/* Copyright 2019 Google LLC. All rights reserved. This file and proprietary */ /* source code may only be used and distributed under the Widevine Master */ /* License Agreement. */ /********************************************************************* * OEMCryptoCENCCommon.h * * Common structures and error codes between WV servers and OEMCrypto. * *********************************************************************/ #ifndef WIDEVINE_ODK_INCLUDE_OEMCRYPTOCENCCOMMON_H_ #define WIDEVINE_ODK_INCLUDE_OEMCRYPTOCENCCOMMON_H_ #include #include #include #ifdef __cplusplus extern "C" { #endif /* clang-format off */ typedef enum OEMCryptoResult { OEMCrypto_SUCCESS = 0, OEMCrypto_ERROR_INIT_FAILED = 1, OEMCrypto_ERROR_TERMINATE_FAILED = 2, OEMCrypto_ERROR_OPEN_FAILURE = 3, OEMCrypto_ERROR_CLOSE_FAILURE = 4, OEMCrypto_ERROR_ENTER_SECURE_PLAYBACK_FAILED = 5, /* deprecated */ OEMCrypto_ERROR_EXIT_SECURE_PLAYBACK_FAILED = 6, /* deprecated */ OEMCrypto_ERROR_SHORT_BUFFER = 7, OEMCrypto_ERROR_NO_DEVICE_KEY = 8, /* no keybox device key. */ OEMCrypto_ERROR_NO_ASSET_KEY = 9, OEMCrypto_ERROR_KEYBOX_INVALID = 10, OEMCrypto_ERROR_NO_KEYDATA = 11, OEMCrypto_ERROR_NO_CW = 12, OEMCrypto_ERROR_DECRYPT_FAILED = 13, OEMCrypto_ERROR_WRITE_KEYBOX = 14, OEMCrypto_ERROR_WRAP_KEYBOX = 15, OEMCrypto_ERROR_BAD_MAGIC = 16, OEMCrypto_ERROR_BAD_CRC = 17, OEMCrypto_ERROR_NO_DEVICEID = 18, OEMCrypto_ERROR_RNG_FAILED = 19, OEMCrypto_ERROR_RNG_NOT_SUPPORTED = 20, OEMCrypto_ERROR_SETUP = 21, OEMCrypto_ERROR_OPEN_SESSION_FAILED = 22, OEMCrypto_ERROR_CLOSE_SESSION_FAILED = 23, OEMCrypto_ERROR_INVALID_SESSION = 24, OEMCrypto_ERROR_NOT_IMPLEMENTED = 25, OEMCrypto_ERROR_NO_CONTENT_KEY = 26, OEMCrypto_ERROR_CONTROL_INVALID = 27, OEMCrypto_ERROR_UNKNOWN_FAILURE = 28, OEMCrypto_ERROR_INVALID_CONTEXT = 29, OEMCrypto_ERROR_SIGNATURE_FAILURE = 30, OEMCrypto_ERROR_TOO_MANY_SESSIONS = 31, OEMCrypto_ERROR_INVALID_NONCE = 32, OEMCrypto_ERROR_TOO_MANY_KEYS = 33, OEMCrypto_ERROR_DEVICE_NOT_RSA_PROVISIONED = 34, OEMCrypto_ERROR_INVALID_RSA_KEY = 35, OEMCrypto_ERROR_KEY_EXPIRED = 36, OEMCrypto_ERROR_INSUFFICIENT_RESOURCES = 37, OEMCrypto_ERROR_INSUFFICIENT_HDCP = 38, OEMCrypto_ERROR_BUFFER_TOO_LARGE = 39, OEMCrypto_WARNING_GENERATION_SKEW = 40, /* Warning, not error. */ OEMCrypto_ERROR_GENERATION_SKEW = 41, OEMCrypto_LOCAL_DISPLAY_ONLY = 42, /* Info, not an error. */ OEMCrypto_ERROR_ANALOG_OUTPUT = 43, OEMCrypto_ERROR_WRONG_PST = 44, OEMCrypto_ERROR_WRONG_KEYS = 45, OEMCrypto_ERROR_MISSING_MASTER = 46, OEMCrypto_ERROR_LICENSE_INACTIVE = 47, OEMCrypto_ERROR_ENTRY_NEEDS_UPDATE = 48, OEMCrypto_ERROR_ENTRY_IN_USE = 49, OEMCrypto_ERROR_USAGE_TABLE_UNRECOVERABLE = 50, /* Obsolete. Don't use. */ /* Use OEMCrypto_ERROR_NO_CONTENT_KEY instead of KEY_NOT_LOADED. */ OEMCrypto_KEY_NOT_LOADED = 51, /* Obsolete. */ OEMCrypto_KEY_NOT_ENTITLED = 52, OEMCrypto_ERROR_BAD_HASH = 53, OEMCrypto_ERROR_OUTPUT_TOO_LARGE = 54, OEMCrypto_ERROR_SESSION_LOST_STATE = 55, OEMCrypto_ERROR_SYSTEM_INVALIDATED = 56, OEMCrypto_ERROR_LICENSE_RELOAD = 57, OEMCrypto_ERROR_MULTIPLE_USAGE_ENTRIES = 58, OEMCrypto_WARNING_MIXED_OUTPUT_PROTECTION = 59, /* ODK return values */ ODK_ERROR_BASE = 1000, ODK_ERROR_CORE_MESSAGE = ODK_ERROR_BASE, ODK_SET_TIMER = ODK_ERROR_BASE + 1, ODK_DISABLE_TIMER = ODK_ERROR_BASE + 2, ODK_TIMER_EXPIRED = ODK_ERROR_BASE + 3, ODK_UNSUPPORTED_API = ODK_ERROR_BASE + 4, ODK_STALE_RENEWAL = ODK_ERROR_BASE + 5, } OEMCryptoResult; /* clang-format on */ /* * OEMCrypto_Usage_Entry_Status. * Valid values for status in the usage table. */ typedef enum OEMCrypto_Usage_Entry_Status { kUnused = 0, kActive = 1, kInactive = 2, /* Deprecated. Use kInactiveUsed or kInactiveUnused. */ kInactiveUsed = 3, kInactiveUnused = 4, } OEMCrypto_Usage_Entry_Status; /* * OEMCrypto_LicenseType is used in the license message to indicate if the key * objects are for content keys, or for entitlement keys. */ typedef enum OEMCrypto_LicenseType { OEMCrypto_ContentLicense = 0, OEMCrypto_EntitlementLicense = 1, OEMCrypto_LicenstType_MaxValue = OEMCrypto_EntitlementLicense, } OEMCrypto_LicenseType; /* Private key type used in the provisioning response. */ typedef enum OEMCrypto_PrivateKeyType { OEMCrypto_RSA_Private_Key = 0, OEMCrypto_ECC_Private_Key = 1, } OEMCrypto_PrivateKeyType; /* * OEMCrypto_Substring * * Used to indicate a substring of a signed message in OEMCrypto_LoadKeys and * other functions which must verify that a parameter is contained within a * signed message. */ typedef struct { size_t offset; size_t length; } OEMCrypto_Substring; /* * OEMCrypto_KeyObject * Points to the relevant fields for a content key. The fields are extracted * from the License Response message offered to OEMCrypto_LoadKeys(). Each * field points to one of the components of the key. Key data, key control, * and both IV fields are 128 bits (16 bytes): * key_id - the unique id of this key. * key_id_length - the size of key_id. OEMCrypto may assume this is at * most 16. However, OEMCrypto shall correctly handle key id lengths * from 1 to 16 bytes. * key_data_iv - the IV for performing AES-128-CBC decryption of the * key_data field. * key_data - the key data. It is encrypted (AES-128-CBC) with the * session's derived encrypt key and the key_data_iv. * key_control_iv - the IV for performing AES-128-CBC decryption of the * key_control field. * key_control - the key control block. It is encrypted (AES-128-CBC) with * the content key from the key_data field. * * The memory for the OEMCrypto_KeyObject fields is allocated and freed * by the caller of OEMCrypto_LoadKeys(). */ typedef struct { OEMCrypto_Substring key_id; OEMCrypto_Substring key_data_iv; OEMCrypto_Substring key_data; OEMCrypto_Substring key_control_iv; OEMCrypto_Substring key_control; } OEMCrypto_KeyObject; #ifdef __cplusplus } #endif #endif /* WIDEVINE_ODK_INCLUDE_OEMCRYPTOCENCCOMMON_H_ */