widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2812c3d2acd8cfb5b5ac9fd64e4a588c0984a04e
android/libwvdrmengine/cdm/core/include/service_certificate.h
Rahul Frias 2812c3d2ac Support Keybox, DRM Cert, and OEM Cert for Client ID 
[ Merge of http://go/wvgerrit/22900 ]

Add GetClientToken(), GetProvisioningToken(), GetPreProvisionTokenType()
to CryptoSession.  They return the correct token bytes and token type
for preparing the ClientIdentification message for provisioning and
license server transactions.

Also refactor service certificate handling.

OEM certs are introduced in Provisioning 3.0

b/30811184

* Address build breaks

[ Merge of http://go/wvgerrit/23162 ]

This addresses issues introduced by http://go/wvgerrit/22900

b/30811184

* When http://go/wvgerrit/18012 was merged (ag/1446934) some changes
were not merged for mapErrors-inl.h. These changes are included in this CL.

* When ag/1678104 was reverse merged to http//go/wvgerrit/21981/ a variable
was renamed and some comments were added to add clarity in cdm_engine.cpp.
These changes are included in this CL.

Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.

Change-Id: Ie0215509f2f985f2a610f5a4c865db47edec8662
2017-01-20 16:42:21 -08:00

82 lines
2.6 KiB
C++
Raw Blame History

// Copyright 2017 Google Inc. All Rights Reserved.
//
#ifndef WVCDM_CORE_SERVICE_CERTIFICATE_H_
#define WVCDM_CORE_SERVICE_CERTIFICATE_H_
// Service Certificates are used to encrypt the ClientIdentification message
// that is part of Device Provisioning, License, Renewal, and Release requests.
// They may be supplied by the application, or a default certificate may be
// configured into the CDM, or the CDM may send a Service Certificate Request
// to the target server to get one. Separate certificates are maintained for
// the License and Provisioning Servers (the default service certificates
// are currently identical for both servers). Once the Service Certificates are
// established for the session, they should not change.
#include "license_protocol.pb.h"
#include "wv_cdm_types.h"
namespace video_widevine {
class SignedMessage;
class LicenseRequest;
} // namespace video_widevine
namespace wvcdm {
class CryptoSession;
class ServiceCertificate {
public:
ServiceCertificate();
virtual ~ServiceCertificate();
virtual bool Init(const CdmSessionId& session_id, CryptoSession* session);
virtual bool IsRequired();
virtual bool IsAvailable();
virtual bool PrepareServiceCertificateRequest(CdmKeyMessage* signed_request);
virtual CdmResponseType VerifyAndSet(
const std::string& signed_service_certificate);
virtual CdmResponseType EncryptClientId(
const video_widevine::ClientIdentification* clear_client_id,
video_widevine::EncryptedClientIdentification* encrypted_client_id);
static CdmResponseType VerifySignedServiceCertificate(
const std::string& signed_certificate) {
bool has_provider_id;
return VerifyAndExtractFromSignedCertificate(signed_certificate, NULL,
&has_provider_id, NULL);
}
private:
// Take a signed certificate, parse it, and verify it.
// If a pointer to a string object is passed in, the certificate
// will be copied to it.
static CdmResponseType VerifyAndExtractFromSignedCertificate(
const std::string& signed_service_certificate,
std::string* service_certificate, bool* has_provider_id,
std::string* provider_id);
virtual bool SetupServiceCertificate();
CryptoSession* crypto_session_;
CdmSessionId session_id_;
bool privacy_mode_enabled_;
bool valid_;
bool initialized_;
// Certificate, verified and extracted from signed message.
std::string certificate_;
// Provider ID, extracted from certificate message.
bool has_provider_id_;
std::string provider_id_;
CORE_DISALLOW_COPY_AND_ASSIGN(ServiceCertificate);
};
} // namespace wvcdm
#endif // WVCDM_CORE_SERVICE_CERTIFICATE_H_
Reference in New Issue View Git Blame Copy Permalink