not verified.
+ *
+ * After the signature is verified,
+ * the function ODK_ParseProvisioning is called to parse the message. If it
  * returns an error, OEMCrypto shall return that error to the CDM layer. The
  * function ODK_ParseProvisioning is described in the document "Widevine Core
  * Message Serialization".
@@ -4157,7 +4196,7 @@ OEMCryptoResult OEMCrypto_GenerateRSASignature(
     RSA_Padding_Scheme padding_scheme);
 
 /**
- * OEMCrypto will use OEMCrypto_PrepAndSignProvisioningRequest(), as described
+ * OEMCrypto will use ODK_PrepareCoreProvisioningRequest(), as described
  * in the document "Widevine Core Message Serialization", to prepare the core
  * message. If it returns an error, the error should be returned by OEMCrypto
  * to the CDM layer. If it returns OEMCrypto_SUCCESS, then OEMCrypto shall
@@ -4168,11 +4207,17 @@ OEMCryptoResult OEMCrypto_GenerateRSASignature(
  * the request with the session's derived client mac key from the previous
  * call to OEMCrypto_GenerateDerivedKeys().
  *
- * For a device that has an OEM Certificate, i.e. Provisioning 3.0, OEMCrypto
- * will sign the request with the private key associated with the OEM
+ * For Provisioning 3.0, i.e. a device that has a baked in OEM Certificate,
+ * OEMCrypto will sign the request with the private key associated with the OEM
  * Certificate. The key shall have been loaded by a previous call to
  * OEMCrypto_LoadDRMPrivateKey().
  *
+ * For Provisioning 4.0, i.e. a device that uses a Boot Chain Certificate to
+ * request and OEM cert, a request for an OEM cert is signed by the OEM private
+ * key. A request for a DRM cert is signed by the DRM private key. The DRM cert
+ * that was generated on the device in OEMCrypto_GenerateCertificateKeyPair() is
+ * signed by the OEM cert private key.
+ *
  * Refer to the Signing Messages Sent to a Server section above for more
  * details.
  *
@@ -4799,11 +4844,54 @@ OEMCryptoResult OEMCrypto_GetBootCertificateChain(
  * key is supposed to be certified by the server. The private key is wrapped
  * with the encryption key so it can be stored in the file system.
  *
- * If an OEM private key is unavailable, the request is assumed for OEM
+ * The |public_key_signature| output is formatted differently depending
+ * on whether or not an OEM private key has been loaded.
+ *
+ * If an OEM private key is unavailable, the request is assumed to be for OEM
  * certificate provisioning. In this case, the public key is signed by the
- * device private key. If an OEM private key is available, the request is
- * assumed for DRM certificate provisioning and the public key is signed by the
- * OEM private key.
+ * device private key. The format of |public_key_signature| in this case is a
+ * COSE_Sign1 CBOR array. The format is described in RFC 8152 Section 4.2 and
+ * 4.4, as well as Android IRemotelyProvisionedComponent.aidl (under
+ * "SignedData<Data>")
+ *
+ *   |public_key_signature|: COSE_Sign1 CBOR array
+ *   [
+ *     protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 /
+ *                                 AlgorithmES384 },
+ *     unprotected: {},
+ *     payload: bstr .cbor Data / nil,
+ *     signature: bstr      ; PureEd25519(priv_key, Sig_structure) /
+ *                          ; ECDSA(priv_key, Sig_structure)
+ *   ]
+ *
+ * Notes:
+ *   1. The payload field in the COSE_Sign1 struct is the public key generated
+ *      by OEMCrypto_GenerateCertificateKeyPair
+ *   2. The signature field in the COSE_Sign1 struct is the concatenation of the
+ *      (R,S) values from the EC/Ed signature. If either R or S is smaller than
+ *      the key size, it is left-padded with 0 to match the key size as
+ *      described in RFC 8152. This signature is not DER encoded.
+ *   3. The signature is generated by calling the selected EC signing function
+ *      (PureEd25519 or one of the supported ECDSA algorithms) on
+ *      `Sig_structure`, which is a CBOR array described below. The payload
+ *      field in Sig_structure is the same as the payload in the above
+ *      COSE_Sign1 CBOR array.
+ *
+ *   Sig_structure: CBOR array
+ *   [
+ *     context: "Signature1",
+ *     protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 /
+ *                                 AlgorithmES384 },
+ *     external_aad: bstr .size 0,
+ *     payload: bstr .cbor Data / nil,
+ *   ]
+ *
+ * If an OEM private key is available, the request is assumed to be for DRM
+ * certificate provisioning and the public key is signed by the OEM private key.
+ * If the OEM private key is an RSA key, then |public_key_signature| is the raw
+ * output of the RSA sign operation with RSASSA-PSS padding. If the OEM private
+ * key is an ECC key, then |public_key_signature| is the ASN.1 DER-encoded (R,S)
+ * signature as specified in RFC 3279 2.2.3.
  *
  * @param[in] session: session id.
  * @param[out] public_key: pointer to the buffer that receives the public key
@@ -4812,11 +4900,8 @@ OEMCryptoResult OEMCrypto_GetBootCertificateChain(
  * @param[in,out] public_key_length: on input, size of the caller's public_key
  *    buffer. On output, the number of bytes written into the buffer.
  * @param[out] public_key_signature: pointer to the buffer that receives the
- *    signature of the public key.
- *    If an OEM private key is unavailable: it is signed by the device private
- *    key. The signature must be in COSE_SIGN1 format as specified in RFC 8152.
- *    If an OEM private key is available: it is signed by the OEM private key.
- *    The signature must be raw signature bytes.
+ *    signature of the public key. The format depends on whether an OEM private
+ *    key has been loaded.
  * @param[in,out] public_key_signature_length: on input, size of the caller's
  *    public_key_signature buffer. On output, the number of bytes written into
  *    the buffer.
@@ -5114,11 +5199,9 @@ OEMCryptoResult OEMCrypto_InstallOemPrivateKey(
  * @retval OEMCrypto_ERROR_INVALID_SESSION
  *
  * @threading
- *   This is a "Session Function" and may be called simultaneously with session
- *   functions for other sessions but not simultaneously with other functions
- *   for this session. It will not be called simultaneously with initialization
- *   or usage table functions. It is as if the CDM holds a write lock for this
- *   session, and a read lock on the OEMCrypto system.
+ *   This is a "Session Initialization Function" and will not be called
+ *   simultaneously with any other function, as if the CDM holds a write lock
+ *   on the OEMCrypto system.
  *
  * @version
  *   This method is new in API version 17.
@@ -5306,6 +5389,31 @@ OEMCryptoResult OEMCrypto_ProcessOTAKeybox(OEMCrypto_SESSION session,
                                            const uint8_t* buffer,
                                            size_t buffer_length,
                                            uint32_t use_test_key);
+/**
+ * Retrieves the key token associated with the input entitled key session. This
+ * method is currently used only by CAS, where key token is a means to share
+ * vendor specific crypto info with other frameworks (e.g. Descrambler in
+ * Android TunerHAL) that are also under control of the vendor.
+ *
+ * @param[in] key_session: handle for the entitled key session to be used.
+ * @param[out] key_token: where the key token is stored.
+ * @param[in,out] key_token_length: length of the key token, in bytes.
+ *
+ * @retval OEMCrypto_SUCCESS on success
+ * @retval OEMCrypto_ERROR_SHORT_BUFFER if buffer_length is too small.
+ * @retval OEMCrypto_ERROR_NOT_IMPLEMENTED
+ *
+ * @threading
+ *   This is an "Initialization and Termination Function" and will not be called
+ *   simultaneously with any other function, as if the CDM holds a write lock on
+ *   the OEMCrypto system.
+ *
+ * @version
+ *   This method is new in API version 17.
+ */
+OEMCryptoResult OEMCrypto_GetOEMKeyToken(OEMCrypto_SESSION key_session,
+                                         uint8_t* key_token,
+                                         size_t* key_token_length);
 
 /****************************************************************************/
 /****************************************************************************/

oemcrypto/odk/include/OEMCryptoCENCCommon.h

@@ -139,6 +139,7 @@ typedef enum OEMCrypto_LicenseType {
 typedef enum OEMCrypto_PrivateKeyType {
   OEMCrypto_RSA_Private_Key = 0,
   OEMCrypto_ECC_Private_Key = 1,
+  OEMCrypto_PrivateKeyType_MaxValue = OEMCrypto_ECC_Private_Key,
 } OEMCrypto_PrivateKeyType;
 
 /**

oemcrypto/odk/include/core_message_features.h

@@ -25,10 +25,9 @@ struct CoreMessageFeatures {
 
   // This is the published version of the ODK Core Message library. The default
   // behavior is for the server to restrict messages to at most this version
-  // number. The default is 16.5, the last version used by Chrome. This will
-  // change to 17.0 when v17 has been released.
+  // number. The default is 17.2.
   uint32_t maximum_major_version = 17;
-  uint32_t maximum_minor_version = 0;
+  uint32_t maximum_minor_version = 2;
 
   bool operator==(const CoreMessageFeatures &other) const;
   bool operator!=(const CoreMessageFeatures &other) const {

oemcrypto/odk/include/odk_message.h

@@ -36,10 +36,12 @@ extern "C" {
 
 #if defined(__GNUC__) || defined(__clang__)
 #define ALIGNED __attribute__((aligned))
+#elif _MSC_VER
+#define ALIGNED __declspec(align(8))
 #else
 #define ALIGNED
 #error ODK_Message must be aligned to the maximum useful alignment of the \
-  machine you are compiling for. Define the ALIGNED macro accordingly.
+    machine you are compiling for. Define the ALIGNED macro accordingly.
 #endif
 
 typedef struct {
@@ -61,7 +63,8 @@ typedef enum {
   MESSAGE_STATUS_NOT_INITIALIZED = 0x2990b6c6,
   MESSAGE_STATUS_OUT_OF_MEMORY = 0x7c5c64cc,
   MESSAGE_STATUS_MAP_SHARED_MEMORY_FAILED = 0x7afecacf,
-  MESSAGE_STATUS_SECURE_BUFFER_ERROR = 0x78f0e873
+  MESSAGE_STATUS_SECURE_BUFFER_ERROR = 0x78f0e873,
+  MESSAGE_STATUS_BUFFER_TOO_LARGE = 0x5bfcfb21
 } ODK_MessageStatus;
 
 /*

oemcrypto/odk/include/odk_structs.h

@@ -16,10 +16,10 @@ extern "C" {
 
 /* The version of this library. */
 #define ODK_MAJOR_VERSION 17
-#define ODK_MINOR_VERSION 1
+#define ODK_MINOR_VERSION 2
 
 /* ODK Version string. Date changed automatically on each release. */
-#define ODK_RELEASE_DATE "ODK v17.1 2022-06-17"
+#define ODK_RELEASE_DATE "ODK v17.2 2022-11-21"
 
 /* The lowest version number for an ODK message. */
 #define ODK_FIRST_VERSION 16

oemcrypto/odk/src/core_message_features.cpp

@@ -23,7 +23,7 @@ CoreMessageFeatures CoreMessageFeatures::DefaultFeatures(
       features.maximum_minor_version = 5;  // 16.5
       break;
     case 17:
-      features.maximum_minor_version = 1;  // 17.1
+      features.maximum_minor_version = 2;  // 17.2
       break;
     default:
       features.maximum_minor_version = 0;

oemcrypto/odk/src/odk_endian.h

@@ -25,6 +25,14 @@ extern "C" {
 #define oemcrypto_be32toh OSSwapBigToHostInt32
 #define oemcrypto_htobe64 OSSwapHostToBigInt64
 #define oemcrypto_be64toh OSSwapBigToHostInt64
+#elif defined(_WIN32)
+#include <winsock2.h>
+#define oemcrypto_htobe16 htons
+#define oemcrypto_be16toh ntohs
+#define oemcrypto_htobe32 htonl
+#define oemcrypto_be32toh ntohl
+#define oemcrypto_htobe64 htonll
+#define oemcrypto_be64toh ntohll
 #else  /* defined(__linux__) || defined(__ANDROID__) */
 uint32_t oemcrypto_htobe16(uint16_t u16);
 uint32_t oemcrypto_be16toh(uint16_t u16);

oemcrypto/odk/src/odk_serialize.c

@@ -212,7 +212,7 @@ static void Unpack_ODK_ParsedLicense(ODK_Message* msg, ODK_ParsedLicense* obj) {
   Unpack_OEMCrypto_Substring(msg, &obj->enc_mac_keys);
   Unpack_OEMCrypto_Substring(msg, &obj->pst);
   Unpack_OEMCrypto_Substring(msg, &obj->srm_restriction_data);
-  obj->license_type = (OEMCrypto_LicenseType)Unpack_enum(msg);
+  Unpack_OEMCrypto_LicenseType(msg, &obj->license_type);
   Unpack_bool(msg, &obj->nonce_required);
   Unpack_ODK_TimerLimits(msg, &obj->timer_limits);
   Unpack_uint32_t(msg, &obj->watermarking);
@@ -270,7 +270,7 @@ static void Unpack_ODK_ParsedLicenseV16(ODK_Message* msg,
   Unpack_OEMCrypto_Substring(msg, &obj->enc_mac_keys);
   Unpack_OEMCrypto_Substring(msg, &obj->pst);
   Unpack_OEMCrypto_Substring(msg, &obj->srm_restriction_data);
-  obj->license_type = (OEMCrypto_LicenseType)Unpack_enum(msg);
+  Unpack_OEMCrypto_LicenseType(msg, &obj->license_type);
   Unpack_bool(msg, &obj->nonce_required);
   Unpack_ODK_TimerLimits(msg, &obj->timer_limits);
   Unpack_uint32_t(msg, &obj->key_array_length);
@@ -286,7 +286,7 @@ static void Unpack_ODK_ParsedLicenseV16(ODK_Message* msg,
 
 static void Unpack_ODK_ParsedProvisioning(ODK_Message* msg,
                                           ODK_ParsedProvisioning* obj) {
-  obj->key_type = (OEMCrypto_PrivateKeyType)Unpack_enum(msg);
+  Unpack_OEMCrypto_PrivateKeyType(msg, &obj->key_type);
   Unpack_OEMCrypto_Substring(msg, &obj->enc_private_key);
   Unpack_OEMCrypto_Substring(msg, &obj->enc_private_key_iv);
   Unpack_OEMCrypto_Substring(msg, &obj->encrypted_message_key);

oemcrypto/odk/src/serialization_base.c

@@ -108,10 +108,28 @@ static void UnpackBytes(ODK_Message* message, uint8_t* ptr, size_t count) {
   }
 }
 
-int Unpack_enum(ODK_Message* message) {
-  uint32_t v32;
+void Unpack_OEMCrypto_LicenseType(ODK_Message* message,
+                                  OEMCrypto_LicenseType* value) {
+  assert(value);
+  uint32_t v32 = 0;
   Unpack_uint32_t(message, &v32);
-  return (int)v32;
+  if (v32 <= OEMCrypto_LicenseType_MaxValue) {
+    *value = (OEMCrypto_LicenseType)v32;
+  } else {
+    ODK_Message_SetStatus(message, MESSAGE_STATUS_PARSE_ERROR);
+  }
+}
+
+void Unpack_OEMCrypto_PrivateKeyType(ODK_Message* message,
+                                     OEMCrypto_PrivateKeyType* value) {
+  assert(value);
+  uint32_t v32 = 0;
+  Unpack_uint32_t(message, &v32);
+  if (v32 <= OEMCrypto_PrivateKeyType_MaxValue) {
+    *value = (OEMCrypto_PrivateKeyType)v32;
+  } else {
+    ODK_Message_SetStatus(message, MESSAGE_STATUS_PARSE_ERROR);
+  }
 }
 
 void Unpack_bool(ODK_Message* message, bool* value) {

oemcrypto/odk/src/serialization_base.h

@@ -25,7 +25,10 @@ void PackArray(ODK_Message* message, const uint8_t* base, size_t size);
 void Pack_OEMCrypto_Substring(ODK_Message* message,
                               const OEMCrypto_Substring* obj);
 
-int Unpack_enum(ODK_Message* message);
+void Unpack_OEMCrypto_LicenseType(ODK_Message* message,
+                                  OEMCrypto_LicenseType* value);
+void Unpack_OEMCrypto_PrivateKeyType(ODK_Message* message,
+                                     OEMCrypto_PrivateKeyType* value);
 void Unpack_bool(ODK_Message* message, bool* value);
 void Unpack_uint8_t(ODK_Message* message, uint8_t* value);
 void Unpack_uint16_t(ODK_Message* message, uint16_t* value);

oemcrypto/odk/test/odk_test.cpp

@@ -872,6 +872,7 @@ std::vector<VersionParameters> TestCases() {
       {17, 16, 5, 16, 5},
       {17, 17, 0, 17, 0},
       {17, 17, 1, 17, 1},
+      {17, 17, 2, 17, 2},
   };
   return test_cases;
 }

oemcrypto/odk/test/odk_test.gypi

@@ -4,6 +4,8 @@
 
 {
   'sources': [
+    'odk_golden_v16.cpp',
+    'odk_golden_v17.cpp',
     'odk_test.cpp',
     'odk_test_helper.cpp',
     'odk_test_helper.h',

oemcrypto/test/GEN_api_lock_file.c

@@ -0,0 +1,306 @@
+// Copyright 2019 Google LLC. All Rights Reserved. This file and proprietary
+// source code may only be used and distributed under the Widevine License
+// Agreement.
+//
+// This code is semi-auto-generated, do not edit unless you know what you are
+// doing. The script oemcrypto/lock-api-for-release will append to this file.
+//
+// If this file does not build, then you have modified an OEMCrypto API
+// function.  Instead, you should rename the old function and give the modified
+// function a new oecc number.
+
+#include "OEMCryptoCENC.h"
+
+// This initial generation of this file was for v16.4, so older functions will
+// not have an accurate version number.
+
+OEMCryptoResult _oecc84(const uint8_t* sandbox_id, size_t sandbox_id_length);
+OEMCryptoResult _oecc01(void);
+OEMCryptoResult _oecc02(void);
+OEMCryptoResult _oecc09(OEMCrypto_SESSION* session);
+OEMCryptoResult _oecc10(OEMCrypto_SESSION session);
+OEMCryptoResult _oecc95(OEMCrypto_SESSION session,
+                        const OEMCrypto_SharedMemory* mac_key_context,
+                        size_t mac_key_context_length,
+                        const OEMCrypto_SharedMemory* enc_key_context,
+                        size_t enc_key_context_length);
+OEMCryptoResult _oecc21(OEMCrypto_SESSION session,
+                        const uint8_t* derivation_key,
+                        size_t derivation_key_length,
+                        const OEMCrypto_SharedMemory* mac_key_context,
+                        size_t mac_key_context_length,
+                        const OEMCrypto_SharedMemory* enc_key_context,
+                        size_t enc_key_context_length);
+OEMCryptoResult _oecc14(OEMCrypto_SESSION session, uint32_t* nonce);
+OEMCryptoResult _oecc96(OEMCrypto_SESSION session, uint8_t* message,
+                        size_t message_length, size_t* core_message_size,
+                        uint8_t* signature, size_t* signature_length);
+OEMCryptoResult _oecc97(OEMCrypto_SESSION session, uint8_t* message,
+                        size_t message_length, size_t* core_message_size,
+                        uint8_t* signature, size_t* signature_length);
+OEMCryptoResult _oecc98(OEMCrypto_SESSION session, uint8_t* message,
+                        size_t message_length, size_t* core_message_size,
+                        uint8_t* signature, size_t* signature_length);
+OEMCryptoResult _oecc55(const uint8_t* buffer, size_t buffer_length);
+OEMCryptoResult _oecc83(
+    OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
+    const uint8_t* signature, size_t signature_length,
+    OEMCrypto_Substring enc_mac_keys_iv, OEMCrypto_Substring enc_mac_keys,
+    size_t key_array_length, const OEMCrypto_KeyObject* key_array,
+    OEMCrypto_Substring pst, OEMCrypto_Substring srm_restriction_data,
+    OEMCrypto_LicenseType license_type);
+OEMCryptoResult _oecc99(OEMCrypto_SESSION session, const uint8_t* message,
+                        size_t message_length, size_t core_message_length,
+                        const uint8_t* signature, size_t signature_length);
+OEMCryptoResult _oecc92(
+    OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
+    size_t key_array_length,
+    const OEMCrypto_EntitledContentKeyObject_V16* key_array);
+OEMCryptoResult _oecc91(OEMCrypto_SESSION session, const uint8_t* message,
+                        size_t message_length, const uint8_t* signature,
+                        size_t signature_length, size_t num_keys,
+                        const OEMCrypto_KeyRefreshObject* key_array);
+OEMCryptoResult _oecc101(OEMCrypto_SESSION session, const uint8_t* message,
+                         size_t message_length, size_t core_message_length,
+                         const uint8_t* signature, size_t signature_length);
+OEMCryptoResult _oecc41(OEMCrypto_SESSION session,
+                        const uint8_t* content_key_id,
+                        size_t content_key_id_length,
+                        uint8_t* key_control_block,
+                        size_t* key_control_block_length);
+OEMCryptoResult _oecc81(OEMCrypto_SESSION session,
+                        const uint8_t* content_key_id,
+                        size_t content_key_id_length,
+                        OEMCryptoCipherMode cipher_mode);
+OEMCryptoResult _oecc105(
+    OEMCrypto_SESSION session,
+    const OEMCrypto_SampleDescription* samples,  // an array of samples.
+    size_t samples_length,                       // the number of samples.
+    const OEMCrypto_CENCEncryptPatternDesc* pattern);
+OEMCryptoResult _oecc93(OEMCrypto_SESSION session,
+                        const OEMCrypto_SharedMemory* data_addr,
+                        size_t data_addr_length,
+                        const OEMCrypto_DestBufferDesc* out_buffer_descriptor,
+                        uint8_t subsample_flags);
+OEMCryptoResult _oecc24(OEMCrypto_SESSION session,
+                        const OEMCrypto_SharedMemory* in_buffer,
+                        size_t in_buffer_length, const uint8_t* iv,
+                        OEMCrypto_Algorithm algorithm,
+                        OEMCrypto_SharedMemory* out_buffer);
+OEMCryptoResult _oecc25(OEMCrypto_SESSION session,
+                        const OEMCrypto_SharedMemory* in_buffer,
+                        size_t in_buffer_length, const uint8_t* iv,
+                        OEMCrypto_Algorithm algorithm,
+                        OEMCrypto_SharedMemory* out_buffer);
+OEMCryptoResult _oecc26(OEMCrypto_SESSION session,
+                        const OEMCrypto_SharedMemory* buffer,
+                        size_t buffer_length, OEMCrypto_Algorithm algorithm,
+                        OEMCrypto_SharedMemory* signature,
+                        size_t* signature_length);
+OEMCryptoResult _oecc27(OEMCrypto_SESSION session,
+                        const OEMCrypto_SharedMemory* buffer,
+                        size_t buffer_length, OEMCrypto_Algorithm algorithm,
+                        const OEMCrypto_SharedMemory* signature,
+                        size_t signature_length);
+OEMCryptoResult _oecc08(const uint8_t* keybox_or_cert,
+                        size_t keybox_or_cert_length,
+                        uint8_t* wrapped_keybox_or_cert,
+                        size_t* wrapped_keybox_or_cert_length,
+                        const uint8_t* transport_key,
+                        size_t transport_key_length);
+OEMCryptoResult _oecc03(const uint8_t* keybox_or_cert,
+                        size_t keybox_or_cert_length);
+OEMCrypto_ProvisioningMethod _oecc49(void);
+OEMCryptoResult _oecc05(void);
+OEMCryptoResult _oecc07(uint8_t* device_id, size_t* device_id_length);
+OEMCryptoResult _oecc04(uint8_t* key_data, size_t* key_data_length);
+OEMCryptoResult _oecc78(const uint8_t* buffer, size_t buffer_length);
+OEMCryptoResult _oecc103(OEMCrypto_SESSION session);
+OEMCryptoResult _oecc104(uint8_t* public_cert, size_t* public_cert_length);
+OEMCryptoResult _oecc06(uint8_t* random_data, size_t random_data_length);
+uint32_t _oecc22(void);
+uint32_t _oecc108(void);
+uint8_t _oecc46(void);
+OEMCryptoResult _oecc44(OEMCrypto_HDCP_Capability* current,
+                        OEMCrypto_HDCP_Capability* maximum);
+bool _oecc29(void);
+size_t _oecc94(void);
+bool _oecc39(void);
+OEMCryptoResult _oecc38(size_t* count);
+OEMCryptoResult _oecc37(size_t* max);
+uint32_t _oecc52(void);
+bool _oecc53(void);
+OEMCryptoResult _oecc54(uint16_t* version);
+uint32_t _oecc71(void);
+uint32_t _oecc85(void);
+OEMCryptoResult _oecc102(OEMCrypto_SESSION session, const uint8_t* message,
+                         size_t message_length, size_t core_message_length,
+                         const uint8_t* signature, size_t signature_length,
+                         uint8_t* wrapped_private_key,
+                         size_t* wrapped_private_key_length);
+OEMCryptoResult _oecc107(OEMCrypto_SESSION session,
+                         OEMCrypto_PrivateKeyType key_type,
+                         const uint8_t* wrapped_private_key,
+                         size_t wrapped_private_key_length);
+OEMCryptoResult _oecc45(void);
+OEMCryptoResult _oecc36(OEMCrypto_SESSION session, const uint8_t* message,
+                        size_t message_length, uint8_t* signature,
+                        size_t* signature_length,
+                        RSA_Padding_Scheme padding_scheme);
+OEMCryptoResult _oecc61(uint8_t* header_buffer, size_t* header_buffer_length);
+OEMCryptoResult _oecc62(const uint8_t* buffer, size_t buffer_length);
+OEMCryptoResult _oecc63(OEMCrypto_SESSION session,
+                        uint32_t* usage_entry_number);
+OEMCryptoResult _oecc64(OEMCrypto_SESSION session, uint32_t usage_entry_number,
+                        const uint8_t* buffer, size_t buffer_length);
+OEMCryptoResult _oecc65(OEMCrypto_SESSION session,
+                        OEMCrypto_SharedMemory* header_buffer,
+                        size_t* header_buffer_length,
+                        OEMCrypto_SharedMemory* entry_buffer,
+                        size_t* entry_buffer_length);
+OEMCryptoResult _oecc66(OEMCrypto_SESSION session, const uint8_t* pst,
+                        size_t pst_length);
+OEMCryptoResult _oecc32(OEMCrypto_SESSION session, const uint8_t* pst,
+                        size_t pst_length, uint8_t* buffer,
+                        size_t* buffer_length);
+OEMCryptoResult _oecc68(OEMCrypto_SESSION session, uint32_t new_index);
+OEMCryptoResult _oecc67(uint32_t new_entry_count, uint8_t* header_buffer,
+                        size_t* header_buffer_length);
+OEMCryptoResult _oecc57(void);
+uint32_t _oecc86(void);
+OEMCryptoResult _oecc88(OEMCrypto_SESSION session, uint32_t frame_number,
+                        const uint8_t* hash, size_t hash_length);
+OEMCryptoResult _oecc89(OEMCrypto_SESSION session,
+                        uint32_t* failed_frame_number);
+OEMCryptoResult _oecc109(OEMCrypto_SESSION session, size_t buffer_size,
+                         OEMCrypto_DestBufferDesc* output_descriptor,
+                         int* secure_fd);
+OEMCryptoResult _oecc110(OEMCrypto_SESSION session,
+                         OEMCrypto_DestBufferDesc* output_descriptor,
+                         int secure_fd);
+OEMCryptoResult _oecc115(uint32_t* ree_major, uint32_t* ree_minor,
+                         uint32_t* tee_major, uint32_t* tee_minor);
+OEMCryptoResult _oecc113(OEMCrypto_SESSION session, uint8_t* buffer,
+                         size_t* buffer_length, uint32_t use_test_key);
+OEMCryptoResult _oecc114(OEMCrypto_SESSION session, const uint8_t* buffer,
+                         size_t buffer_length, uint32_t use_test_key);
+OEMCryptoResult _oecc13(OEMCrypto_SESSION session, const uint8_t* message,
+                        size_t message_length, uint8_t* signature,
+                        size_t* signature_length);
+OEMCryptoResult _oecc51(OEMCrypto_SESSION session,
+                        const uint32_t* unaligned_nonce,
+                        const uint8_t* encrypted_message_key,
+                        size_t encrypted_message_key_length,
+                        const uint8_t* enc_rsa_key, size_t enc_rsa_key_length,
+                        const uint8_t* enc_rsa_key_iv, uint8_t* wrapped_rsa_key,
+                        size_t* wrapped_rsa_key_length);
+OEMCryptoResult _oecc18(OEMCrypto_SESSION session, const uint8_t* message,
+                        size_t message_length, const uint8_t* signature,
+                        size_t signature_length,
+                        const uint32_t* unaligned_nonce,
+                        const uint8_t* enc_rsa_key, size_t enc_rsa_key_length,
+                        const uint8_t* enc_rsa_key_iv, uint8_t* wrapped_rsa_key,
+                        size_t* wrapped_rsa_key_length);
+OEMCryptoResult _oecc30(void);
+OEMCryptoResult _oecc33(OEMCrypto_SESSION session, const uint8_t* pst,
+                        size_t pst_length, const uint8_t* message,
+                        size_t message_length, const uint8_t* signature,
+                        size_t signature_length);
+OEMCryptoResult _oecc43(const uint8_t* pst, size_t pst_length);
+OEMCryptoResult _oecc69(OEMCrypto_SESSION session, const uint8_t* pst,
+                        size_t pst_length);
+OEMCryptoResult _oecc34(void);
+OEMCryptoResult _oecc70(uint64_t time_since_license_received,
+                        uint64_t time_since_first_decrypt,
+                        uint64_t time_since_last_decrypt,
+                        OEMCrypto_Usage_Entry_Status status,
+                        uint8_t* server_mac_key, uint8_t* client_mac_key,
+                        const uint8_t* pst, size_t pst_length);
+OEMCryptoResult _oecc12(OEMCrypto_SESSION session,
+                        const uint8_t* mac_key_context,
+                        uint32_t mac_key_context_length,
+                        const uint8_t* enc_key_context,
+                        uint32_t enc_key_context_length);
+OEMCryptoResult _oecc48(OEMCrypto_SESSION session, const uint8_t* data_addr,
+                        size_t data_addr_length, bool is_encrypted,
+                        const uint8_t* iv,
+                        size_t block_offset,  // used for CTR "cenc" mode only.
+                        OEMCrypto_DestBufferDesc* out_buffer,
+                        const OEMCrypto_CENCEncryptPatternDesc_V15* pattern,
+                        uint8_t subsample_flags);
+OEMCryptoResult _oecc50(OEMCrypto_SESSION session, uint8_t* public_cert,
+                        size_t* public_cert_length);
+OEMCryptoResult _oecc19(OEMCrypto_SESSION session,
+                        const uint8_t* wrapped_rsa_key,
+                        size_t wrapped_rsa_key_length);
+
+// OEMCrypto_Idle defined in v17.1
+OEMCryptoResult _oecc123(OEMCrypto_IdleState state, uint32_t os_specific_code);
+
+// OEMCrypto_Wake defined in v17.1
+OEMCryptoResult _oecc124(void);
+
+// OEMCrypto_CreateEntitledKeySession defined in v17.1
+OEMCryptoResult _oecc111(OEMCrypto_SESSION oec_session,
+                         OEMCrypto_SESSION* key_session);
+
+// OEMCrypto_RemoveEntitledKeySession defined in v17.1
+OEMCryptoResult _oecc112(OEMCrypto_SESSION key_session);
+
+// OEMCrypto_LoadEntitledContentKeys defined in v17.1
+OEMCryptoResult _oecc121(OEMCrypto_SESSION session, const uint8_t* message,
+                         size_t message_length, size_t key_array_length,
+                         const OEMCrypto_EntitledContentKeyObject* key_array);
+
+// OEMCrypto_BuildInformation defined in v17.1
+OEMCryptoResult _oecc125(char* buffer, size_t* buffer_length);
+
+// OEMCrypto_SecurityLevel defined in v17.1
+OEMCrypto_Security_Level _oecc126(void);
+
+// OEMCrypto_GetDTCP2Capability defined in v17.1
+OEMCryptoResult _oecc128(OEMCrypto_DTCP2_Capability* capability);
+
+// OEMCrypto_ProductionReady defined in v17.1
+OEMCryptoResult _oecc122(void);
+
+// OEMCrypto_GetWatermarkingSupport defined in v17.1
+OEMCrypto_WatermarkingSupport _oecc129(void);
+
+// OEMCrypto_ReuseUsageEntry defined in v17.1
+OEMCryptoResult _oecc127(OEMCrypto_SESSION session,
+                         uint32_t usage_entry_number);
+
+// OEMCrypto_GetBootCertificateChain defined in v17.1
+OEMCryptoResult _oecc116(uint8_t* bcc, size_t* bcc_length,
+                         uint8_t* additional_signature,
+                         size_t* additional_signature_length);
+
+// OEMCrypto_GenerateCertificateKeyPair defined in v17.1
+OEMCryptoResult _oecc117(OEMCrypto_SESSION session, uint8_t* public_key,
+                         size_t* public_key_length,
+                         uint8_t* public_key_signature,
+                         size_t* public_key_signature_length,
+                         uint8_t* wrapped_private_key,
+                         size_t* wrapped_private_key_length,
+                         OEMCrypto_PrivateKeyType* key_type);
+
+// OEMCrypto_InstallOemPrivateKey defined in v17.1
+OEMCryptoResult _oecc118(OEMCrypto_SESSION session,
+                         OEMCrypto_PrivateKeyType key_type,
+                         const uint8_t* wrapped_private_key,
+                         size_t wrapped_private_key_length);
+
+// OEMCrypto_ReassociateEntitledKeySession defined in v17.1
+OEMCryptoResult _oecc119(OEMCrypto_SESSION key_session,
+                         OEMCrypto_SESSION oec_session);
+
+// OEMCrypto_LoadCasECMKeys defined in v17.1
+OEMCryptoResult _oecc120(OEMCrypto_SESSION session, const uint8_t* message,
+                         size_t message_length,
+                         const OEMCrypto_EntitledContentKeyObject* even_key,
+                         const OEMCrypto_EntitledContentKeyObject* odd_key);
+
+// OEMCrypto_GetOEMKeyToken defined in v17.2
+OEMCryptoResult _oecc130(OEMCrypto_SESSION key_session, uint8_t* key_token,
+                         size_t* key_token_length);

oemcrypto/test/fuzz_tests/README.md

@@ -127,8 +127,7 @@ OEMCrypto implementations on linux.
     information locally.
 
 *   Build and test fuzz scripts locally using following commands. The build
-    script builds fuzz binaries for both oemcrypto reference implementation
-    as well as opk implementation.
+    script builds fuzz binaries for opk implementation.
 
     ```shell
     $ cd PATH_TO_CDM_DIR

oemcrypto/test/fuzz_tests/build_oemcrypto_fuzztests

@@ -6,18 +6,21 @@
 
 set -ex
 
+# CDM_DIR is used by several script, especially when there is some confusion
+if [ -z "$CDM_DIR" ]; then
+  export CDM_DIR="$(readlink -e $(dirname $0)/../../..)"
+fi
+cd $CDM_DIR
+
 export CXX=clang++
 export CC=clang
 export GYP_DEFINES="$GYP_DEFINES clang=1"
-export PATH_TO_CDM_DIR=.
-export PYTHONPATH="$PYTHONPATH:$PATH_TO_CDM_DIR/third_party"
+echo "CDM_DIR = $CDM_DIR"
+export PYTHONPATH="$PYTHONPATH:$CDM_DIR/third_party"
 
-python3 $PATH_TO_CDM_DIR/third_party/gyp/__init__.py --format=ninja \
-    --depth=$(pwd) oemcrypto/test/fuzz_tests/oemcrypto_fuzztests.gyp
-ninja -C out/Default
 # oemcrypto_opk_fuzztests.gypi has flags to instrument all the gyp targets
 # with fuzzer flags.
-python3 $PATH_TO_CDM_DIR/third_party/gyp/__init__.py --format=ninja \
+python3 $CDM_DIR/third_party/gyp/__init__.py --format=ninja \
     --depth=$(pwd) \
     --include=oemcrypto/test/fuzz_tests/oemcrypto_opk_fuzztests.gypi \
     oemcrypto/test/fuzz_tests/oemcrypto_opk_fuzztests.gyp