// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary // source code may only be used and distributed under the Widevine // License Agreement. /********************************************************************* * level3.h * * Reference APIs needed to support Widevine's crypto algorithms. *********************************************************************/ #ifndef LEVEL3_OEMCRYPTO_H_ #define LEVEL3_OEMCRYPTO_H_ #include #include #include "OEMCryptoCENC.h" #include "level3_file_system.h" // clang-format off #ifdef DYNAMIC_ADAPTER #define Level3_IsInApp _lcc00 #define Level3_Initialize _lcc01 #define Level3_Terminate _lcc02 #define Level3_InstallKeyboxOrOEMCert _lcc03 #define Level3_GetKeyData _lcc04 #define Level3_IsKeyboxOrOEMCertValid _lcc05 #define Level3_GetDeviceID _lcc07 #define Level3_WrapKeyboxOrOEMCert _lcc08 #define Level3_OpenSession _lcc09 #define Level3_CloseSession _lcc10 #define Level3_GenerateSignature _lcc13 #define Level3_GenerateNonce _lcc14 #define Level3_RewrapDeviceRSAKey _lcc18 #define Level3_LoadDeviceRSAKey _lcc19 #define Level3_DeriveKeysFromSessionKey _lcc21 #define Level3_APIVersion _lcc22 #define Level3_Generic_Encrypt_V17 _lcc24 #define Level3_Generic_Decrypt_V17 _lcc25 #define Level3_Generic_Sign_V17 _lcc26 #define Level3_Generic_Verify_V17 _lcc27 #define Level3_SupportsUsageTable _lcc29 #define Level3_ReportUsage _lcc32 #define Level3_GetMaxNumberOfSessions _lcc37 #define Level3_GetNumberOfOpenSessions _lcc38 #define Level3_IsAntiRollbackHwPresent _lcc39 #define Level3_QueryKeyControl _lcc41 #define Level3_GetHDCPCapability _lcc44 #define Level3_LoadTestRSAKey _lcc45 #define Level3_SecurityPatchLevel _lcc46 #define Level3_GetProvisioningMethod _lcc49 #define Level3_RewrapDeviceRSAKey30 _lcc51 #define Level3_SupportedCertificates _lcc52 #define Level3_IsSRMUpdateSupported _lcc53 #define Level3_GetCurrentSRMVersion _lcc54 #define Level3_LoadSRM _lcc55 #define Level3_RemoveSRM _lcc57 #define Level3_CreateUsageTableHeader _lcc61 #define Level3_LoadUsageTableHeader _lcc62 #define Level3_CreateNewUsageEntry _lcc63 #define Level3_LoadUsageEntry _lcc64 #define Level3_UpdateUsageEntry _lcc65 #define Level3_ShrinkUsageTableHeader _lcc67 #define Level3_MoveEntry _lcc68 #define Level3_GetAnalogOutputFlags _lcc71 #define Level3_LoadTestKeybox _lcc78 #define Level3_SelectKey _lcc81 #define Level3_LoadKeys _lcc83 #define Level3_SetSandbox _lcc84 #define Level3_ResourceRatingTier _lcc85 #define Level3_SupportsDecryptHash _lcc86 #define Level3_SetDecryptHash _lcc88 #define Level3_GetHashErrorCode _lcc89 #define Level3_RefreshKeys _lcc91 #define Level3_LoadEntitledContentKeys_V16 _lcc92 #define Level3_CopyBuffer _lcc93 #define Level3_MaximumUsageTableHeaderSize _lcc94 #define Level3_GenerateDerivedKeys _lcc95 #define Level3_PrepAndSignLicenseRequest _lcc96 #define Level3_PrepAndSignRenewalRequest _lcc97 #define Level3_PrepAndSignProvisioningRequest _lcc98 #define Level3_LoadLicense _lcc99 #define Level3_LoadRenewal _lcc101 #define Level3_LoadProvisioning _lcc102 #define Level3_LoadOEMPrivateKey _lcc103 #define Level3_GetOEMPublicCertificate _lcc104 #define Level3_DecryptCENC_V17 _lcc105 #define Level3_LoadDRMPrivateKey _lcc107 #define Level3_MinorAPIVersion _lcc108 #define Level3_AllocateSecureBuffer _lcc109 #define Level3_FreeSecureBuffer _lcc110 #define Level3_CreateEntitledKeySession _lcc111 #define Level3_RemoveEntitledKeySession _lcc112 #define Level3_GetBootCertificateChain _lcc116 #define Level3_GenerateCertificateKeyPair _lcc117 #define Level3_InstallOemPrivateKey _lcc118 #define Level3_ReassociateEntitledKeySession _lcc119 #define Level3_LoadCasECMKeys _lcc120 #define Level3_LoadEntitledContentKeys _lcc121 // place holder for v17. #define Level3_ProductionReady _lcc122 #define Level3_Idle _lcc123 #define Level3_Wake _lcc124 #define Level3_BuildInformation _lcc125 #define Level3_SecurityLevel _lcc126 #define Level3_ReuseUsageEntry _lcc127 #define Level3_GetDTCP2Capability _lcc128 #define Level3_GetWatermarkingSupport _lcc129 #define Level3_GetOEMKeyToken _lcc130 #define Level3_GetDeviceInformation _lcc131 #define Level3_SetMaxAPIVersion _lcc132 #define Level3_GetKeyHandle _lcc133 #define Level3_DecryptCENC _lcc134 #define Level3_Generic_Encrypt _lcc135 #define Level3_Generic_Decrypt _lcc136 #define Level3_Generic_Sign _lcc137 #define Level3_Generic_Verify _lcc138 #define Level3_GetSignatureHashAlgorithm _lcc139 #define Level3_EnterTestMode _lcc140 #define Level3_GetDeviceSignedCsrPayload _lcc141 #define Level3_UseSecondaryKey _lcc142 #define Level3_GetEmbeddedDrmCertificate _lcc143 #define Level3_MarkOfflineSession _lcc144 // Added in OEMCrypto v19.3, but back ported to v18 #define Level3_SetSessionUsage _lcc155 #else #define Level3_Initialize _oecc01 #define Level3_Terminate _oecc02 #define Level3_InstallKeyboxOrOEMCert _oecc03 #define Level3_GetKeyData _oecc04 #define Level3_IsKeyboxOrOEMCertValid _oecc05 #define Level3_GetDeviceID _oecc07 #define Level3_WrapKeyboxOrOEMCert _oecc08 #define Level3_OpenSession _oecc09 #define Level3_CloseSession _oecc10 #define Level3_GenerateSignature _oecc13 #define Level3_GenerateNonce _oecc14 #define Level3_RewrapDeviceRSAKey _oecc18 #define Level3_LoadDeviceRSAKey _oecc19 #define Level3_DeriveKeysFromSessionKey _oecc21 #define Level3_APIVersion _oecc22 #define Level3_Generic_Encrypt_V17 _oecc24 #define Level3_Generic_Decrypt_V17 _oecc25 #define Level3_Generic_Sign_V17 _oecc26 #define Level3_Generic_Verify_V17 _oecc27 #define Level3_SupportsUsageTable _oecc29 #define Level3_ReportUsage _oecc32 #define Level3_GenerateRSASignature _oecc36 #define Level3_GetMaxNumberOfSessions _oecc37 #define Level3_GetNumberOfOpenSessions _oecc38 #define Level3_IsAntiRollbackHwPresent _oecc39 #define Level3_QueryKeyControl _oecc41 #define Level3_GetHDCPCapability _oecc44 #define Level3_LoadTestRSAKey _oecc45 #define Level3_SecurityPatchLevel _oecc46 #define Level3_GetProvisioningMethod _oecc49 #define Level3_RewrapDeviceRSAKey30 _oecc51 #define Level3_SupportedCertificates _oecc52 #define Level3_IsSRMUpdateSupported _oecc53 #define Level3_GetCurrentSRMVersion _oecc54 #define Level3_LoadSRM _oecc55 #define Level3_RemoveSRM _oecc57 #define Level3_CreateUsageTableHeader _oecc61 #define Level3_LoadUsageTableHeader _oecc62 #define Level3_CreateNewUsageEntry _oecc63 #define Level3_LoadUsageEntry _oecc64 #define Level3_UpdateUsageEntry _oecc65 #define Level3_DeactivateUsageEntry _oecc66 #define Level3_ShrinkUsageTableHeader _oecc67 #define Level3_MoveEntry _oecc68 #define Level3_GetAnalogOutputFlags _oecc71 #define Level3_LoadTestKeybox _oecc78 #define Level3_SelectKey _oecc81 #define Level3_LoadKeys _oecc83 #define Level3_SetSandbox _oecc84 #define Level3_ResourceRatingTier _oecc85 #define Level3_SupportsDecryptHash _oecc86 #define Level3_SetDecryptHash _oecc88 #define Level3_GetHashErrorCode _oecc89 #define Level3_RefreshKeys _oecc91 #define Level3_LoadEntitledContentKeys_V16 _oecc92 #define Level3_CopyBuffer _oecc93 #define Level3_MaximumUsageTableHeaderSize _oecc94 #define Level3_GenerateDerivedKeys _oecc95 #define Level3_PrepAndSignLicenseRequest _oecc96 #define Level3_PrepAndSignRenewalRequest _oecc97 #define Level3_PrepAndSignProvisioningRequest _oecc98 #define Level3_LoadLicense _oecc99 #define Level3_LoadRenewal _oecc101 #define Level3_LoadProvisioning _oecc102 #define Level3_LoadOEMPrivateKey _oecc103 #define Level3_GetOEMPublicCertificate _oecc104 #define Level3_DecryptCENC_V17 _oecc105 #define Level3_LoadDRMPrivateKey _oecc107 #define Level3_MinorAPIVersion _oecc108 #define Level3_AllocateSecureBuffer _oecc109 #define Level3_FreeSecureBuffer _oecc110 #define Level3_CreateEntitledKeySession _oecc111 #define Level3_RemoveEntitledKeySession _oecc112 #define Level3_GetBootCertificateChain _oecc116 #define Level3_GenerateCertificateKeyPair _oecc117 #define Level3_InstallOemPrivateKey _oecc118 #define Level3_ReassociateEntitledKeySession _oecc119 #define Level3_LoadCasECMKeys _oecc120 #define Level3_LoadEntitledContentKeys _oecc121 // place holder for v17. #define Level3_ProductionReady _oecc122 #define Level3_Idle _oecc123 #define Level3_Wake _oecc124 #define Level3_BuildInformation _oecc125 #define Level3_SecurityLevel _oecc126 #define Level3_ReuseUsageEntry _oecc127 #define Level3_GetDTCP2Capability _oecc128 #define Level3_GetWatermarkingSupport _oecc129 #define Level3_GetOEMKeyToken _oecc130 #define Level3_GetDeviceInformation _oecc131 #define Level3_SetMaxAPIVersion _oecc132 #define Level3_GetKeyHandle _oecc133 #define Level3_DecryptCENC _oecc134 #define Level3_Generic_Encrypt _oecc135 #define Level3_Generic_Decrypt _oecc136 #define Level3_Generic_Sign _oecc137 #define Level3_Generic_Verify _oecc138 #define Level3_GetSignatureHashAlgorithm _oecc139 #define Level3_EnterTestMode _oecc140 #define Level3_GetDeviceSignedCsrPayload _oecc141 // Internal-only. #define Level3_GetEmbeddedDrmCertificate _oecc143 #define Level3_UseSecondaryKey _oecc144 #define Level3_MarkOfflineSession _oecc145 // Added in OEMCrypto v19.3, but back ported to v18 #define Level3_SetSessionUsage _oecc155 #endif #define Level3_GetInitializationState _oecl3o01 // clang-format on extern "C" { bool Level3_IsInApp(); OEMCryptoResult Level3_Initialize(void); OEMCryptoResult Level3_Terminate(void); OEMCryptoResult Level3_OpenSession(OEMCrypto_SESSION* session); OEMCryptoResult Level3_CloseSession(OEMCrypto_SESSION session); OEMCryptoResult Level3_GenerateDerivedKeys(OEMCrypto_SESSION session, const uint8_t* mac_key_context, size_t mac_key_context_length, const uint8_t* enc_key_context, size_t enc_key_context_length); OEMCryptoResult Level3_GenerateNonce(OEMCrypto_SESSION session, uint32_t* nonce); OEMCryptoResult Level3_QueryKeyControl(OEMCrypto_SESSION session, const uint8_t* key_id, size_t key_id_length, uint8_t* key_control_block, size_t* key_control_block_length); OEMCryptoResult Level3_DecryptCENC_V17( OEMCrypto_SESSION session, const OEMCrypto_SampleDescription* samples, size_t samples_length, const OEMCrypto_CENCEncryptPatternDesc* pattern); OEMCryptoResult Level3_InstallKeyboxOrOEMCert(const uint8_t* rot, size_t rotLength); OEMCryptoResult Level3_IsKeyboxOrOEMCertValid(void); OEMCryptoResult Level3_WrapKeyboxOrOEMCert(const uint8_t* rot, size_t rotLength, uint8_t* wrappedRot, size_t* wrappedRotLength, const uint8_t* transportKey, size_t transportKeyLength); OEMCrypto_ProvisioningMethod Level3_GetProvisioningMethod(); OEMCryptoResult Level3_GetOEMPublicCertificate(uint8_t* public_cert, size_t* public_cert_length); OEMCryptoResult Level3_GetDeviceID(uint8_t* deviceID, size_t* idLength); OEMCryptoResult Level3_GetKeyData(uint8_t* keyData, size_t* keyDataLength); OEMCryptoResult Level3_LoadOEMPrivateKey(OEMCrypto_SESSION session); OEMCryptoResult Level3_LoadDRMPrivateKey(OEMCrypto_SESSION session, OEMCrypto_PrivateKeyType key_type, const uint8_t* wrapped_rsa_key, size_t wrapped_rsa_key_length); OEMCryptoResult Level3_LoadProvisioning( OEMCrypto_SESSION session, const uint8_t* message, size_t message_length, size_t core_message_length, const uint8_t* signature, size_t signature_length, uint8_t* wrapped_private_key, size_t* wrapped_private_key_length); OEMCryptoResult Level3_RewrapDeviceRSAKey( OEMCrypto_SESSION session, const uint8_t* message, size_t message_length, const uint8_t* signature, size_t signature_length, const uint32_t* nonce, const uint8_t* enc_rsa_key, size_t enc_rsa_key_length, const uint8_t* enc_rsa_key_iv, uint8_t* wrapped_rsa_key, size_t* wrapped_rsa_key_length); OEMCryptoResult Level3_LoadTestRSAKey(); OEMCryptoResult Level3_GenerateRSASignature(OEMCrypto_SESSION session, const uint8_t* message, size_t message_length, uint8_t* signature, size_t* signature_length, RSA_Padding_Scheme padding_scheme); OEMCryptoResult Level3_DeriveKeysFromSessionKey(OEMCrypto_SESSION session, const uint8_t* enc_session_key, size_t enc_session_key_length, const uint8_t* mac_key_context, size_t mac_key_context_length, const uint8_t* enc_key_context, size_t enc_key_context_length); uint32_t Level3_APIVersion(); uint32_t Level3_MinorAPIVersion(); uint8_t Level3_SecurityPatchLevel(); OEMCrypto_Security_Level Level3_SecurityLevel(); OEMCryptoResult Level3_GetHDCPCapability(OEMCrypto_HDCP_Capability* current, OEMCrypto_HDCP_Capability* maximum); bool Level3_SupportsUsageTable(); bool Level3_IsAntiRollbackHwPresent(); OEMCryptoResult Level3_GetNumberOfOpenSessions(size_t* count); OEMCryptoResult Level3_GetMaxNumberOfSessions(size_t* maximum); uint32_t Level3_SupportedCertificates(); OEMCryptoResult Level3_Generic_Encrypt_V17( OEMCrypto_SESSION session, const uint8_t* in_buffer, size_t buffer_length, const uint8_t* iv, OEMCrypto_Algorithm algorithm, uint8_t* out_buffer); OEMCryptoResult Level3_Generic_Decrypt_V17( OEMCrypto_SESSION session, const uint8_t* in_buffer, size_t buffer_length, const uint8_t* iv, OEMCrypto_Algorithm algorithm, uint8_t* out_buffer); OEMCryptoResult Level3_Generic_Sign_V17(OEMCrypto_SESSION session, const uint8_t* in_buffer, size_t buffer_length, OEMCrypto_Algorithm algorithm, uint8_t* signature, size_t* signature_length); OEMCryptoResult Level3_Generic_Verify_V17(OEMCrypto_SESSION session, const uint8_t* in_buffer, size_t buffer_length, OEMCrypto_Algorithm algorithm, const uint8_t* signature, size_t signature_length); OEMCryptoResult Level3_DeactivateUsageEntry(OEMCrypto_SESSION session, const uint8_t* pst, size_t pst_length); OEMCryptoResult Level3_ReportUsage(OEMCrypto_SESSION session, const uint8_t* pst, size_t pst_length, uint8_t* buffer, size_t* buffer_length); bool Level3_IsSRMUpdateSupported(); OEMCryptoResult Level3_GetCurrentSRMVersion(uint16_t* version); OEMCryptoResult Level3_LoadSRM(const uint8_t* buffer, size_t buffer_length); OEMCryptoResult Level3_RemoveSRM(); OEMCryptoResult Level3_CreateUsageTableHeader(uint8_t* header_buffer, size_t* header_buffer_length); OEMCryptoResult Level3_LoadUsageTableHeader(const uint8_t* buffer, size_t buffer_length); OEMCryptoResult Level3_CreateNewUsageEntry(OEMCrypto_SESSION session, uint32_t* usage_entry_number); OEMCryptoResult Level3_LoadUsageEntry(OEMCrypto_SESSION session, uint32_t index, const uint8_t* buffer, size_t buffer_size); OEMCryptoResult Level3_UpdateUsageEntry(OEMCrypto_SESSION session, uint8_t* header_buffer, size_t* header_buffer_length, uint8_t* entry_buffer, size_t* entry_buffer_length); OEMCryptoResult Level3_ShrinkUsageTableHeader(uint32_t new_table_size, uint8_t* header_buffer, size_t* header_buffer_length); OEMCryptoResult Level3_MoveEntry(OEMCrypto_SESSION session, uint32_t new_index); uint32_t Level3_GetAnalogOutputFlags(); OEMCryptoResult Level3_LoadTestKeybox(const uint8_t* buffer, size_t length); OEMCryptoResult Level3_SelectKey(const OEMCrypto_SESSION session, const uint8_t* key_id, size_t key_id_length, OEMCryptoCipherMode cipher_mode); OEMCryptoResult Level3_LoadLicense(OEMCrypto_SESSION session, const uint8_t* message, size_t message_length, size_t core_message_length, const uint8_t* signature, size_t signature_length); OEMCryptoResult Level3_LoadKeys( OEMCrypto_SESSION session, const uint8_t* message, size_t message_length, const uint8_t* signature, size_t signature_length, OEMCrypto_Substring enc_mac_keys_iv, OEMCrypto_Substring enc_mac_keys, size_t num_keys, const OEMCrypto_KeyObject* key_array, OEMCrypto_Substring pst, OEMCrypto_Substring srm_restriction_data, OEMCrypto_LicenseType license_type); OEMCryptoResult Level3_SetSandbox(const uint8_t* sandbox_id, size_t sandbox_id_length); uint32_t Level3_ResourceRatingTier(); uint32_t Level3_SupportsDecryptHash(); OEMCryptoResult Level3_SetDecryptHash(OEMCrypto_SESSION session, uint32_t frame_number, const uint8_t* hash, size_t hash_length); OEMCryptoResult Level3_GetHashErrorCode(OEMCrypto_SESSION session, uint32_t* failed_frame_number); OEMCryptoResult Level3_BuildInformation(char* buffer, size_t* buffer_length); OEMCryptoResult Level3_LoadRenewal(OEMCrypto_SESSION session, const uint8_t* message, size_t message_length, size_t core_message_length, const uint8_t* signature, size_t signature_length); OEMCryptoResult Level3_RefreshKeys(OEMCrypto_SESSION session, const uint8_t* message, size_t message_length, const uint8_t* signature, size_t signature_length, size_t num_keys, const OEMCrypto_KeyRefreshObject* key_array); OEMCryptoResult Level3_LoadEntitledContentKeys( OEMCrypto_SESSION session, const uint8_t* message, size_t message_length, size_t num_keys, const OEMCrypto_EntitledContentKeyObject* key_array); OEMCryptoResult Level3_CopyBuffer( OEMCrypto_SESSION session, const uint8_t* data_addr, size_t data_length, const OEMCrypto_DestBufferDesc* out_buffer_descriptor, uint8_t subsample_flags); OEMCryptoResult Level3_PrepAndSignProvisioningRequest( OEMCrypto_SESSION session, uint8_t* message, size_t message_length, size_t* core_message_length, uint8_t* signature, size_t* signature_length); OEMCryptoResult Level3_PrepAndSignLicenseRequest( OEMCrypto_SESSION session, uint8_t* message, size_t message_length, size_t* core_message_length, uint8_t* signature, size_t* signature_length); OEMCryptoResult Level3_PrepAndSignRenewalRequest( OEMCrypto_SESSION session, uint8_t* message, size_t message_length, size_t* core_message_length, uint8_t* signature, size_t* signature_length); size_t Level3_MaximumUsageTableHeaderSize(); OEMCryptoResult Level3_AllocateSecureBuffer( OEMCrypto_SESSION session, size_t buffer_size, OEMCrypto_DestBufferDesc* output_descriptor, int* secure_fd); OEMCryptoResult Level3_FreeSecureBuffer( OEMCrypto_SESSION session, OEMCrypto_DestBufferDesc* output_descriptor, int secure_fd); OEMCryptoResult Level3_CreateEntitledKeySession(OEMCrypto_SESSION oec_session, OEMCrypto_SESSION* key_session); OEMCryptoResult Level3_RemoveEntitledKeySession(OEMCrypto_SESSION key_session); OEMCryptoResult Level3_GetBootCertificateChain( uint8_t* bcc, size_t* bcc_size, uint8_t* additional_signature, size_t* additional_signature_size); OEMCryptoResult Level3_GenerateCertificateKeyPair( OEMCrypto_SESSION session, uint8_t* public_key, size_t* public_key_size, uint8_t* public_key_signature, size_t* public_key_signature_size, uint8_t* wrapped_private_key, size_t* wrapped_private_key_size, OEMCrypto_PrivateKeyType* key_type); OEMCryptoResult Level3_InstallOemPrivateKey(OEMCrypto_SESSION session, OEMCrypto_PrivateKeyType key_type, const uint8_t* wrapped_private_key, size_t wrapped_private_key_length); OEMCryptoResult Level3_ReassociateEntitledKeySession( OEMCrypto_SESSION key_session, OEMCrypto_SESSION oec_session); OEMCryptoResult Level3_LoadCasECMKeys( OEMCrypto_SESSION session, const uint8_t* message, size_t message_length, const OEMCrypto_EntitledContentKeyObject* even_key, const OEMCrypto_EntitledContentKeyObject* odd_key); OEMCryptoResult Level3_ProductionReady(); OEMCryptoResult Level3_Idle(OEMCrypto_IdleState state, uint32_t os_specific_code); OEMCryptoResult Level3_Wake(); OEMCryptoResult Level3_ReuseUsageEntry(OEMCrypto_SESSION session, uint32_t usage_entry_number); OEMCryptoResult Level3_GetDTCP2Capability( OEMCrypto_DTCP2_Capability* capability); OEMCrypto_WatermarkingSupport Level3_GetWatermarkingSupport(); OEMCryptoResult Level3_GetOEMKeyToken(OEMCrypto_SESSION key_session, uint8_t* key_token, size_t* key_token_length); OEMCryptoResult Level3_SetSessionUsage(OEMCrypto_SESSION session, uint32_t intent, uint32_t mode); OEMCryptoResult Level3_GetDeviceInformation(uint8_t* device_info, size_t* device_info_length); OEMCryptoResult Level3_GetDeviceSignedCsrPayload( const uint8_t* challenge, size_t challenge_length, const uint8_t* encoded_device_info, size_t encoded_device_info_length, uint8_t* signed_csr_payload, size_t* signed_csr_payload_length); OEMCryptoResult Level3_SetMaxAPIVersion(uint32_t max_version); OEMCryptoResult Level3_GetKeyHandle(OEMCrypto_SESSION session, const uint8_t* content_key_id, size_t content_key_id_length, OEMCryptoCipherMode cipher_mode, uint8_t* key_handle, size_t* key_handle_length); OEMCryptoResult Level3_DecryptCENC( const uint8_t* key_handle, size_t key_handle_length, const OEMCrypto_SampleDescription* samples, size_t samples_length, const OEMCrypto_CENCEncryptPatternDesc* pattern); OEMCryptoResult Level3_Generic_Encrypt(const uint8_t* key_handle, size_t key_handle_length, const OEMCrypto_SharedMemory* in_buffer, size_t in_buffer_length, const uint8_t* iv, OEMCrypto_Algorithm algorithm, OEMCrypto_SharedMemory* out_buffer); OEMCryptoResult Level3_Generic_Decrypt(const uint8_t* key_handle, size_t key_handle_length, const OEMCrypto_SharedMemory* in_buffer, size_t in_buffer_length, const uint8_t* iv, OEMCrypto_Algorithm algorithm, OEMCrypto_SharedMemory* out_buffer); OEMCryptoResult Level3_Generic_Sign(const uint8_t* key_handle, size_t key_handle_length, const OEMCrypto_SharedMemory* buffer, size_t buffer_length, OEMCrypto_Algorithm algorithm, OEMCrypto_SharedMemory* signature, size_t* signature_length); OEMCryptoResult Level3_Generic_Verify(const uint8_t* key_handle, size_t key_handle_length, const OEMCrypto_SharedMemory* buffer, size_t buffer_length, OEMCrypto_Algorithm algorithm, const OEMCrypto_SharedMemory* signature, size_t signature_length); OEMCryptoResult Level3_GetSignatureHashAlgorithm( OEMCrypto_SESSION session, OEMCrypto_SignatureHashAlgorithm* algorithm); OEMCryptoResult Level3_EnterTestMode(void); OEMCryptoResult Level3_GetEmbeddedDrmCertificate(uint8_t* public_cert, size_t* public_cert_length); OEMCryptoResult Level3_UseSecondaryKey(OEMCrypto_SESSION session_id, bool dual_key); OEMCryptoResult Level3_MarkOfflineSession(OEMCrypto_SESSION session_id); // The following are specific to Google's Level 3 implementation and are not // required. enum Level3InitializationState { LEVEL3_INITIALIZATION_SUCCESS = 0, LEVEL3_INITIALIZATION_UNKNOWN_FAILURE = 1, LEVEL3_SEED_FAILURE = 2, LEVEL3_SAVE_DEVICE_KEYS_FAILURE = 3, LEVEL3_READ_DEVICE_KEYS_FAILURE = 4, LEVEL3_VERIFY_DEVICE_KEYS_FAILURE = 5, }; enum Level3RunningMode { LEVEL3_MODE_HAYSTACK_ONLY = 0, LEVEL3_MODE_RIKERS_DEFAULT = 1, LEVEL3_MODE_RIKERS_ONLY = 2, }; /* * Level3_GetRunningMode * * Description: * Returns the current mode the Level3 is running in. This shouldn't change * while the processes is running. * * Parameters: * N/A * * Threading: * No other function calls will be made while this function is running. * * Version: * This method is new in API version 19. */ Level3RunningMode Level3_GetRunningMode(void); /* * Level3_GetInitializationState * * Description: * Return any warning or error condition which occurred during * initialization. On some platforms, this value will be logged and metrics * will be gathered on production devices. This is an optional feature, and * OEMCrypto may always return 0, even if Level3_Initialize failed. This * function may be called whether Level3_Initialize succeeded or not. * * Parameters: * N/A * * Threading: * No other function calls will be made while this function is running. * * Returns: * LEVEL3_INITIALIZATION_SUCCESS - no warnings or errors during initialization * LEVEL3_SEED_FAILURE - error in seeding the software RNG * LEVEL3_SAVE_DEVICE_KEYS_FAILURE - failed to save device keys to file system * LEVEL3_READ_DEVICE_KEYS_FAILURE - failed to read device keys from file * system * LEVEL3_VERIFY_DEVICE_KEYS_FAILURE - failed to verify decrypted device keys * * Version: * This method is new in API version 14. */ Level3InitializationState Level3_GetInitializationState(void); /* * Level3_OutputErrorLogs * * Description: * Call to output any errors in the Level 3 execution if the Level 3 has * failed. This method should only be called if the Level 3 has failed in * an unrecoverable state, and needs to be reinitialized. * * Parameters: * N/A * * Threading: * No other function calls will be made while this function is running. * * Returns: * N/A * * Version: * This method is new in API version 15. */ void Level3_OutputErrorLogs(); } // extern "C" namespace wvoec3 { // The following are interfaces needed for Google's Level 3 OEMCrypto // specifically, which partners are expected to implement. // Returns a stable, unique identifier for the device. This could be a // serial number or any other character sequence representing that device. // The parameter |len| needs to be changed to reflect the length of the // unique identifier. const char* getUniqueID(size_t* len); // Returns a 64-bit unsigned integer to be used as a random seed for RNG. // If the operation is unsuccessful, this function returns 0. // We provide a sample implementation under the name generate_entropy_linux.cpp // which partners should use if they can. uint64_t generate_entropy(); // Creates and returns an OEMCrypto_Level3FileSystem implementation. OEMCrypto_Level3FileSystem* createLevel3FileSystem(); // Deletes the pointer retrieved by the function above. void deleteLevel3FileSystem(OEMCrypto_Level3FileSystem* file_system); } // namespace wvoec3 #endif // LEVEL3_OEMCRYPTO_H_