Source release 16.2.0

oemcrypto/include/OEMCryptoCENCCommon.h

@@ -0,0 +1,170 @@
+/* Copyright 2019 Google LLC. All rights reserved. This file and proprietary */
+/* source code may only be used and distributed under the Widevine Master */
+/* License Agreement. */
+
+/*********************************************************************
+ * OEMCryptoCENCCommon.h
+ *
+ * Common structures and error codes between WV servers and OEMCrypto.
+ *
+ *********************************************************************/
+
+#ifndef WIDEVINE_ODK_INCLUDE_OEMCRYPTOCENCCOMMON_H_
+#define WIDEVINE_ODK_INCLUDE_OEMCRYPTOCENCCOMMON_H_
+
+#include <stdbool.h>
+#include <stddef.h>
+#include <stdint.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* clang-format off */
+typedef enum OEMCryptoResult {
+  OEMCrypto_SUCCESS                            = 0,
+  OEMCrypto_ERROR_INIT_FAILED                  = 1,
+  OEMCrypto_ERROR_TERMINATE_FAILED             = 2,
+  OEMCrypto_ERROR_OPEN_FAILURE                 = 3,
+  OEMCrypto_ERROR_CLOSE_FAILURE                = 4,
+  OEMCrypto_ERROR_ENTER_SECURE_PLAYBACK_FAILED = 5,  /* deprecated */
+  OEMCrypto_ERROR_EXIT_SECURE_PLAYBACK_FAILED  = 6,  /* deprecated */
+  OEMCrypto_ERROR_SHORT_BUFFER                 = 7,
+  OEMCrypto_ERROR_NO_DEVICE_KEY                = 8,  /* no keybox device key. */
+  OEMCrypto_ERROR_NO_ASSET_KEY                 = 9,
+  OEMCrypto_ERROR_KEYBOX_INVALID               = 10,
+  OEMCrypto_ERROR_NO_KEYDATA                   = 11,
+  OEMCrypto_ERROR_NO_CW                        = 12,
+  OEMCrypto_ERROR_DECRYPT_FAILED               = 13,
+  OEMCrypto_ERROR_WRITE_KEYBOX                 = 14,
+  OEMCrypto_ERROR_WRAP_KEYBOX                  = 15,
+  OEMCrypto_ERROR_BAD_MAGIC                    = 16,
+  OEMCrypto_ERROR_BAD_CRC                      = 17,
+  OEMCrypto_ERROR_NO_DEVICEID                  = 18,
+  OEMCrypto_ERROR_RNG_FAILED                   = 19,
+  OEMCrypto_ERROR_RNG_NOT_SUPPORTED            = 20,
+  OEMCrypto_ERROR_SETUP                        = 21,
+  OEMCrypto_ERROR_OPEN_SESSION_FAILED          = 22,
+  OEMCrypto_ERROR_CLOSE_SESSION_FAILED         = 23,
+  OEMCrypto_ERROR_INVALID_SESSION              = 24,
+  OEMCrypto_ERROR_NOT_IMPLEMENTED              = 25,
+  OEMCrypto_ERROR_NO_CONTENT_KEY               = 26,
+  OEMCrypto_ERROR_CONTROL_INVALID              = 27,
+  OEMCrypto_ERROR_UNKNOWN_FAILURE              = 28,
+  OEMCrypto_ERROR_INVALID_CONTEXT              = 29,
+  OEMCrypto_ERROR_SIGNATURE_FAILURE            = 30,
+  OEMCrypto_ERROR_TOO_MANY_SESSIONS            = 31,
+  OEMCrypto_ERROR_INVALID_NONCE                = 32,
+  OEMCrypto_ERROR_TOO_MANY_KEYS                = 33,
+  OEMCrypto_ERROR_DEVICE_NOT_RSA_PROVISIONED   = 34,
+  OEMCrypto_ERROR_INVALID_RSA_KEY              = 35,
+  OEMCrypto_ERROR_KEY_EXPIRED                  = 36,
+  OEMCrypto_ERROR_INSUFFICIENT_RESOURCES       = 37,
+  OEMCrypto_ERROR_INSUFFICIENT_HDCP            = 38,
+  OEMCrypto_ERROR_BUFFER_TOO_LARGE             = 39,
+  OEMCrypto_WARNING_GENERATION_SKEW            = 40,  /* Warning, not error. */
+  OEMCrypto_ERROR_GENERATION_SKEW              = 41,
+  OEMCrypto_LOCAL_DISPLAY_ONLY                 = 42,  /* Info, not an error. */
+  OEMCrypto_ERROR_ANALOG_OUTPUT                = 43,
+  OEMCrypto_ERROR_WRONG_PST                    = 44,
+  OEMCrypto_ERROR_WRONG_KEYS                   = 45,
+  OEMCrypto_ERROR_MISSING_MASTER               = 46,
+  OEMCrypto_ERROR_LICENSE_INACTIVE             = 47,
+  OEMCrypto_ERROR_ENTRY_NEEDS_UPDATE           = 48,
+  OEMCrypto_ERROR_ENTRY_IN_USE                 = 49,
+  OEMCrypto_ERROR_USAGE_TABLE_UNRECOVERABLE    = 50,  /* Obsolete. Don't use. */
+  /* Use OEMCrypto_ERROR_NO_CONTENT_KEY instead of KEY_NOT_LOADED. */
+  OEMCrypto_KEY_NOT_LOADED                     = 51,  /* Obsolete. */
+  OEMCrypto_KEY_NOT_ENTITLED                   = 52,
+  OEMCrypto_ERROR_BAD_HASH                     = 53,
+  OEMCrypto_ERROR_OUTPUT_TOO_LARGE             = 54,
+  OEMCrypto_ERROR_SESSION_LOST_STATE           = 55,
+  OEMCrypto_ERROR_SYSTEM_INVALIDATED           = 56,
+  OEMCrypto_ERROR_LICENSE_RELOAD               = 57,
+  OEMCrypto_ERROR_MULTIPLE_USAGE_ENTRIES       = 58,
+  OEMCrypto_WARNING_MIXED_OUTPUT_PROTECTION    = 59,
+  /* ODK return values */
+  ODK_ERROR_BASE                               = 1000,
+  ODK_ERROR_CORE_MESSAGE                       = ODK_ERROR_BASE,
+  ODK_SET_TIMER                                = ODK_ERROR_BASE + 1,
+  ODK_DISABLE_TIMER                            = ODK_ERROR_BASE + 2,
+  ODK_TIMER_EXPIRED                            = ODK_ERROR_BASE + 3,
+  ODK_UNSUPPORTED_API                          = ODK_ERROR_BASE + 4,
+  ODK_STALE_RENEWAL                            = ODK_ERROR_BASE + 5,
+} OEMCryptoResult;
+/* clang-format on */
+
+/*
+ *  OEMCrypto_Usage_Entry_Status.
+ *  Valid values for status in the usage table.
+ */
+typedef enum OEMCrypto_Usage_Entry_Status {
+  kUnused = 0,
+  kActive = 1,
+  kInactive = 2, /* Deprecated.  Use kInactiveUsed or kInactiveUnused. */
+  kInactiveUsed = 3,
+  kInactiveUnused = 4,
+} OEMCrypto_Usage_Entry_Status;
+
+/*
+ *  OEMCrypto_LicenseType is used in the license message to indicate if the key
+ *  objects are for content keys, or for entitlement keys.
+ */
+typedef enum OEMCrypto_LicenseType {
+  OEMCrypto_ContentLicense = 0,
+  OEMCrypto_EntitlementLicense = 1
+} OEMCrypto_LicenseType;
+
+/* Private key type used in the provisioning response. */
+typedef enum OEMCrypto_PrivateKeyType {
+  OEMCrypto_RSA_Private_Key = 0,
+  OEMCrypto_ECC_Private_Key = 1,
+} OEMCrypto_PrivateKeyType;
+
+/*
+ *  OEMCrypto_Substring
+ *
+ *  Used to indicate a substring of a signed message in OEMCrypto_LoadKeys and
+ *  other functions which must verify that a parameter is contained within a
+ *  signed message.
+ */
+typedef struct {
+  size_t offset;
+  size_t length;
+} OEMCrypto_Substring;
+
+/*
+ * OEMCrypto_KeyObject
+ *  Points to the relevant fields for a content key. The fields are extracted
+ *  from the License Response message offered to OEMCrypto_LoadKeys(). Each
+ *  field points to one of the components of the key. Key data, key control,
+ *  and both IV fields are 128 bits (16 bytes):
+ *    key_id - the unique id of this key.
+ *    key_id_length - the size of key_id. OEMCrypto may assume this is at
+ *        most 16. However, OEMCrypto shall correctly handle key id lengths
+ *        from 1 to 16 bytes.
+ *    key_data_iv - the IV for performing AES-128-CBC decryption of the
+ *        key_data field.
+ *    key_data - the key data. It is encrypted (AES-128-CBC) with the
+ *        session's derived encrypt key and the key_data_iv.
+ *    key_control_iv - the IV for performing AES-128-CBC decryption of the
+ *        key_control field.
+ *    key_control - the key control block. It is encrypted (AES-128-CBC) with
+ *        the content key from the key_data field.
+ *
+ *  The memory for the OEMCrypto_KeyObject fields is allocated and freed
+ *  by the caller of OEMCrypto_LoadKeys().
+ */
+typedef struct {
+  OEMCrypto_Substring key_id;
+  OEMCrypto_Substring key_data_iv;
+  OEMCrypto_Substring key_data;
+  OEMCrypto_Substring key_control_iv;
+  OEMCrypto_Substring key_control;
+} OEMCrypto_KeyObject;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* WIDEVINE_ODK_INCLUDE_OEMCRYPTOCENCCOMMON_H_ */

oemcrypto/include/oemcrypto_types.h

@@ -23,45 +23,59 @@ typedef struct WidevineKeybox {   // 128 bytes total.
   uint8_t crc_[4];
 } WidevineKeybox;
 
+/*
+ * SRM_Restriction_Data
+ *
+ * Structure passed into LoadKeys to specify required SRM version.
+ */
+typedef struct {
+  uint8_t verification[8];       // must be "HDCPDATA"
+  uint32_t minimum_srm_version;  // version number.
+} SRM_Restriction_Data;
+
+// clang-format off
 // Key Control Block Bit Masks:
-const uint32_t kControlObserveDataPath = (1<<31);
-const uint32_t kControlObserveHDCP     = (1<<30);
-const uint32_t kControlObserveCGMS     = (1<<29);
-const uint32_t kControlRequireAntiRollbackHardware = (1<<28);
-const uint32_t kControlAllowHashVerification = (1<<24);
-const uint32_t kSharedLicense          = (1<<23);
-const uint32_t kControlSRMVersionRequired = (1<<22);
-const uint32_t kControlDisableAnalogOutput = (1<<21);
-const uint32_t kControlSecurityPatchLevelShift = 15;
-const uint32_t kControlSecurityPatchLevelMask =
-    (0x3F<<kControlSecurityPatchLevelShift);
-const uint32_t kControlReplayMask      = (0x03<<13);
-const uint32_t kControlNonceRequired   = (0x01<<13);
-const uint32_t kControlNonceOrEntry    = (0x02<<13);
-const uint32_t kControlHDCPVersionShift = 9;
-const uint32_t kControlHDCPVersionMask = (0x0F<<kControlHDCPVersionShift);
-const uint32_t kControlAllowEncrypt    = (1<<8);
-const uint32_t kControlAllowDecrypt    = (1<<7);
-const uint32_t kControlAllowSign       = (1<<6);
-const uint32_t kControlAllowVerify     = (1<<5);
-const uint32_t kControlDataPathSecure  = (1<<4);
-const uint32_t kControlNonceEnabled    = (1<<3);
-const uint32_t kControlHDCPRequired    = (1<<2);
-const uint32_t kControlCGMSMask        = (0x03);
-const uint32_t kControlCGMSCopyFreely  = (0x00);
-const uint32_t kControlCGMSCopyOnce    = (0x02);
-const uint32_t kControlCGMSCopyNever   = (0x03);
+const uint32_t kControlObserveDataPath              = (1u << 31);
+const uint32_t kControlObserveHDCP                  = (1u << 30);
+const uint32_t kControlObserveCGMS                  = (1u << 29);
+const uint32_t kControlRequireAntiRollbackHardware  = (1u << 28);
+const uint32_t kControlAllowHashVerification        = (1u << 24);
+const uint32_t kSharedLicense                       = (1u << 23);
+const uint32_t kControlSRMVersionRequired           = (1u << 22);
+const uint32_t kControlDisableAnalogOutput          = (1u << 21);
+const uint32_t kControlSecurityPatchLevelShift      = 15;
+const uint32_t kControlSecurityPatchLevelMask       =
+    (0x3Fu << kControlSecurityPatchLevelShift);
+const uint32_t kControlReplayMask                   = (0x03u << 13);
+const uint32_t kControlNonceRequired                = (0x01u << 13);
+const uint32_t kControlNonceOrEntry                 = (0x02u << 13);
+const uint32_t kControlHDCPVersionShift             = 9;
+const uint32_t kControlHDCPVersionMask              =
+    (0x0Fu << kControlHDCPVersionShift);
+const uint32_t kControlAllowEncrypt                 = (1u << 8);
+const uint32_t kControlAllowDecrypt                 = (1u << 7);
+const uint32_t kControlAllowSign                    = (1u << 6);
+const uint32_t kControlAllowVerify                  = (1u << 5);
+const uint32_t kControlDataPathSecure               = (1u << 4);
+const uint32_t kControlNonceEnabled                 = (1u << 3);
+const uint32_t kControlHDCPRequired                 = (1u << 2);
+const uint32_t kControlCGMSMask                     = (0x03);
+const uint32_t kControlCGMSCopyFreely               = (0x00);
+const uint32_t kControlCGMSCopyOnce                 = (0x02);
+const uint32_t kControlCGMSCopyNever                = (0x03);
+// clang-format on
 
 // Various constants and sizes:
-static const size_t KEY_CONTROL_SIZE = 16;
-static const size_t KEY_ID_SIZE = 16;
-static const size_t KEY_IV_SIZE = 16;
-static const size_t KEY_PAD_SIZE = 16;
-static const size_t KEY_SIZE = 16;
-static const size_t MAC_KEY_SIZE = 32;
-static const size_t KEYBOX_KEY_DATA_SIZE = 72;
-static const size_t SRM_REQUIREMENT_SIZE = 12;
-
+constexpr size_t KEY_CONTROL_SIZE = 16;
+constexpr size_t KEY_ID_SIZE = 16;
+constexpr size_t KEY_IV_SIZE = 16;
+constexpr size_t KEY_PAD_SIZE = 16;
+constexpr size_t KEY_SIZE = 16;
+constexpr size_t AES_128_BLOCK_SIZE = 16;
+constexpr size_t MAC_KEY_SIZE = 32;
+constexpr size_t KEYBOX_KEY_DATA_SIZE = 72;
+constexpr size_t SRM_REQUIREMENT_SIZE = 12;
+constexpr size_t HMAC_SHA256_SIGNATURE_SIZE = 32;
 
 }  // namespace wvoec