oemcrypto_core_message/oemcrypto/odk/include/OEMCryptoCENCCommon.h

/* Copyright 2019 Google LLC. All rights reserved. This file and proprietary */
/* source code may only be used and distributed under the Widevine Master */
/* License Agreement. */

/*********************************************************************
 * OEMCryptoCENCCommon.h
 *
 * Common structures and error codes between WV servers and OEMCrypto.
 *
 *********************************************************************/

#ifndef WIDEVINE_ODK_INCLUDE_OEMCRYPTOCENCCOMMON_H_
#define WIDEVINE_ODK_INCLUDE_OEMCRYPTOCENCCOMMON_H_

#include <stdbool.h>
#include <stddef.h>
#include <stdint.h>

#ifdef __cplusplus
extern "C" {
#endif

/* clang-format off */
typedef enum OEMCryptoResult {
  OEMCrypto_SUCCESS                            = 0,
  OEMCrypto_ERROR_INIT_FAILED                  = 1,
  OEMCrypto_ERROR_TERMINATE_FAILED             = 2,
  OEMCrypto_ERROR_OPEN_FAILURE                 = 3,
  OEMCrypto_ERROR_CLOSE_FAILURE                = 4,
  OEMCrypto_ERROR_ENTER_SECURE_PLAYBACK_FAILED = 5,  /* deprecated */
  OEMCrypto_ERROR_EXIT_SECURE_PLAYBACK_FAILED  = 6,  /* deprecated */
  OEMCrypto_ERROR_SHORT_BUFFER                 = 7,
  OEMCrypto_ERROR_NO_DEVICE_KEY                = 8,  /* no keybox device key. */
  OEMCrypto_ERROR_NO_ASSET_KEY                 = 9,
  OEMCrypto_ERROR_KEYBOX_INVALID               = 10,
  OEMCrypto_ERROR_NO_KEYDATA                   = 11,
  OEMCrypto_ERROR_NO_CW                        = 12,
  OEMCrypto_ERROR_DECRYPT_FAILED               = 13,
  OEMCrypto_ERROR_WRITE_KEYBOX                 = 14,
  OEMCrypto_ERROR_WRAP_KEYBOX                  = 15,
  OEMCrypto_ERROR_BAD_MAGIC                    = 16,
  OEMCrypto_ERROR_BAD_CRC                      = 17,
  OEMCrypto_ERROR_NO_DEVICEID                  = 18,
  OEMCrypto_ERROR_RNG_FAILED                   = 19,
  OEMCrypto_ERROR_RNG_NOT_SUPPORTED            = 20,
  OEMCrypto_ERROR_SETUP                        = 21,
  OEMCrypto_ERROR_OPEN_SESSION_FAILED          = 22,
  OEMCrypto_ERROR_CLOSE_SESSION_FAILED         = 23,
  OEMCrypto_ERROR_INVALID_SESSION              = 24,
  OEMCrypto_ERROR_NOT_IMPLEMENTED              = 25,
  OEMCrypto_ERROR_NO_CONTENT_KEY               = 26,
  OEMCrypto_ERROR_CONTROL_INVALID              = 27,
  OEMCrypto_ERROR_UNKNOWN_FAILURE              = 28,
  OEMCrypto_ERROR_INVALID_CONTEXT              = 29,
  OEMCrypto_ERROR_SIGNATURE_FAILURE            = 30,
  OEMCrypto_ERROR_TOO_MANY_SESSIONS            = 31,
  OEMCrypto_ERROR_INVALID_NONCE                = 32,
  OEMCrypto_ERROR_TOO_MANY_KEYS                = 33,
  OEMCrypto_ERROR_DEVICE_NOT_RSA_PROVISIONED   = 34,
  OEMCrypto_ERROR_INVALID_RSA_KEY              = 35,
  OEMCrypto_ERROR_KEY_EXPIRED                  = 36,
  OEMCrypto_ERROR_INSUFFICIENT_RESOURCES       = 37,
  OEMCrypto_ERROR_INSUFFICIENT_HDCP            = 38,
  OEMCrypto_ERROR_BUFFER_TOO_LARGE             = 39,
  OEMCrypto_WARNING_GENERATION_SKEW            = 40,  /* Warning, not error. */
  OEMCrypto_ERROR_GENERATION_SKEW              = 41,
  OEMCrypto_LOCAL_DISPLAY_ONLY                 = 42,  /* Info, not an error. */
  OEMCrypto_ERROR_ANALOG_OUTPUT                = 43,
  OEMCrypto_ERROR_WRONG_PST                    = 44,
  OEMCrypto_ERROR_WRONG_KEYS                   = 45,
  OEMCrypto_ERROR_MISSING_MASTER               = 46,
  OEMCrypto_ERROR_LICENSE_INACTIVE             = 47,
  OEMCrypto_ERROR_ENTRY_NEEDS_UPDATE           = 48,
  OEMCrypto_ERROR_ENTRY_IN_USE                 = 49,
  OEMCrypto_ERROR_USAGE_TABLE_UNRECOVERABLE    = 50,  /* Obsolete. Don't use. */
  /* Use OEMCrypto_ERROR_NO_CONTENT_KEY instead of KEY_NOT_LOADED. */
  OEMCrypto_KEY_NOT_LOADED                     = 51,  /* Obsolete. */
  OEMCrypto_KEY_NOT_ENTITLED                   = 52,
  OEMCrypto_ERROR_BAD_HASH                     = 53,
  OEMCrypto_ERROR_OUTPUT_TOO_LARGE             = 54,
  OEMCrypto_ERROR_SESSION_LOST_STATE           = 55,
  OEMCrypto_ERROR_SYSTEM_INVALIDATED           = 56,
  OEMCrypto_ERROR_LICENSE_RELOAD               = 57,
  OEMCrypto_ERROR_MULTIPLE_USAGE_ENTRIES       = 58,
  OEMCrypto_WARNING_MIXED_OUTPUT_PROTECTION    = 59,
  /* ODK return values */
  ODK_ERROR_BASE                               = 1000,
  ODK_ERROR_CORE_MESSAGE                       = ODK_ERROR_BASE,
  ODK_SET_TIMER                                = ODK_ERROR_BASE + 1,
  ODK_DISABLE_TIMER                            = ODK_ERROR_BASE + 2,
  ODK_TIMER_EXPIRED                            = ODK_ERROR_BASE + 3,
  ODK_UNSUPPORTED_API                          = ODK_ERROR_BASE + 4,
  ODK_STALE_RENEWAL                            = ODK_ERROR_BASE + 5,
} OEMCryptoResult;
/* clang-format on */

/*
 *  OEMCrypto_Usage_Entry_Status.
 *  Valid values for status in the usage table.
 */
typedef enum OEMCrypto_Usage_Entry_Status {
  kUnused = 0,
  kActive = 1,
  kInactive = 2, /* Deprecated.  Use kInactiveUsed or kInactiveUnused. */
  kInactiveUsed = 3,
  kInactiveUnused = 4,
} OEMCrypto_Usage_Entry_Status;

/*
 *  OEMCrypto_LicenseType is used in the license message to indicate if the key
 *  objects are for content keys, or for entitlement keys.
 */
typedef enum OEMCrypto_LicenseType {
  OEMCrypto_ContentLicense = 0,
  OEMCrypto_EntitlementLicense = 1,
  OEMCrypto_LicenstType_MaxValue = OEMCrypto_EntitlementLicense,
} OEMCrypto_LicenseType;

/* Private key type used in the provisioning response. */
typedef enum OEMCrypto_PrivateKeyType {
  OEMCrypto_RSA_Private_Key = 0,
  OEMCrypto_ECC_Private_Key = 1,
} OEMCrypto_PrivateKeyType;

/*
 *  OEMCrypto_Substring
 *
 *  Used to indicate a substring of a signed message in OEMCrypto_LoadKeys and
 *  other functions which must verify that a parameter is contained within a
 *  signed message.
 */
typedef struct {
  size_t offset;
  size_t length;
} OEMCrypto_Substring;

/*
 * OEMCrypto_KeyObject
 *  Points to the relevant fields for a content key. The fields are extracted
 *  from the License Response message offered to OEMCrypto_LoadKeys(). Each
 *  field points to one of the components of the key. Key data, key control,
 *  and both IV fields are 128 bits (16 bytes):
 *    key_id - the unique id of this key.
 *    key_id_length - the size of key_id. OEMCrypto may assume this is at
 *        most 16. However, OEMCrypto shall correctly handle key id lengths
 *        from 1 to 16 bytes.
 *    key_data_iv - the IV for performing AES-128-CBC decryption of the
 *        key_data field.
 *    key_data - the key data. It is encrypted (AES-128-CBC) with the
 *        session's derived encrypt key and the key_data_iv.
 *    key_control_iv - the IV for performing AES-128-CBC decryption of the
 *        key_control field.
 *    key_control - the key control block. It is encrypted (AES-128-CBC) with
 *        the content key from the key_data field.
 *
 *  The memory for the OEMCrypto_KeyObject fields is allocated and freed
 *  by the caller of OEMCrypto_LoadKeys().
 */
typedef struct {
  OEMCrypto_Substring key_id;
  OEMCrypto_Substring key_data_iv;
  OEMCrypto_Substring key_data;
  OEMCrypto_Substring key_control_iv;
  OEMCrypto_Substring key_control;
} OEMCrypto_KeyObject;

#ifdef __cplusplus
}
#endif

#endif /* WIDEVINE_ODK_INCLUDE_OEMCRYPTOCENCCOMMON_H_ */