Merge "First-stage Provisioning 4.0 client ID encryption" into tm-dev am: 7d78ce9ac8 am: 9063559c43

Original change: https://googleplex-android-review.googlesource.com/c/platform/vendor/widevine/+/17949160 Change-Id: I044eff2022cbb905409f5f0ca1d49b4dcf549ac5 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-29 19:12:11 +00:00
parent d780c8bc6b 9063559c43
commit 3d4df9b5d4
4 changed files with 34 additions and 23 deletions
--- a/libwvdrmengine/cdm/core/include/certificate_provisioning.h
+++ b/libwvdrmengine/cdm/core/include/certificate_provisioning.h
@@ -86,7 +86,8 @@ class CertificateProvisioning {
      std::string* default_url);
  CdmResponseType FillEncryptedClientId(
      const std::string& client_token,
-      video_widevine::ProvisioningRequest& provisioning_request);
+      video_widevine::ProvisioningRequest& provisioning_request,
+      const ServiceCertificate& service_certificate);
  CdmResponseType HandleProvisioning40Response(
      wvutil::FileSystem* file_system, const std::string& response_message);

--- a/libwvdrmengine/cdm/core/include/service_certificate.h
+++ b/libwvdrmengine/cdm/core/include/service_certificate.h
@@ -38,8 +38,8 @@ class ServiceCertificate {
  const std::string& provider_id() const { return provider_id_; }

  // Verify the signature for a message.
-  virtual CdmResponseType VerifySignedMessage(const std::string& message,
-                                              const std::string& signature);
+  virtual CdmResponseType VerifySignedMessage(
+      const std::string& message, const std::string& signature) const;

  // Encrypt the ClientIdentification message for a provisioning or
  // licensing request.  Encryption is performed using the current
@@ -50,7 +50,7 @@ class ServiceCertificate {
  virtual CdmResponseType EncryptClientId(
      CryptoSession* crypto_session,
      const video_widevine::ClientIdentification* clear_client_id,
-      video_widevine::EncryptedClientIdentification* encrypted_client_id);
+      video_widevine::EncryptedClientIdentification* encrypted_client_id) const;

  // Helper methods
  static bool GetRequest(CdmKeyMessage* request);
@@ -63,7 +63,7 @@ class ServiceCertificate {
  // string to contain the decrypted data on return, and may not be null.
  // returns NO_ERROR if successful or an appropriate error code otherwise.
  virtual CdmResponseType EncryptRsaOaep(const std::string& plaintext,
-                                         std::string* ciphertext);
+                                         std::string* ciphertext) const;

  // Track whether object holds valid certificate
  bool has_certificate_;