e3ed6194fe
This merges the following changes from the Widevine CDM repository: bef58bc Add new error codes Adds new error codes to OEMCryptoCENC.h and rearranges it to more closely match the documentation. 5fcfbca Handle OEMCrypto_ERROR_INSUFFICIENT_RESOURCES on Decrypt Changes the CDM to support the new errors from the previous change. d59c09d Report Insufficient Crypto Resources Changes the DrmEngine to support the new errors from the previous change. 1085a21 Respond to Too Many Keys or Sessions Errors Allows errors around having too many keys or sessions to result in a unique error in the CDM. Bug: 9695816 Change-Id: I826bc655109fa57e4f75de7158d7f392053666b1
106 lines
3.4 KiB
C++
106 lines
3.4 KiB
C++
// Copyright 2012 Google Inc. All Rights Reserved.
|
|
//
|
|
// OEMCrypto Client - wrapper class for C-style OEMCrypto interface
|
|
//
|
|
#ifndef CDM_BASE_CRYPTO_SESSSION_H_
|
|
#define CDM_BASE_CRYPTO_SESSSION_H_
|
|
|
|
#include <string>
|
|
#include <map>
|
|
|
|
#include "lock.h"
|
|
#include "OEMCryptoCENC.h"
|
|
#include "wv_cdm_types.h"
|
|
|
|
namespace wvcdm {
|
|
|
|
class CryptoKey;
|
|
typedef std::map<CryptoKeyId, CryptoKey*> CryptoKeyMap;
|
|
|
|
class CryptoSession {
|
|
public:
|
|
CryptoSession();
|
|
~CryptoSession();
|
|
|
|
typedef enum {
|
|
kSecurityLevelUninitialized,
|
|
kSecurityLevelL1,
|
|
kSecurityLevelL2,
|
|
kSecurityLevelL3,
|
|
kSecurityLevelUnknown
|
|
} SecurityLevel;
|
|
|
|
bool ValidateKeybox();
|
|
bool GetToken(std::string* token);
|
|
SecurityLevel GetSecurityLevel();
|
|
bool GetDeviceUniqueId(std::string* device_id);
|
|
bool GetSystemId(uint32_t* system_id);
|
|
bool GetProvisioningId(std::string* provisioning_id);
|
|
|
|
CdmResponseType Open();
|
|
void Close();
|
|
|
|
bool IsOpen() { return open_; }
|
|
CryptoSessionId oec_session_id() { return oec_session_id_; }
|
|
|
|
// Key request/response
|
|
void GenerateRequestId(std::string& req_id_str);
|
|
bool PrepareRequest(const std::string& key_deriv_message,
|
|
bool is_provisioning, std::string* signature);
|
|
bool PrepareRenewalRequest(const std::string& message,
|
|
std::string* signature);
|
|
CdmResponseType LoadKeys(const std::string& message,
|
|
const std::string& signature,
|
|
const std::string& mac_key_iv,
|
|
const std::string& mac_key,
|
|
int num_keys, const CryptoKey* key_array);
|
|
bool LoadCertificatePrivateKey(std::string& wrapped_key);
|
|
bool RefreshKeys(const std::string& message, const std::string& signature,
|
|
int num_keys, const CryptoKey* key_array);
|
|
bool GenerateNonce(uint32_t* nonce);
|
|
bool GenerateDerivedKeys(const std::string& message);
|
|
bool GenerateDerivedKeys(const std::string& message,
|
|
const std::string& session_key);
|
|
bool RewrapDeviceRSAKey(const std::string& message,
|
|
const std::string& signature,
|
|
const std::string& nonce,
|
|
const std::string& enc_rsa_key,
|
|
const std::string& rsa_key_iv,
|
|
std::string* wrapped_rsa_key);
|
|
|
|
// Media data path
|
|
bool SelectKey(const std::string& key_id);
|
|
CdmResponseType Decrypt(const CdmDecryptionParameters& parameters);
|
|
|
|
bool GetRandom(uint8_t* random_data, size_t data_length);
|
|
|
|
private:
|
|
void Init();
|
|
void Terminate();
|
|
void GenerateMacContext(const std::string& input_context,
|
|
std::string* deriv_context);
|
|
void GenerateEncryptContext(const std::string& input_context,
|
|
std::string* deriv_context);
|
|
bool GenerateSignature(const std::string& message, bool use_rsa,
|
|
std::string* signature);
|
|
size_t GetOffset(std::string message, std::string field);
|
|
bool SetDestinationBufferType();
|
|
|
|
static const size_t kSignatureSize = 32; // size for HMAC-SHA256 signature
|
|
static Lock crypto_lock_;
|
|
static bool initialized_;
|
|
static int session_count_;
|
|
|
|
bool open_;
|
|
CryptoSessionId oec_session_id_;
|
|
|
|
OEMCryptoBufferType destination_buffer_type_;
|
|
bool is_destination_buffer_type_valid_;
|
|
|
|
CORE_DISALLOW_COPY_AND_ASSIGN(CryptoSession);
|
|
};
|
|
|
|
}; // namespace wvcdm
|
|
|
|
#endif // CDM_BASE_CRYPTO_SESSSION_H_
|