widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge latest oemcrypto-v17 change

Browse Source 
No-Typo-Check: Not related to this change.

Bug: 161477208
Change-Id: I99e4780f6855b7045aa0cd5a49c13d2d0d51ed64
This commit is contained in:
Kyle Zhang
2022-01-21 05:58:12 +00:00
committed by Fred Gylys-Colwell
parent c924960962
commit 642965c678
176 changed files with 301013 additions and 296749 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
libwvdrmengine/cdm/core/include/cdm_engine.h
View File

@@ -96,14 +96,14 @@ class CdmEngine {
// (c) accept a release response and release an offline license or secure
// stop.
// (d) accept a service certificate and cache that information for the
// the lifetime of the session.
// lifetime of the session.
//
// |session_id| identifies the session that generated the request and can
// process the response. Should be empty if a release response.
// |key_data| is the license, renewal, release response or service
// certificate response.
// |license_type| must not be null. If the result is KEY_ADDED, this out
// parameter indicates the type of license containd in
// parameter indicates the type of license contained in
// key_data. For any other return code, no value is provided.
// |key_set_id| should be non-null and specified if license release.
// If offline license or streaming license associated with
@@ -197,6 +197,12 @@ class CdmEngine {
// (origin-specific) file system.
virtual bool IsProvisioned(CdmSecurityLevel security_level);
// Retrieves the current provisioning status based on whether a DRM
// certificate or an OEM certificate (in provisioning 4) exists the current
// (origin-specific) file system.
virtual CdmProvisioningStatus GetProvisioningStatus(
CdmSecurityLevel security_level);
// Remove device DRM certificate from the current (origin-specific) file
// system. This will force the device to reprovision itself.
virtual CdmResponseType Unprovision(CdmSecurityLevel security_level);
@@ -379,7 +385,7 @@ class CdmEngine {
protected:
friend class CdmEngineFactory;
CdmEngine(FileSystem* file_system,
CdmEngine(wvutil::FileSystem* file_system,
std::shared_ptr<metrics::EngineMetrics> metrics);
private:
@@ -423,8 +429,8 @@ class CdmEngine {
CdmSessionMap session_map_;
CdmReleaseKeySetMap release_key_sets_;
std::unique_ptr<CertificateProvisioning> cert_provisioning_;
FileSystem* file_system_;
Clock clock_;
wvutil::FileSystem* file_system_;
wvutil::Clock clock_;
std::string spoid_;
uint32_t user_id_;

2
libwvdrmengine/cdm/core/include/cdm_engine_factory.h
View File

@@ -17,7 +17,7 @@ class CdmEngineFactory {
public:
// Creates a new instance of a CdmEngine. Caller retains ownership of the
// |files_system| which cannot be null.
static CdmEngine* CreateCdmEngine(FileSystem* file_system);
static CdmEngine* CreateCdmEngine(wvutil::FileSystem* file_system);
private:
CORE_DISALLOW_COPY_AND_ASSIGN(CdmEngineFactory);

4
libwvdrmengine/cdm/core/include/cdm_engine_metrics_decorator.h
View File

@@ -47,7 +47,7 @@ class CdmEngineMetricsImpl : public T {
// |file_system| and |metrics| must not be null.
// |metrics| is used within the base class constructor. So, it must be
// passed in as a dependency and provided to the base constructor.
CdmEngineMetricsImpl(FileSystem* file_system,
CdmEngineMetricsImpl(wvutil::FileSystem* file_system,
std::shared_ptr<metrics::EngineMetrics> metrics)
: T(file_system, metrics), metrics_(metrics) {
metrics_->cdm_engine_creation_time_millis_.Record(clock_.GetCurrentTime());
@@ -270,7 +270,7 @@ class CdmEngineMetricsImpl : public T {
private:
std::shared_ptr<metrics::EngineMetrics> metrics_;
Clock clock_;
wvutil::Clock clock_;
};
} // namespace wvcdm

10
libwvdrmengine/cdm/core/include/cdm_session.h
View File

@@ -33,9 +33,9 @@ class CdmSession {
public:
// Creates a new instance of the CdmSession with the given |file_system|
// and |metrics| parameters. Both parameters are owned by the caller and
// must remain in scope througout the scope of the new instance. |metrics|
// must remain in scope throughout the scope of the new instance. |metrics|
// must not be null.
CdmSession(FileSystem* file_system,
CdmSession(wvutil::FileSystem* file_system,
std::shared_ptr<metrics::SessionMetrics> metrics);
virtual ~CdmSession();
@@ -49,7 +49,7 @@ class CdmSession {
// cached at the time Init() is called.
virtual CdmResponseType Init(CdmClientPropertySet* cdm_client_property_set);
// Initializes this instance of CdmSession with the given parmeters.
// Initializes this instance of CdmSession with the given parameters.
// All parameters are owned by the caller.
//
// |cdm_client_property_set| is caller owned, may be null, but must be in
@@ -226,7 +226,7 @@ class CdmSession {
// Both these methods will attempt to load wrapped key material and
// cache values in |drm_certificate_| and |wrapped_private_key_|
// if successful.
// This methods will load the key from persistent storage.
// This method will load the key from persistent storage.
CdmResponseType LoadPrivateKey();
// This method will load the specified key if valid or otherwise load
// the information from the legacy certificate.
@@ -273,7 +273,7 @@ class CdmSession {
bool initialized_;
bool closed_; // Session closed, but final shared_ptr has not been released.
CdmSessionId session_id_;
FileSystem* file_system_;
wvutil::FileSystem* file_system_;
std::unique_ptr<CdmLicense> license_parser_;
std::unique_ptr<CryptoSession> crypto_session_;
std::unique_ptr<PolicyEngine> policy_engine_;

40
libwvdrmengine/cdm/core/include/certificate_provisioning.h
View File

@@ -16,11 +16,14 @@
#include "service_certificate.h"
#include "wv_cdm_types.h"
namespace wvutil {
class FileSystem;
}
namespace wvcdm {
class CdmClientPropertySet;
class CdmSession;
class FileSystem;
class ServiceCertificate;
class CertificateProvisioning {
@@ -35,17 +38,15 @@ class CertificateProvisioning {
// Construct a valid provisioning request.
// The request will be sent to the provisioning server.
CdmResponseType GetProvisioningRequest(SecurityLevel requested_security_level,
CdmCertificateType cert_type,
const std::string& cert_authority,
const std::string& origin,
const std::string& spoid,
CdmProvisioningRequest* request,
std::string* default_url);
CdmResponseType GetProvisioningRequest(
wvutil::FileSystem* file_system, SecurityLevel requested_security_level,
CdmCertificateType cert_type, const std::string& cert_authority,
const std::string& origin, const std::string& spoid,
CdmProvisioningRequest* request, std::string* default_url);
// Process the provisioning response.
CdmResponseType HandleProvisioningResponse(
FileSystem* file_system, const CdmProvisioningResponse& response,
wvutil::FileSystem* file_system, const CdmProvisioningResponse& response,
std::string* cert, std::string* wrapped_key);
bool supports_core_messages() const { return supports_core_messages_; }
@@ -74,10 +75,17 @@ class CertificateProvisioning {
private:
CdmResponseType GetProvisioningRequestInternal(
SecurityLevel requested_security_level, CdmCertificateType cert_type,
const std::string& cert_authority, const std::string& origin,
const std::string& spoid, CdmProvisioningRequest* request,
std::string* default_url);
wvutil::FileSystem* file_system, SecurityLevel requested_security_level,
CdmCertificateType cert_type, const std::string& cert_authority,
const std::string& origin, const std::string& spoid,
CdmProvisioningRequest* request, std::string* default_url);
CdmResponseType GetProvisioning40RequestInternal(
wvutil::FileSystem* file_system, CdmProvisioningRequest* request);
CdmResponseType FillEncryptedClientId(
const std::string& client_token,
video_widevine::ProvisioningRequest& provisioning_request);
CdmResponseType HandleProvisioning40Response(
wvutil::FileSystem* file_system, const std::string& response_message);
CdmResponseType SetSpoidParameter(
const std::string& origin, const std::string& spoid,
@@ -98,6 +106,12 @@ class CertificateProvisioning {
std::unique_ptr<CryptoSession> crypto_session_;
CdmCertificateType cert_type_;
std::unique_ptr<ServiceCertificate> service_certificate_;
// The wrapped private key in provisioning 4 generated by calling
// GenerateCertificateKeyPair. It will be saved to file system if a valid
// response is received.
std::string provisioning_40_wrapped_private_key_;
// Key type of the generated key pair in provisioning 4.
CryptoWrappedKey::Type provisioning_40_key_type_;
// Indicates whether OEMCrypto supports core messages, and whether the
// CDM should expect a core message in the response. This is primarily

8
libwvdrmengine/cdm/core/include/client_identification.h
View File

@@ -21,8 +21,12 @@ class ClientIdentification {
ClientIdentification() {}
virtual ~ClientIdentification() {}
// Call this method when used with provisioning requests
CdmResponseType InitForProvisioning(CryptoSession* crypto_session);
// Call this method when used with provisioning requests. |client_token| may
// be empty and the token will be retrieved from OEMCrypto. In case of the
// second stage of provisioning 4, an OEM cert must be provided via
// |client_token|. |crypto_session| must not be nullptr.
CdmResponseType InitForProvisioningRequest(const std::string& client_token,
CryptoSession* crypto_session);
// Use in conjunction with license requests
// |client_token| must be provided

21
libwvdrmengine/cdm/core/include/crypto_session.h
View File

@@ -82,7 +82,8 @@ class CryptoSession {
static void DisableDelayedTermination();
virtual CdmResponseType GetProvisioningToken(std::string* client_token);
virtual CdmResponseType GetProvisioningToken(std::string* token,
std::string* additional_token);
virtual CdmClientTokenType GetPreProvisionTokenType() {
return pre_provision_token_type_;
}
@@ -130,6 +131,7 @@ class CryptoSession {
virtual CdmResponseType PrepareAndSignLicenseRequest(
const std::string& message, std::string* core_message,
std::string* signature);
virtual CdmResponseType UseSecondaryKey(bool dual_key);
// V15 licenses.
virtual CdmResponseType LoadKeys(const std::string& message,
const std::string& signature,
@@ -175,6 +177,13 @@ class CryptoSession {
std::string* wrapped_private_key);
virtual CdmResponseType LoadCertificatePrivateKey(
const CryptoWrappedKey& private_key);
virtual CdmResponseType GetBootCertificateChain(
std::string* bcc, std::string* additional_signature);
virtual CdmResponseType GenerateCertificateKeyPair(
std::string* public_key, std::string* public_key_signature,
std::string* wrapped_private_key, CryptoWrappedKey::Type* key_type);
virtual CdmResponseType LoadOemCertificatePrivateKey(
const CryptoWrappedKey& private_key);
// Media data path
virtual CdmResponseType Decrypt(const CdmDecryptionParametersV16& params);
@@ -200,8 +209,6 @@ class CryptoSession {
size_t* max);
virtual CdmResponseType GetSrmVersion(uint16_t* srm_version);
virtual bool IsSrmUpdateSupported();
virtual CdmResponseType LoadSrm(const std::string& srm);
virtual bool GetBuildInformation(SecurityLevel security_level,
std::string* info);
@@ -343,7 +350,7 @@ class CryptoSession {
// The global factory method can be set to generate special crypto sessions
// just for testing. These sessions will avoid nonce floods and will ask
// OEMCrypto to use a test keybox.
// Ownership of the object is transfered to CryptoSession.
// Ownership of the object is transferred to CryptoSession.
static void SetCryptoSessionFactory(CryptoSessionFactory* factory) {
std::unique_lock<std::mutex> auto_lock(factory_mutex_);
factory_.reset(factory);
@@ -461,8 +468,8 @@ class CryptoSession {
// The locking methods above should be used in preference to taking these
// mutexes directly. If code takes these manually and needs to take more
// than one, it must *always* take them in the order they are defined here.
static shared_mutex static_field_mutex_;
static shared_mutex oem_crypto_mutex_;
static wvutil::shared_mutex static_field_mutex_;
static wvutil::shared_mutex oem_crypto_mutex_;
std::mutex oem_crypto_session_mutex_;
// Usage table mutex used only when performing write operations on
// the static usage table pointers.
@@ -520,7 +527,7 @@ class CryptoSession {
// In order to avoid creating a deadlock if instantiation needs to take any
// of the CryptoSession static mutexes, |factory_| is protected by its own
// mutex that is only used in the two funtions that interact with it.
// mutex that is only used in the two functions that interact with it.
static std::mutex factory_mutex_;
static std::unique_ptr<CryptoSessionFactory> factory_;

22
libwvdrmengine/cdm/core/include/device_files.h
View File

@@ -20,9 +20,11 @@
# include <gtest/gtest_prod.h>
#endif
namespace wvcdm {
namespace wvutil {
class FileSystem;
}
namespace wvcdm {
class DeviceFiles {
public:
@@ -111,7 +113,7 @@ class DeviceFiles {
CryptoWrappedKey wrapped_private_key;
};
DeviceFiles(FileSystem*);
DeviceFiles(wvutil::FileSystem*);
virtual ~DeviceFiles();
virtual bool Init(CdmSecurityLevel security_level);
@@ -128,6 +130,7 @@ class DeviceFiles {
CryptoWrappedKey* private_key,
std::string* serial_number,
uint32_t* system_id);
// Returns true if a DRM certificate is available.
virtual bool HasCertificate(bool atsc_mode_enabled);
// Retrieves the legacy DRM certificate without performing expiry
// related validation. Use this only when restoring/releasing
@@ -138,6 +141,13 @@ class DeviceFiles {
uint32_t* system_id);
virtual bool RemoveCertificate();
virtual bool StoreOemCertificate(const std::string& certificate,
const CryptoWrappedKey& private_key);
virtual DeviceFiles::CertificateState RetrieveOemCertificate(
std::string* certificate, CryptoWrappedKey* wrapped_private_key);
virtual bool HasOemCertificate();
virtual bool RemoveOemCertificate();
virtual bool StoreLicense(const CdmLicenseData& license_data,
ResponseType* result);
@@ -288,7 +298,7 @@ class DeviceFiles {
bool HasCertificate(CertificateType certificate_type);
// Helpers that wrap the File interface and automatically handle hashing, as
// well as adding the device files base path to to the file name.
// well as adding the device files base path to the file name.
ResponseType StoreFileWithHash(const std::string& name,
const std::string& serialized_file);
ResponseType StoreFileRaw(const std::string& name,
@@ -302,6 +312,8 @@ class DeviceFiles {
static bool GetCertificateFileName(CertificateType certificate_type,
std::string* certificate_file_name);
static bool GetOemCertificateFileName(std::string* certificate_file_name);
static std::string GetHlsAttributesFileNameExtension();
static std::string GetLicenseFileNameExtension();
static std::string GetUsageTableFileName();
@@ -358,7 +370,7 @@ class DeviceFiles {
static std::set<std::string> reserved_license_ids_;
FileSystem* file_system_;
wvutil::FileSystem* file_system_;
CdmSecurityLevel security_level_;
bool initialized_;

6
libwvdrmengine/cdm/core/include/entitlement_key_session.h
View File

@@ -19,7 +19,7 @@ class EntitlementKeySession : public ContentKeySession {
public:
EntitlementKeySession(CryptoSessionId oec_session_id,
metrics::CryptoMetrics* metrics);
~EntitlementKeySession() override {}
~EntitlementKeySession() override;
KeySessionType Type() override { return kEntitlement; }
@@ -35,6 +35,9 @@ class EntitlementKeySession : public ContentKeySession {
const std::vector<CryptoKey>& keys) override;
OEMCryptoResult SelectKey(const std::string& key_id,
CdmCipherMode cipher_mode) override;
OEMCryptoResult Decrypt(
const OEMCrypto_SampleDescription* samples, size_t samples_length,
const OEMCrypto_CENCEncryptPatternDesc& pattern) override;
private:
// The message is populated with the fields of the provided CryptoKey and the
@@ -47,6 +50,7 @@ class EntitlementKeySession : public ContentKeySession {
std::map<KeyId, CryptoKey> entitled_keys_;
// Find the current entitled content key id for the given entitlement key id.
std::map<KeyId, KeyId> current_loaded_content_keys_;
EntitledKeySessionId key_session_id_;
};
} // namespace wvcdm

13
libwvdrmengine/cdm/core/include/license.h
View File

@@ -20,8 +20,11 @@ class LicenseRequest;
class VersionInfo;
} // namespace video_widevine
namespace wvcdm {
namespace wvutil {
class Clock;
}
namespace wvcdm {
class CryptoSession;
class PolicyEngine;
class CdmSession;
@@ -156,16 +159,16 @@ class CdmLicense {
// Used for certificate based licensing
CdmKeyMessage key_request_;
std::unique_ptr<Clock> clock_;
std::unique_ptr<wvutil::Clock> clock_;
// For testing
// CdmLicense takes ownership of the clock.
CdmLicense(const CdmSessionId& session_id, Clock* clock);
CdmLicense(const CdmSessionId& session_id, wvutil::Clock* clock);
// For entitlement key licensing. This holds the keys from the init_data.
// These keys are extracted from the pssh when we generate a license request.
// These keys are extracted from the PSSH when we generate a license request.
// It is used to load content keys after we have received a license and
// entitelement keys. It is also used in updating the key status info.
// entitlement keys. It is also used in updating the key status info.
std::vector<WidevinePsshData_EntitledKey> wrapped_keys_;
CdmLicenseKeyType license_key_type_;

2
libwvdrmengine/cdm/core/include/license_key_status.h
View File

@@ -59,7 +59,7 @@ class LicenseKeys {
virtual bool MeetsSecurityLevelConstraints(const KeyId& key_id);
// Applies a resolution and/or hdcp change to each key, updating their
// useability under their constraints.
// usability under their constraints.
virtual void ApplyConstraints(uint32_t new_resolution,
CryptoSession::HdcpCapability new_hdcp_level);

10
libwvdrmengine/cdm/core/include/oemcrypto_adapter.h
View File

@@ -11,7 +11,8 @@
namespace wvcdm {
// Initialize OEMCrypto, then check the keybox and see if it is valid. If not,
// and OTA provisioning is supported, set needs_keybox_provisioning to true.
// If the keybox is not valid, and
// If the keybox is not valid and OTA provisioning is not supported, set
// needs_keybox_provisioning to false and use L3 only.
OEMCryptoResult OEMCrypto_InitializeAndCheckKeybox(
bool* needs_keybox_provisioning);
@@ -36,7 +37,7 @@ OEMCryptoResult OEMCrypto_GetKeyData(uint8_t* keyData, size_t* keyDataLength,
SecurityLevel level);
uint32_t OEMCrypto_APIVersion(SecurityLevel level);
uint32_t OEMCrypto_MinorAPIVersion(SecurityLevel level);
const char* OEMCrypto_SecurityLevel(SecurityLevel level);
OEMCrypto_Security_Level OEMCrypto_SecurityLevel(SecurityLevel level);
OEMCryptoResult OEMCrypto_GetHDCPCapability(SecurityLevel level,
OEMCrypto_HDCP_Capability* current,
OEMCrypto_HDCP_Capability* maximum);
@@ -61,7 +62,8 @@ OEMCryptoResult OEMCrypto_ShrinkUsageTableHeader(SecurityLevel level,
uint8_t* header_buffer,
size_t* header_buffer_length);
uint32_t OEMCrypto_GetAnalogOutputFlags(SecurityLevel level);
const char* OEMCrypto_BuildInformation(SecurityLevel level);
OEMCryptoResult OEMCrypto_BuildInformation(char* buffer, size_t* buffer_length,
SecurityLevel level);
uint32_t OEMCrypto_ResourceRatingTier(SecurityLevel level);
uint32_t OEMCrypto_SupportsDecryptHash(SecurityLevel level);
size_t OEMCrypto_MaximumUsageTableHeaderSize(SecurityLevel level);
@@ -107,7 +109,7 @@ typedef struct {
const uint8_t* key_control;
} OEMCrypto_KeyObject_V14;
// Backwards compitiblity between v14 and v13.
// Backwards compatibility between v14 and v13.
OEMCryptoResult OEMCrypto_LoadKeys_Back_Compat(
OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
const uint8_t* signature, size_t signature_length,

14
libwvdrmengine/cdm/core/include/okp_fallback_policy.h
View File

@@ -10,11 +10,11 @@
#include "clock.h"
#include "disallow_copy_and_assign.h"
#include "file_store.h"
#include "okp_info.h"
namespace wvcdm {
class DeviceFiles;
class FileSystem;
// OTA Keybox Provisioning (OKP)
namespace okp {
static constexpr int64_t kSecondsPerHour = 60 * 60;
@@ -57,9 +57,9 @@ class SystemFallbackPolicy {
// Fake/mock clock to be used instead of the CDM's default
// Clock.
static std::unique_ptr<SystemFallbackPolicy> CreateForTesting(
Clock* clock = nullptr);
wvutil::Clock* clock = nullptr);
static std::unique_ptr<SystemFallbackPolicy> CreateForTesting(
const SystemFallbackInfo& info, Clock* clock = nullptr);
const SystemFallbackInfo& info, wvutil::Clock* clock = nullptr);
// == System Info ==
const SystemFallbackInfo& info() const { return info_; }
@@ -90,7 +90,7 @@ class SystemFallbackPolicy {
int64_t GetSecondsSinceBackoffStart() const;
void EndBackoffPeriod();
void SetClockForTesting(Clock* clock) {
void SetClockForTesting(wvutil::Clock* clock) {
clock_ref_ = (clock == nullptr) ? &clock_ : clock;
}
int64_t GetCurrentTime() const { return clock_ref_->GetCurrentTime(); }
@@ -106,11 +106,11 @@ class SystemFallbackPolicy {
// Handle for the DeviceFiles instance used to store the OKP
// information.
// Not set for test instances.
std::unique_ptr<FileSystem> fs_;
std::unique_ptr<wvutil::FileSystem> fs_;
std::unique_ptr<DeviceFiles> device_files_;
Clock clock_; // System clock
Clock* clock_ref_ = nullptr; // Pointer to clock to be used.
wvutil::Clock clock_; // System clock
wvutil::Clock* clock_ref_ = nullptr; // Pointer to clock to be used.
// All public methods must lock to protect from simultaneous
// engine access.

9
libwvdrmengine/cdm/core/include/policy_engine.h
View File

@@ -15,12 +15,15 @@
#include "license_protocol.pb.h"
#include "wv_cdm_types.h"
namespace wvutil {
class Clock;
}
namespace wvcdm {
using video_widevine::LicenseIdentification;
using video_widevine::WidevinePsshData_EntitledKey;
class Clock;
class CryptoSession;
class PolicyTimers;
class WvCdmEventListener;
@@ -162,7 +165,7 @@ class PolicyEngine {
// Test only methods
// set_clock alters ownership of the passed-in pointer.
void set_clock(Clock* clock);
void set_clock(wvutil::Clock* clock);
void SetSecurityLevelForTest(CdmSecurityLevel security_level);
@@ -195,7 +198,7 @@ class PolicyEngine {
CryptoSession* crypto_session_;
std::unique_ptr<PolicyTimers> policy_timers_;
std::unique_ptr<Clock> clock_;
std::unique_ptr<wvutil::Clock> clock_;
CORE_DISALLOW_COPY_AND_ASSIGN(PolicyEngine);
};

12
libwvdrmengine/cdm/core/include/usage_table_header.h
View File

@@ -41,7 +41,7 @@ namespace wvcdm {
// initialized/terminated.
//
// Sessions and licenses are however handled by CdmSession and so most
// calls to maniplate the usage table header related to usage entries
// calls to manipulate the usage table header related to usage entries
// are by CdmSession.
//
// Upgrades from a fixed size usage table (supported by previous
@@ -113,7 +113,7 @@ class UsageTableHeader {
}
// Set the reference clock used for the method GetCurrentTime().
void SetClock(Clock* clock) {
void SetClock(wvutil::Clock* clock) {
if (clock != nullptr)
clock_ref_ = clock;
else
@@ -280,7 +280,7 @@ class UsageTableHeader {
// usage_table_header. Usage entries should use the file system provided
// by CdmSession.
std::unique_ptr<DeviceFiles> device_files_;
std::unique_ptr<FileSystem> file_system_;
std::unique_ptr<wvutil::FileSystem> file_system_;
CdmSecurityLevel security_level_ = kSecurityLevelUninitialized;
SecurityLevel requested_security_level_ = kLevelDefault;
@@ -299,11 +299,11 @@ class UsageTableHeader {
// |clock_| represents the system's "wall clock". For the clock's purpose
// we do not need a more secure clock.
Clock clock_;
wvutil::Clock clock_;
// |clock_ref_| is a pointer to the clock which is to be used for
// obtaining the current time. By default, this points to the internal
// |clock_| variable, however, it can be overrided for testing purpose.
Clock* clock_ref_;
// |clock_| variable, however, it can be overridden for testing purpose.
wvutil::Clock* clock_ref_;
// The maximum number of entries that the underlying OEMCrypto
// implementation can support. Some implementations might not

2
libwvdrmengine/cdm/core/include/wv_cdm_constants.h
View File

@@ -135,6 +135,8 @@ static const std::string QUERY_VALUE_DRM_CERTIFICATE = "DrmCertificate";
static const std::string QUERY_VALUE_KEYBOX = "Keybox";
static const std::string QUERY_VALUE_OEM_CERTIFICATE = "OEMCertificate";
static const std::string QUERY_VALUE_CGMS_A = "CGMS-A";
static const std::string QUERY_VALUE_BOOT_CERTIFICATE_CHAIN =
"BootCertificateChain";
static const std::string ISO_BMFF_VIDEO_MIME_TYPE = "video/mp4";
static const std::string ISO_BMFF_AUDIO_MIME_TYPE = "audio/mp4";

26
libwvdrmengine/cdm/core/include/wv_cdm_types.h
View File

@@ -25,6 +25,7 @@ using CdmKeySetId = std::string;
using RequestId = std::string;
using CryptoResult = uint32_t;
using CryptoSessionId = uint32_t;
using EntitledKeySessionId = uint32_t;
using CdmAppParameterMap = std::map<std::string, std::string>;
using CdmQueryMap = std::map<std::string, std::string>;
using CdmUsageInfo = std::vector<std::string>;
@@ -423,6 +424,23 @@ enum CdmResponseType : int32_t {
USAGE_ENTRY_ALREADY_LOADED = 368,
PARSE_OKP_RESPONSE_ERROR = 369,
OKP_ALREADY_PROVISIONED = 370,
// The specific error code values below can be changed when merging master
// branch if there are conflicts.
PROVISIONING_TYPE_IS_NOT_BOOT_CERTIFICATE_CHAIN_ERROR = 371,
GET_BOOT_CERTIFICATE_CHAIN_ERROR = 372,
GENERATE_CERTIFICATE_KEY_PAIR_ERROR = 373,
GENERATE_CERTIFICATE_KEY_PAIR_UNKNOWN_TYPE_ERROR = 374,
LOAD_OEM_CERTIFICATE_PRIVATE_KEY_ERROR = 375,
PROVISIONING_4_CRYPTO_SESSION_NOT_OPEN = 376,
PROVISIONING_4_FILE_SYSTEM_IS_NULL = 377,
PROVISIONING_4_FAILED_TO_INITIALIZE_DEVICE_FILES = 378,
PROVISIONING_4_RESPONSE_FAILED_TO_PARSE_MESSAGE = 379,
PROVISIONING_4_RESPONSE_HAS_ERROR_STATUS = 380,
PROVISIONING_4_RESPONSE_HAS_NO_CERTIFICATE = 381,
PROVISIONING_4_NO_PRIVATE_KEY = 382,
PROVISIONING_4_FAILED_TO_INITIALIZE_DEVICE_FILES_2 = 383,
PROVISIONING_4_FAILED_TO_STORE_OEM_CERTIFICATE = 384,
PROVISIONING_4_FAILED_TO_STORE_DRM_CERTIFICATE = 385,
// Don't forget to add new values to
// * core/test/test_printers.cpp.
// * android/include/mapErrors-inl.h
@@ -503,6 +521,7 @@ enum CdmClientTokenType : int32_t {
kClientTokenDrmCert,
kClientTokenOemCert,
kClientTokenUninitialized,
kClientTokenBootCertChain,
};
// kNonSecureUsageSupport - TEE does not provide any support for usage
@@ -567,6 +586,13 @@ enum CdmKeySecurityLevel : int32_t {
kKeySecurityLevelUnknown,
};
enum CdmProvisioningStatus : int32_t {
kProvisioned,
kUnknownProvisionStatus,
kNeedsDrmCertProvisioning,
kNeedsOemCertProvisioning,
};
class CdmKeyAllowedUsage {
public:
CdmKeyAllowedUsage() { Clear(); }