First-stage Provisioning 4.0 client ID encryption

(This is a merge of http://go/wvgerrit/150131 to the Android repo.) This patch changes the code path in the CDM so that the first-stage provisioning request for Provisioning 4.0 is always encrypted with the Widevine service certificate instead of the client-set service certificate, reflecting that the first-stage provisioning is always handled by Widevine. This patch also makes several methods on the ServiceCertificate class const. This has no impact on their behavior. Bug: 221443151 Test: prov40 tests Change-Id: Ide4c3927afadcd45ae7fb629b99e2f55cc29d56e
2022-04-20 14:10:20 -07:00
parent 47ebc28f6a
commit c823a85e7d
4 changed files with 34 additions and 23 deletions
--- a/libwvdrmengine/cdm/core/include/certificate_provisioning.h
+++ b/libwvdrmengine/cdm/core/include/certificate_provisioning.h
@@ -86,7 +86,8 @@ class CertificateProvisioning {
      std::string* default_url);
  CdmResponseType FillEncryptedClientId(
      const std::string& client_token,
-      video_widevine::ProvisioningRequest& provisioning_request);
+      video_widevine::ProvisioningRequest& provisioning_request,
+      const ServiceCertificate& service_certificate);
  CdmResponseType HandleProvisioning40Response(
      wvutil::FileSystem* file_system, const std::string& response_message);