Update to ODK v19.2

oemcrypto/odk/include/OEMCryptoCENCCommon.h

@@ -1,4 +1,4 @@
-// Copyright 2019 Google LLC. All rights reserved. This file and proprietary
+// Copyright 2019 Google LLC. This file and proprietary
 // source code may only be used and distributed under the Widevine
 // License Agreement.
 
@@ -93,6 +93,7 @@ typedef enum OEMCryptoResult {
   OEMCrypto_ERROR_DVR_FORBIDDEN                = 63,
   OEMCrypto_ERROR_INSUFFICIENT_PRIVILEGE       = 64,
   OEMCrypto_ERROR_INVALID_KEY                  = 65,
+  OEMCrypto_ERROR_INVALID_OEM_CERTIFICATE      = 66,
   /* ODK return values */
   ODK_ERROR_BASE                               = 1000,
   ODK_ERROR_CORE_MESSAGE                       = ODK_ERROR_BASE,
@@ -122,6 +123,7 @@ typedef enum OEMCrypto_Usage_Entry_Status {
   kInactiveUnused = 4,
 } OEMCrypto_Usage_Entry_Status;
 
+/* Not used publicly. Not documented with Doxygen. */
 typedef enum OEMCrypto_ProvisioningRenewalType {
   OEMCrypto_NoRenewal = 0,
   OEMCrypto_RenewalACert = 1,
@@ -137,7 +139,9 @@ typedef enum OEMCrypto_LicenseType {
   OEMCrypto_LicenseType_MaxValue = OEMCrypto_EntitlementLicense,
 } OEMCrypto_LicenseType;
 
-/* Private key type used in the provisioning response. */
+/**
+ * Private key type used in the provisioning response.
+ */
 typedef enum OEMCrypto_PrivateKeyType {
   OEMCrypto_RSA_Private_Key = 0,
   OEMCrypto_ECC_Private_Key = 1,

oemcrypto/odk/include/core_message_deserialize.h

@@ -1,4 +1,4 @@
-// Copyright 2019 Google LLC. All rights reserved. This file and proprietary
+// Copyright 2019 Google LLC. This file and proprietary
 // source code may only be used and distributed under the Widevine
 // License Agreement.
 
@@ -34,6 +34,16 @@ namespace deserialize {
 bool CoreLicenseRequestFromMessage(const std::string& oemcrypto_core_message,
                                    ODK_LicenseRequest* core_license_request);
 
+/**
+ * Counterpart (deserializer) of ODK_PrepareCoreReleaseRequest (serializer)
+ *
+ * Parameters:
+ *   [in] oemcrypto_core_message
+ *   [out] core_license_request
+ */
+bool CoreReleaseRequestFromMessage(const std::string& oemcrypto_core_message,
+                                   ODK_ReleaseRequest* core_release_request);
+
 /**
  * Counterpart (deserializer) of ODK_PrepareCoreRenewalRequest (serializer)
  *

oemcrypto/odk/include/core_message_features.h

@@ -1,4 +1,4 @@
-// Copyright 2021 Google LLC. All rights reserved. This file and proprietary
+// Copyright 2021 Google LLC. This file and proprietary
 // source code may only be used and distributed under the Widevine
 // License Agreement.
 
@@ -26,9 +26,9 @@ struct CoreMessageFeatures {
 
   // This is the published version of the ODK Core Message library. The default
   // behavior is for the server to restrict messages to at most this version
-  // number. The default is 18.3.
-  uint32_t maximum_major_version = 18;
-  uint32_t maximum_minor_version = 3;
+  // number. The default is 19.2.
+  uint32_t maximum_major_version = 19;
+  uint32_t maximum_minor_version = 2;
 
   bool operator==(const CoreMessageFeatures &other) const;
   bool operator!=(const CoreMessageFeatures &other) const {

oemcrypto/odk/include/core_message_serialize.h

@@ -1,4 +1,4 @@
-// Copyright 2019 Google LLC. All rights reserved. This file and proprietary
+// Copyright 2019 Google LLC. This file and proprietary
 // source code may only be used and distributed under the Widevine
 // License Agreement.
 
@@ -25,7 +25,7 @@
 
 namespace oemcrypto_core_message {
 namespace serialize {
-using oemcrypto_core_message::features::CoreMessageFeatures;
+using ::oemcrypto_core_message::features::CoreMessageFeatures;
 
 /**
  * Counterpart (serializer) of ODK_ParseLicense (deserializer)
@@ -44,6 +44,23 @@ bool CreateCoreLicenseResponse(const CoreMessageFeatures& features,
                                const std::string& core_request_sha256,
                                std::string* oemcrypto_core_message);
 
+/**
+ * Counterpart (serializer) of ODK_ParseLicense (deserializer)
+ * struct-input variant
+ *
+ * Parameters:
+ *   [in] features feature support for response message.
+ *   [in] core_request
+ *   [in] seconds_since_license_requested
+ *   [in] seconds_since_first_decrypt
+ *   [out] oemcrypto_core_message
+ */
+bool CreateCoreReleaseResponse(const CoreMessageFeatures& features,
+                               const ODK_ReleaseRequest& core_request,
+                               int64_t seconds_since_license_requested,
+                               int64_t seconds_since_first_decrypt,
+                               std::string* oemcrypto_core_message);
+
 /**
  * Counterpart (serializer) of ODK_ParseRenewal (deserializer)
  *

oemcrypto/odk/include/core_message_serialize_proto.h

@@ -1,4 +1,4 @@
-// Copyright 2019 Google LLC. All rights reserved. This file and proprietary
+// Copyright 2019 Google LLC. This file and proprietary
 // source code may only be used and distributed under the Widevine
 // License Agreement.
 

oemcrypto/odk/include/core_message_types.h

@@ -1,4 +1,4 @@
-// Copyright 2019 Google LLC. All rights reserved. This file and proprietary
+// Copyright 2019 Google LLC. This file and proprietary
 // source code may only be used and distributed under the Widevine
 // License Agreement.
 
@@ -101,6 +101,17 @@ struct ODK_LicenseRequest {
   ODK_MessageCounter counter_info;
 };
 
+/**
+ * Output structure for CoreReleaseRequestFromMessage
+ * Input structure for CreateCoreReleaseResponse
+ */
+struct ODK_ReleaseRequest {
+  uint16_t api_minor_version;
+  uint16_t api_major_version;
+  uint32_t nonce;
+  uint32_t session_id;
+};
+
 /**
  * Output structure for CoreRenewalRequestFromMessage
  * Input structure for CreateCoreRenewalResponse

oemcrypto/odk/include/odk.h

@@ -1,4 +1,4 @@
-// Copyright 2019 Google LLC. All rights reserved. This file and proprietary
+// Copyright 2019 Google LLC. This file and proprietary
 // source code may only be used and distributed under the Widevine
 // License Agreement.
 
@@ -55,6 +55,9 @@
  *
  * @defgroup common_types Common Types
  * Enumerations and structures that are used by several OEMCrypto and ODK
+ *
+ * @defgroup odk_derivation Key Derivation Utils
+ * Utilities and constants relating to key derivation.
  * functions.
  *********************************************************************/
 
@@ -274,6 +277,49 @@ OEMCryptoResult ODK_PrepareCoreLicenseRequest(
     const ODK_NonceValues* nonce_values,
     const ODK_MessageCounterInfo* counter_info);
 
+/**
+ * Modifies the message to include a core license release at the beginning of
+ * the message buffer. The values in nonce_values are used to populate the
+ * message.
+ *
+ * This shall be called by OEMCrypto from OEMCrypto_PrepAndSignLicenseRelease.
+ *
+ * NOTE: if the message pointer is null and/or input core_message_size is
+ * zero, this function returns OEMCrypto_ERROR_SHORT_BUFFER and sets output
+ * core_message_size to the size needed.
+ *
+ * @param[in,out] message: Pointer to memory for the entire message. Modified by
+ *       the ODK library.
+ * @param[in] message_length: length of the entire message buffer.
+ * @param[in,out] core_message_size: length of the core message at the beginning
+ *       of the message. (in) size of buffer reserved for the core message, in
+ *       bytes. (out) actual length of the core message, in bytes.
+ * @param[in] nonce_values: pointer to the session's nonce data.
+ * @param[in] status: the enumeration of OEMCrypto_Usage_Entry_Status
+ * @param[in] clock_security_level: the enumeration of
+ * OEMCryto_Clock_Security_Level
+ * @param[in] seconds_since_license_requested: the time between the license
+ * being requested and the release being generated in seconds
+ * @param[in] seconds_since_first_decrypt: The time since playback has started
+ * in seconds
+ * @param[in,out] clock_values: the session's clock values.
+ * @param[in] system_time_seconds: the current time on OEMCrypto's clock, in
+ *       seconds.
+ *
+ * @retval OEMCrypto_SUCCESS
+ * @retval OEMCrypto_ERROR_SHORT_BUFFER: core_message_size is too small
+ * @retval OEMCrypto_ERROR_INVALID_CONTEXT
+ *
+ * @version
+ * This method is new in version 19 of the API.
+ */
+OEMCryptoResult ODK_PrepareCoreReleaseRequest(
+    uint8_t* message, size_t message_length, size_t* core_message_size,
+    ODK_NonceValues* nonce_values, uint32_t status,
+    uint32_t clock_security_level, int64_t seconds_since_license_requested,
+    int64_t seconds_since_first_decrypt, ODK_ClockValues* clock_values,
+    uint64_t system_time_seconds);
+
 /**
  * Modifies the message to include a core renewal request at the beginning of
  * the message buffer. The values in nonce_values, clock_values and
@@ -340,7 +386,7 @@ OEMCryptoResult ODK_PrepareCoreRenewalRequest(uint8_t* message,
  *       of the message. (in) size of buffer reserved for the core message, in
  *       bytes. (out) actual length of the core message, in bytes.
  * @param[in] nonce_values: pointer to the session's nonce data.
- * @param[in] message_count_info: information used for server-side anomaly
+ * @param[in] counter_info: information used for server-side anomaly
  * detection
  *
  * @retval OEMCrypto_SUCCESS
@@ -559,14 +605,17 @@ OEMCryptoResult ODK_RefreshV15Values(const ODK_TimerLimits* timer_limits,
  * @param[in,out] nonce_values: The session's nonce values. These will be
  *       updated.
  * @param[out] parsed_license: the destination for the data.
- * @param[out] timer_value: set if playback timer should be started.
+ * @param[out] timer_value: set to the new timer value. Only used if the return
+ *       value is ODK_SET_TIMER. This must be non-null if OEMCrypto uses a
+ *       hardware timer.
  *
  * @retval OEMCrypto_SUCCESS
  * @retval ODK_ERROR_CORE_MESSAGE: if the message did not parse correctly, or
  *         there were other incorrect values. An error should be returned to the
  *         CDM layer.
  * @retval ODK_UNSUPPORTED_API
- * @retval ODK_SET_TIMER: if the playback timer has been started successfully
+ * @retval ODK_SET_TIMER: Success. The timer should be reset to the specified
+ *         timer value.
  * @retval ODK_DISABLE_TIMER: if the playtime timer has been started
  *         successfully then is disabled.
  * @retval ODK_TIMER_EXPIRED: if the license is attempted to be loaded after the
@@ -574,7 +623,7 @@ OEMCryptoResult ODK_RefreshV15Values(const ODK_TimerLimits* timer_limits,
  * @retval OEMCrypto_ERROR_INVALåID_NONCE
  *
  * @version
- * This method is new in version 16 of the API.
+ * This method changed in version 18 of the API.
  */
 OEMCryptoResult ODK_ParseLicense(
     const uint8_t* message, size_t message_length, size_t core_message_length,
@@ -618,6 +667,7 @@ OEMCryptoResult ODK_ParseLicense(
  *       value is ODK_SET_TIMER. This must be non-null if OEMCrypto uses a
  *       hardware timer.
  *
+ * @retval OEMCrypto_SUCCESS
  * @retval ODK_ERROR_CORE_MESSAGE: the message did not parse correctly, or there
  *         were other incorrect values. An error should be returned to the CDM
  *         layer.
@@ -632,7 +682,7 @@ OEMCryptoResult ODK_ParseLicense(
  * @retval OEMCrypto_ERROR_INVALID_NONCE
  *
  * @version
- * This method is new in version 16 of the API.
+ * This method changed in version 18 of the API.
  */
 OEMCryptoResult ODK_ParseRenewal(const uint8_t* message, size_t message_length,
                                  size_t core_message_length,
@@ -642,6 +692,33 @@ OEMCryptoResult ODK_ParseRenewal(const uint8_t* message, size_t message_length,
                                  ODK_ClockValues* clock_values,
                                  uint64_t* timer_value);
 
+/**
+ * The function ODK_ParseRelease will parse the message and verify its
+ * header contents. If the message does not parse correctly, an error of
+ * ODK_ERROR_CORE_MESSAGE is returned. This function is mostly a placeholder
+ * function since there is no information needed in the release response.
+ *
+ * @param[in] message: pointer to the message buffer.
+ * @param[in] message_length: length of the entire message buffer.
+ * @param[in] core_message_size: length of the core message, at the beginning of
+ *       the message buffer.
+ * @param[in,out] nonce_values: pointer to the session's nonce data. These might
+ *       be updated if the server returns a lower API version.
+ *
+ * @retval OEMCrypto_SUCCESS
+ * @retval ODK_ERROR_CORE_MESSAGE: the message did not parse correctly, or there
+ *         were other incorrect values. An error should be returned to the CDM
+ *         layer.
+ * @retval ODK_UNSUPPORTED_API
+ * @retval OEMCrypto_ERROR_INVALID_NONCE
+ *
+ * @version
+ * This method is new in version 19 of the API.
+ */
+OEMCryptoResult ODK_ParseRelease(const uint8_t* message, size_t message_length,
+                                 size_t core_message_length,
+                                 ODK_NonceValues* nonce_values);
+
 /**
  * The function ODK_ParseProvisioning will parse the message and verify the
  * nonce values match those in the license.
@@ -670,7 +747,6 @@ OEMCryptoResult ODK_ParseRenewal(const uint8_t* message, size_t message_length,
  * @param[in] device_id: a pointer to a buffer containing the device ID of the
  *       device. The ODK function will verify it matches that in the message.
  * @param[in] device_id_length: the length of the device ID.
- * @param[out] counter_info: destination for counter portion of parse data.
  * @param[out] parsed_response: destination for response portion of parse data.
  *
  * @retval OEMCrypto_SUCCESS
@@ -681,7 +757,7 @@ OEMCryptoResult ODK_ParseRenewal(const uint8_t* message, size_t message_length,
  * @retval OEMCrypto_ERROR_INVALID_NONCE
  *
  * @version
- * This method is new in version 16 of the API.
+ * This method changed in version 18 of the API.
  */
 OEMCryptoResult ODK_ParseProvisioning(
     const uint8_t* message, size_t message_length, size_t core_message_length,
@@ -740,6 +816,83 @@ bool CheckApiVersionAtMost(const ODK_NonceValues* nonce_values,
 
 /// @}
 
+/// @addtogroup odk_derivation
+/// @{
+
+/**
+ * Contains the key label for the Mac key derivation.  This contains
+ * |ODK_MacKeyLabelWithZeroLength| number of bytes.
+ */
+extern const uint8_t ODK_MacKeyLabelWithZero[];
+
+/** Contains the number of bytes in |ODK_MacKeyLabelWithZero|. */
+extern const size_t ODK_MacKeyLabelWithZeroLength;
+
+/**
+ * Contains the key label for the Encryption key derivation.  This contains
+ * |ODK_EncKeyLabelWithZeroLength| number of bytes.
+ */
+extern const uint8_t ODK_EncKeyLabelWithZero[];
+
+/** Contains the number of bytes in |ODK_EncKeyLabelWithZero|. */
+extern const size_t ODK_EncKeyLabelWithZeroLength;
+
+/**
+ * Contains the suffix bytes (NIST 800-108 key length) for Mac key derivation.
+ * This value is appended after the context string.  This contains
+ * ODK_MacKeySuffixLength number of bytes.
+ */
+extern const uint8_t ODK_MacKeySuffix[];
+
+/** Contains the number of bytes in |ODK_MacKeySuffix|. */
+extern const size_t ODK_MacKeySuffixLength;
+
+/**
+ * Contains the suffix bytes (NIST 800-108 key length) for Encryption key
+ * derivation.  This value is appended after the context string.  This contains
+ * ODK_EncKeySuffixLength number of bytes.
+ */
+extern const uint8_t ODK_EncKeySuffix[];
+
+/** Contains the number of bytes in |ODK_EncKeySuffix|. */
+extern const size_t ODK_EncKeySuffixLength;
+
+/**
+ * Generates the key-derivation contexts for the license exchange based on the
+ * given context value.
+ *
+ * NOTE: if the mac_key_context/enc_key_context pointer are null and/or input
+ * mac_key_context_length/enc_key_context_length is zero, this function returns
+ * OEMCrypto_ERROR_SHORT_BUFFER and sets output
+ * mac_key_context_length/enc_key_context_length to the size needed.
+ *
+ * @param[in] context: pointer to the context buffer.
+ * @param[in] context_length: the length of the context buffer.
+ * @param[out] mac_key_context: an output buffer to contain the MAC key context.
+ * @param[in,out] mac_key_context_length: on input, contains the number of bytes
+ *       in |mac_key_context|; on return, will contain the context length.
+ * @param[out] enc_key_context: an output buffer to contain the encryption key
+ *       context.
+ * @param[in,out] enc_key_context_length: on input, contains the number of bytes
+ *       in |enc_key_context|; on return, will contain the context length.
+ *
+ * @retval OEMCrypto_SUCCESS
+ * @retval OEMCrypto_ERROR_SHORT_BUFFER: mac_key_context_length or
+ *         enc_key_context_length is too small
+ * @retval OEMCrypto_ERROR_INVALID_CONTEXT
+ *
+ * @version
+ * This method is new in version 19 of the API.
+ */
+OEMCryptoResult ODK_GenerateKeyContexts(const uint8_t* context,
+                                        size_t context_length,
+                                        uint8_t* mac_key_context,
+                                        size_t* mac_key_context_length,
+                                        uint8_t* enc_key_context,
+                                        size_t* enc_key_context_length);
+
+/// @}
+
 #ifdef __cplusplus
 }
 #endif

oemcrypto/odk/include/odk_attributes.h

@@ -1,4 +1,4 @@
-// Copyright 2019 Google LLC. All rights reserved. This file and proprietary
+// Copyright 2019 Google LLC. This file and proprietary
 // source code may only be used and distributed under the Widevine
 // License Agreement.
 

oemcrypto/odk/include/odk_message.h

@@ -1,4 +1,4 @@
-// Copyright 2019 Google LLC. All rights reserved. This file and proprietary
+// Copyright 2019 Google LLC. This file and proprietary
 // source code may only be used and distributed under the Widevine
 // License Agreement.
 

oemcrypto/odk/include/odk_structs.h

@@ -1,4 +1,4 @@
-// Copyright 2019 Google LLC. All rights reserved. This file and proprietary
+// Copyright 2019 Google LLC. This file and proprietary
 // source code may only be used and distributed under the Widevine
 // License Agreement.
 
@@ -15,11 +15,11 @@ extern "C" {
 #include "odk_target.h"
 
 /* The version of this library. */
-#define ODK_MAJOR_VERSION 18
-#define ODK_MINOR_VERSION 3
+#define ODK_MAJOR_VERSION 19
+#define ODK_MINOR_VERSION 2
 
 /* ODK Version string. Date changed automatically on each release. */
-#define ODK_RELEASE_DATE "ODK v18.3 2023-07-07"
+#define ODK_RELEASE_DATE "ODK v19.2 2024-06-11"
 
 /* The lowest version number for an ODK message. */
 #define ODK_FIRST_VERSION 16
@@ -223,9 +223,10 @@ typedef struct {
  *        entitlement keys.
  * @param nonce_required: indicates if the license requires a nonce.
  * @param timer_limits: time limits of the for the license.
- * @param watermarking: specifies if device supports watermarking.
- * @param dtcp2_required: specifies if device supports DTCP.
- * @param renewal_delay_base: what time the timer starting is based off of.
+ * @param watermarking: indicates watermarking requirements of the license.
+ * @param dtcp2_required: indicates dtcp2 requirements of the license.
+ * @param renewal_delay_base: indicates which time is used for the renewal timer
+ *         and playback timer starting point.
  * @param key_array_length: number of keys present.
  * @param key_array: set of keys to be installed.
  *
@@ -262,9 +263,10 @@ typedef struct {
  *        entitlement keys.
  * @param nonce_required: indicates if the license requires a nonce.
  * @param timer_limits: time limits of the for the license.
- * @param watermarking: specifies if device supports watermarking.
- * @param dtcp2_required: specifies if device supports DTCP.
- * @param renewal_delay_base: what time the timer starting is based off of.
+ * @param watermarking: indicates watermarking requirements of the license.
+ * @param dtcp2_required: indicates dtcp2 requirements of the license.
+ * @param renewal_delay_base: indicates which time is used for the renewal timer
+ *         and playback timer starting point.
  * @param key_array_length: number of keys present.
  * @param key_array: set of keys to be installed. This is a pointer to an array
  *        to allow packing a number of keys greater than |ODK_MAX_NUM_KEYS|.

oemcrypto/odk/include/odk_target.h

@@ -1,4 +1,4 @@
-// Copyright 2019 Google LLC. All rights reserved. This file is distributed
+// Copyright 2019 Google LLC. This file is distributed
 // under the Widevine License Agreement.
 
 // Partners are expected to edit this file to support target specific code