Support Keybox, DRM Cert, and OEM Cert for Client ID

[ Merge of http://go/wvgerrit/22900 ] Add GetClientToken(), GetProvisioningToken(), GetPreProvisionTokenType() to CryptoSession. They return the correct token bytes and token type for preparing the ClientIdentification message for provisioning and license server transactions. Also refactor service certificate handling. OEM certs are introduced in Provisioning 3.0 b/30811184 * Address build breaks [ Merge of http://go/wvgerrit/23162 ] This addresses issues introduced by http://go/wvgerrit/22900 b/30811184 * When http://go/wvgerrit/18012 was merged (ag/1446934) some changes were not merged for mapErrors-inl.h. These changes are included in this CL. * When ag/1678104 was reverse merged to http//go/wvgerrit/21981/ a variable was renamed and some comments were added to add clarity in cdm_engine.cpp. These changes are included in this CL. Test: All unittests other than some oemcrypto, request_license_test passed. Those tests failed with or without this CL. Change-Id: Ie0215509f2f985f2a610f5a4c865db47edec8662
2017-01-20 15:46:15 -08:00
parent 7c01f954da
commit 2812c3d2ac
21 changed files with 898 additions and 382 deletions
--- a/libwvdrmengine/cdm/core/include/license.h
+++ b/libwvdrmengine/cdm/core/include/license.h
@@ -6,7 +6,9 @@
 #include <set>

 #include "initialization_data.h"
+#include "license_protocol.pb.h"
 #include "scoped_ptr.h"
+#include "service_certificate.h"
 #include "wv_cdm_types.h"

 namespace video_widevine {
@@ -25,11 +27,12 @@ class CdmLicense {
  CdmLicense(const CdmSessionId& session_id);
  virtual ~CdmLicense();

-  virtual bool Init(const std::string& token, CryptoSession* session,
-                    PolicyEngine* policy_engine);
+  virtual bool Init(
+      const std::string& client_token, CdmClientTokenType client_token_type,
+      CryptoSession* session, PolicyEngine* policy_engine);

  virtual CdmResponseType PrepareKeyRequest(
-      const InitializationData& init_data, const CdmLicenseType license_type,
+      const InitializationData& init_data, CdmLicenseType license_type,
      const CdmAppParameterMap& app_parameters, CdmKeyMessage* signed_request,
      std::string* server_url);
  virtual CdmResponseType PrepareKeyUpdateRequest(
@@ -59,33 +62,32 @@ class CdmLicense {
    return is_offline_;
  }

-  static CdmResponseType VerifySignedServiceCertificate(
-      const std::string& signed_service_certificate);
-
 private:
-  bool PrepareServiceCertificateRequest(CdmKeyMessage* signed_request,
-                                        std::string* server_url);

  CdmResponseType HandleKeyErrorResponse(
      const video_widevine::SignedMessage& signed_message);

+  bool GetClientTokenType(
+      video_widevine::ClientIdentification::TokenType* token_type);
+
  CdmResponseType PrepareClientId(
-      bool encrypt, const std::string& certificate,
      const CdmAppParameterMap& app_parameters,
      video_widevine::LicenseRequest* license_request);
+
+  CdmResponseType PrepareContentId(
+      const InitializationData& init_data, CdmLicenseType license_type,
+      const std::string& request_id,
+      video_widevine::LicenseRequest* license_request);
+
  template <typename T>
-  bool PrepareContentId(const CdmLicenseType license_type,
-                        const std::string& request_id, T* content_id);
+  bool SetTypeAndId(CdmLicenseType license_type,
+                    const std::string& request_id, T* content_id);

-  static CdmResponseType VerifyAndExtractSignedServiceCertificate(
-      const std::string& signed_service_certificate,
-      std::string* service_certificate);
-  bool GetServiceCertificate(std::string* service_certificate);
-
-  CryptoSession* session_;
+  CryptoSession* crypto_session_;
  PolicyEngine* policy_engine_;
  std::string server_url_;
-  std::string token_;
+  std::string client_token_;
+  CdmClientTokenType client_token_type_;
  const CdmSessionId session_id_;
  scoped_ptr<InitializationData> stored_init_data_;
  bool initialized_;
@@ -94,6 +96,9 @@ class CdmLicense {
  bool renew_with_client_id_;
  bool is_offline_;

+  // Used to encrypt ClientIdentification message
+  scoped_ptr<ServiceCertificate> service_certificate_;
+
  // Used for certificate based licensing
  CdmKeyMessage key_request_;