widevine-partner/ce_cdm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Source release 19.3.0

Browse Source
This commit is contained in:
John W. Bruce
2024-09-05 07:02:36 +00:00
parent cd8256726f
commit 11c108a8da
122 changed files with 2259 additions and 1082 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
core/include/buffer_reader.h
View File

@@ -1,19 +1,17 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_BUFFER_READER_H_
#define WVCDM_CORE_BUFFER_READER_H_
#include <stdint.h>
#include <inttypes.h>
#include <string>
#include <vector>
#include "disallow_copy_and_assign.h"
#include "wv_class_utils.h"
namespace wvcdm {
// Annotate a function indicating the caller must examine the return value.
// Use like:
// int foo() WARN_UNUSED_RESULT;
@@ -26,6 +24,9 @@ namespace wvcdm {
class BufferReader {
public:
BufferReader() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(BufferReader);
BufferReader(const uint8_t* buf, size_t size)
: buf_(buf), size_(buf != nullptr ? size : 0), pos_(0) {}
@@ -64,10 +65,6 @@ class BufferReader {
template <typename T>
bool Read(T* t) WARN_UNUSED_RESULT;
CORE_DISALLOW_COPY_AND_ASSIGN(BufferReader);
};
}; // class BufferReader
} // namespace wvcdm
#endif // WVCDM_CORE_BUFFER_READER_H_

8
core/include/cdm_client_property_set.h
View File

@@ -1,14 +1,12 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_CDM_CLIENT_PROPERTY_SET_H_
#define WVCDM_CORE_CDM_CLIENT_PROPERTY_SET_H_
#include <stdint.h>
#include <inttypes.h>
#include <string>
#include <vector>
namespace wvcdm {
@@ -25,8 +23,6 @@ class CdmClientPropertySet {
virtual void set_session_sharing_id(uint32_t id) = 0;
virtual const std::string& app_id() const = 0;
virtual bool use_atsc_mode() const = 0;
};
}; // class CdmClientPropertySet
} // namespace wvcdm
#endif // WVCDM_CORE_CDM_CLIENT_PROPERTY_SET_H_

12
core/include/cdm_engine.h
View File

@@ -1,7 +1,6 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_CDM_ENGINE_H_
#define WVCDM_CORE_CDM_ENGINE_H_
@@ -14,7 +13,6 @@
#include "certificate_provisioning.h"
#include "clock.h"
#include "crypto_session.h"
#include "disallow_copy_and_assign.h"
#include "file_store.h"
#include "initialization_data.h"
#include "metrics_collections.h"
@@ -22,6 +20,7 @@
#include "service_certificate.h"
#include "wv_cdm_constants.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvcdm {
class CdmClientPropertySet;
@@ -38,6 +37,9 @@ using CdmReleaseKeySetMap =
class CdmEngine {
public:
CdmEngine() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(CdmEngine);
virtual ~CdmEngine();
// Session related methods
@@ -495,10 +497,6 @@ class CdmEngine {
// To prevent race conditions around the engine's OKP state, this mutex
// should be locked before the use of any of the |okp_*| variables.
std::mutex okp_mutex_;
CORE_DISALLOW_COPY_AND_ASSIGN(CdmEngine);
};
}; // class CdmEngine
} // namespace wvcdm
#endif // WVCDM_CORE_CDM_ENGINE_H_

14
core/include/cdm_engine_factory.h
View File

@@ -1,28 +1,24 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_CDM_ENGINE_FACTORY_H_
#define WVCDM_CORE_CDM_ENGINE_FACTORY_H_
#include <string>
#include "cdm_engine.h"
#include "file_store.h"
#include "wv_class_utils.h"
namespace wvcdm {
// This factory is used to create an instance of the CdmEngine.
class CdmEngineFactory {
public:
CdmEngineFactory() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(CdmEngineFactory);
// Creates a new instance of a CdmEngine. Caller retains ownership of the
// |files_system| which cannot be null.
static CdmEngine* CreateCdmEngine(wvutil::FileSystem* file_system);
private:
CORE_DISALLOW_COPY_AND_ASSIGN(CdmEngineFactory);
};
}; // class CdmEngineFactory
} // namespace wvcdm
#endif // WVCDM_CORE_CDM_ENGINE_FACTORY_H_

10
core/include/cdm_engine_metrics_decorator.h
View File

@@ -1,4 +1,3 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
@@ -14,7 +13,6 @@
#include "certificate_provisioning.h"
#include "clock.h"
#include "crypto_session.h"
#include "disallow_copy_and_assign.h"
#include "file_store.h"
#include "initialization_data.h"
#include "log.h"
@@ -24,9 +22,9 @@
#include "service_certificate.h"
#include "wv_cdm_constants.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvcdm {
class CdmClientPropertySet;
class CdmEngineFactory;
class CdmSession;
@@ -43,6 +41,9 @@ class WvCdmEventListener;
template <class T>
class CdmEngineMetricsImpl : public T {
public:
CdmEngineMetricsImpl() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(CdmEngineMetricsImpl);
// This constructor initializes the instance and takes ownership of |metrics|.
// |file_system| and |metrics| must not be null.
// |metrics| is used within the base class constructor. So, it must be
@@ -269,7 +270,6 @@ class CdmEngineMetricsImpl : public T {
private:
std::shared_ptr<metrics::EngineMetrics> metrics_;
wvutil::Clock clock_;
};
}; // class CdmEngineMetricsImpl
} // namespace wvcdm
#endif // WVCDM_CORE_CDM_ENGINE_METRICS_DECORATOR_H_

12
core/include/cdm_session.h
View File

@@ -1,7 +1,6 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_CDM_SESSION_H_
#define WVCDM_CORE_CDM_SESSION_H_
@@ -12,7 +11,6 @@
#include "crypto_session.h"
#include "device_files.h"
#include "disallow_copy_and_assign.h"
#include "file_store.h"
#include "initialization_data.h"
#include "license.h"
@@ -21,6 +19,7 @@
#include "policy_engine.h"
#include "timer_metric.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvcdm {
@@ -32,6 +31,9 @@ class SystemIdExtractor;
class CdmSession {
public:
CdmSession() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(CdmSession);
// Creates a new instance of the CdmSession with the given |file_system|
// and |metrics| parameters. Both parameters are owned by the caller and
// must remain in scope throughout the scope of the new instance. |metrics|
@@ -345,10 +347,6 @@ class CdmSession {
bool mock_crypto_session_in_use_ = false;
bool mock_license_parser_in_use_ = false;
bool mock_policy_engine_in_use_ = false;
CORE_DISALLOW_COPY_AND_ASSIGN(CdmSession);
};
}; // class CdmSession
} // namespace wvcdm
#endif // WVCDM_CORE_CDM_SESSION_H_

11
core/include/cdm_session_map.h
View File

@@ -1,7 +1,6 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_CDM_SESSION_MAP_H_
#define WVCDM_CORE_CDM_SESSION_MAP_H_
@@ -10,8 +9,8 @@
#include <string>
#include "cdm_session.h"
#include "disallow_copy_and_assign.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvcdm {
@@ -23,6 +22,8 @@ using CdmSessionList = std::list<std::shared_ptr<CdmSession> >;
class CdmSessionMap {
public:
CdmSessionMap() {}
WVCDM_DISALLOW_COPY_AND_MOVE(CdmSessionMap);
virtual ~CdmSessionMap();
// Use |Terminate| rather than relying on the destructor to release
@@ -50,10 +51,6 @@ class CdmSessionMap {
std::shared_ptr<CdmSession>* session);
CdmIdToSessionMap sessions_;
CORE_DISALLOW_COPY_AND_ASSIGN(CdmSessionMap);
};
}; // class CdmSessionMap
} // namespace wvcdm
#endif // WVCDM_CORE_CDM_SESSION_MAP_H_

11
core/include/cdm_usage_table.h
View File

@@ -1,7 +1,6 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_CDM_USAGE_TABLE_H_
#define WVCDM_CORE_CDM_USAGE_TABLE_H_
@@ -13,17 +12,16 @@
#include "clock.h"
#include "crypto_session.h"
#include "device_files.h"
#include "disallow_copy_and_assign.h"
#include "file_store.h"
#include "metrics_collections.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
#if defined(UNIT_TEST)
# include <gtest/gtest_prod.h>
#endif
namespace wvcdm {
// Offline licenses/secure stops may be securely tracked using usage
// tables (OEMCrypto v9-12) or usage table headers+usage entries
// (OEMCrypto v13+). This class assists with the latter, synchronizing
@@ -51,6 +49,7 @@ namespace wvcdm {
class CdmUsageTable {
public:
CdmUsageTable();
WVCDM_DISALLOW_COPY_AND_MOVE(CdmUsageTable);
virtual ~CdmUsageTable() {}
// |crypto_session| is used to create or load a usage master table
@@ -362,10 +361,6 @@ class CdmUsageTable {
// Test related data members
std::unique_ptr<CryptoSession> test_crypto_session_;
CORE_DISALLOW_COPY_AND_ASSIGN(CdmUsageTable);
};
}; // class CdmUsageTable
} // namespace wvcdm
#endif // WVCDM_CORE_CDM_USAGE_TABLE_H_

15
core/include/certificate_provisioning.h
View File

@@ -1,7 +1,6 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_CERTIFICATE_PROVISIONING_H_
#define WVCDM_CORE_CERTIFICATE_PROVISIONING_H_
@@ -9,25 +8,27 @@
#include <string>
#include "crypto_session.h"
#include "disallow_copy_and_assign.h"
#include "license_protocol.pb.h"
#include "metrics_collections.h"
#include "oemcrypto_adapter.h"
#include "service_certificate.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvutil {
class FileSystem;
}
} // namespace wvutil
namespace wvcdm {
class CdmClientPropertySet;
class CdmSession;
class ServiceCertificate;
class CertificateProvisioning {
public:
CertificateProvisioning() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(CertificateProvisioning);
CertificateProvisioning(metrics::CryptoMetrics* metrics)
: crypto_session_(CryptoSession::MakeCryptoSession(metrics)),
cert_type_(kCertificateWidevine),
@@ -134,10 +135,6 @@ class CertificateProvisioning {
CryptoWrappedKey::Type provisioning_40_key_type_;
// Store the last provisioning request message
std::string provisioning_request_message_;
CORE_DISALLOW_COPY_AND_ASSIGN(CertificateProvisioning);
};
}; // class CertificateProvisioning
} // namespace wvcdm
#endif // WVCDM_CORE_CERTIFICATE_PROVISIONING_H_

12
core/include/client_identification.h
View File

@@ -1,24 +1,24 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_CLIENT_IDENTIFICATION_H_
#define WVCDM_CORE_CLIENT_IDENTIFICATION_H_
#include <string>
// ClientIdentification fills in the ClientIdentification portion
// of the License or Provisioning request messages.
#include "disallow_copy_and_assign.h"
#include "license_protocol.pb.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvcdm {
class CryptoSession;
// ClientIdentification fills in the ClientIdentification portion
// of the License or Provisioning request messages.
class ClientIdentification {
public:
ClientIdentification() {}
WVCDM_DISALLOW_COPY_AND_MOVE(ClientIdentification);
virtual ~ClientIdentification() {}
// Call this method when used with provisioning requests. |client_token| may
@@ -60,8 +60,6 @@ class ClientIdentification {
std::string client_token_;
std::string device_id_;
CryptoSession* crypto_session_ = nullptr;
CORE_DISALLOW_COPY_AND_ASSIGN(ClientIdentification);
};
}; // class ClientIdentification
} // namespace wvcdm
#endif // WVCDM_CORE_CLIENT_IDENTIFICATION_H_

10
core/include/content_key_session.h
View File

@@ -1,7 +1,6 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_CONTENT_KEY_SESSION_H_
#define WVCDM_CORE_CONTENT_KEY_SESSION_H_
@@ -9,10 +8,15 @@
#include "metrics_collections.h"
#include "timer_metric.h"
#include "wv_class_utils.h"
namespace wvcdm {
class ContentKeySession : public KeySession {
public:
ContentKeySession() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(ContentKeySession);
ContentKeySession(RequestedSecurityLevel security_level,
CryptoSessionId oec_session_id,
metrics::CryptoMetrics* metrics)
@@ -87,8 +91,6 @@ class ContentKeySession : public KeySession {
CdmCipherMode cipher_mode_;
std::vector<uint8_t> key_handle_;
};
}; // class ContentKeySession
} // namespace wvcdm
#endif // WVCDM_CORE_CONTENT_KEY_SESSION_H_

13
core/include/crypto_key.h
View File

@@ -1,18 +1,21 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_CRYPTO_KEY_H_
#define WVCDM_CORE_CRYPTO_KEY_H_
#include <string>
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvcdm {
class CryptoKey {
public:
CryptoKey(){};
~CryptoKey(){};
CryptoKey() = default;
WVCDM_DEFAULT_COPY_AND_MOVE(CryptoKey);
~CryptoKey() {}
const std::string& key_id() const { return key_id_; }
const std::string& key_data() const { return key_data_; }
@@ -50,8 +53,6 @@ class CryptoKey {
std::string track_label_;
std::string entitlement_key_id_;
CdmCipherMode cipher_mode_;
};
}; // class CryptoKey
} // namespace wvcdm
#endif // WVCDM_CORE_CRYPTO_KEY_H_

17
core/include/crypto_session.h
View File

@@ -1,7 +1,6 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_CRYPTO_SESSION_H_
#define WVCDM_CORE_CRYPTO_SESSION_H_
@@ -14,13 +13,13 @@
#include "OEMCryptoCENC.h"
#include "crypto_wrapped_key.h"
#include "disallow_copy_and_assign.h"
#include "key_session.h"
#include "metrics_collections.h"
#include "oemcrypto_adapter.h"
#include "rw_lock.h"
#include "timer_metric.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvcdm {
class CryptoKey;
@@ -71,6 +70,8 @@ class CryptoSession {
static const char* HdcpCapabilityToString(HdcpCapability hdcp_level);
CryptoSession() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(CryptoSession);
virtual ~CryptoSession();
// This method will try to terminate OEMCrypto if |session_size_| is 0.
@@ -584,24 +585,18 @@ class CryptoSession {
// be created for the system if OTA keybox provisioning is both
// required and supported by L1.
static std::unique_ptr<okp::SystemFallbackPolicy> okp_fallback_policy_l1_;
CORE_DISALLOW_COPY_AND_ASSIGN(CryptoSession);
}; // class CryptoSession
class CryptoSessionFactory {
public:
WVCDM_DISALLOW_COPY_AND_MOVE(CryptoSessionFactory);
virtual ~CryptoSessionFactory() {}
virtual CryptoSession* MakeCryptoSession(
metrics::CryptoMetrics* crypto_metrics);
protected:
friend class CryptoSession;
CryptoSessionFactory() {}
private:
CORE_DISALLOW_COPY_AND_ASSIGN(CryptoSessionFactory);
};
CryptoSessionFactory() = default;
}; // class CryptoSessionFactory
} // namespace wvcdm
#endif // WVCDM_CORE_CRYPTO_SESSION_H_

11
core/include/crypto_wrapped_key.h
View File

@@ -6,8 +6,9 @@
#include <string>
namespace wvcdm {
#include "wv_class_utils.h"
namespace wvcdm {
// Represents OEMCrypto's wrapped private DRM key. As of v16, it is
// possible for OEMCrypto to support ECC-based DRM certificates. The
// format of the wrapped key is vendor specific; however, the API
@@ -15,7 +16,8 @@ namespace wvcdm {
class CryptoWrappedKey {
public:
enum Type : int32_t { kUninitialized = 0, kRsa = 1, kEcc = 2 };
CryptoWrappedKey() {}
CryptoWrappedKey() = default;
WVCDM_DEFAULT_COPY_AND_MOVE(CryptoWrappedKey);
CryptoWrappedKey(Type type, const std::string& key)
: type_(type), key_(key) {}
@@ -35,9 +37,10 @@ class CryptoWrappedKey {
bool IsValid() const { return type_ != kUninitialized && !key_.empty(); }
// Equality operator is for testing only. Real keys may have
// different meta data but the same logical key.
bool operator==(const CryptoWrappedKey& other) const {
bool IsEqualTo(const CryptoWrappedKey& other) const {
return type_ == other.type_ && key_ == other.key_;
}
WVCDM_DEFINE_EQ_OPERATORS(CryptoWrappedKey);
private:
// DRM key type of the wrapped key. For wrapped keys which the type
@@ -46,7 +49,5 @@ class CryptoWrappedKey {
// Vendor-specific wrapped DRM key.
std::string key_;
}; // class CryptoWrappedKey
} // namespace wvcdm
#endif // WVCDM_CORE_CRYPTO_WRAPPED_KEY_H_

13
core/include/device_files.h
View File

@@ -1,7 +1,6 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
//
#ifndef WVCDM_CORE_DEVICE_FILES_H_
#define WVCDM_CORE_DEVICE_FILES_H_
@@ -12,10 +11,10 @@
#include "crypto_wrapped_key.h"
#include "device_files.pb.h"
#include "disallow_copy_and_assign.h"
#include "okp_info.h"
#include "platform.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
#if defined(UNIT_TEST)
# include <gtest/gtest_prod.h>
@@ -23,7 +22,7 @@
namespace wvutil {
class FileSystem;
}
} // namespace wvutil
namespace wvcdm {
@@ -124,6 +123,8 @@ class DeviceFiles {
CryptoWrappedKey wrapped_private_key;
};
DeviceFiles() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(DeviceFiles);
DeviceFiles(wvutil::FileSystem*);
virtual ~DeviceFiles();
@@ -387,10 +388,6 @@ class DeviceFiles {
wvutil::FileSystem* file_system_;
CdmSecurityLevel security_level_;
bool initialized_;
CORE_DISALLOW_COPY_AND_ASSIGN(DeviceFiles);
};
}; // class DeviceFiles
} // namespace wvcdm
#endif // WVCDM_CORE_DEVICE_FILES_H_

9
core/include/entitlement_key_session.h
View File

@@ -1,22 +1,25 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_ENTITLEMENT_KEY_SESSION_H_
#define WVCDM_CORE_ENTITLEMENT_KEY_SESSION_H_
#include <map>
#include <string>
#include <vector>
#include "OEMCryptoCENC.h"
#include "content_key_session.h"
#include "crypto_key.h"
#include "metrics_collections.h"
#include "wv_class_utils.h"
namespace wvcdm {
class EntitlementKeySession : public ContentKeySession {
public:
EntitlementKeySession() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(EntitlementKeySession);
EntitlementKeySession(RequestedSecurityLevel security_level,
CryptoSessionId oec_session_id,
metrics::CryptoMetrics* metrics);
@@ -49,8 +52,6 @@ class EntitlementKeySession : public ContentKeySession {
// Find the current entitled content key id for the given entitlement key id.
std::map<KeyId, KeyId> current_loaded_content_keys_;
EntitledKeySessionId key_session_id_;
};
}; // class EntitlementKeySession
} // namespace wvcdm
#endif // WVCDM_CORE_ENTITLEMENT_KEY_SESSION_H_

7
core/include/initialization_data.h
View File

@@ -1,7 +1,6 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef CORE_INCLUDE_INITIALIZATION_DATA_H_
#define CORE_INCLUDE_INITIALIZATION_DATA_H_
@@ -9,6 +8,7 @@
#include "license_protocol.pb.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvcdm {
@@ -16,6 +16,7 @@ class WvCdmEngineTest;
class InitializationData {
public:
WVCDM_DEFAULT_COPY_AND_MOVE(InitializationData);
InitializationData(const std::string& type = std::string(),
const CdmInitData& data = CdmInitData(),
const std::string& oec_version = std::string());
@@ -94,8 +95,6 @@ class InitializationData {
std::vector<uint8_t> hls_iv_;
CdmHlsMethod hls_method_;
};
}; // class InitializationData
} // namespace wvcdm
#endif // CORE_INCLUDE_INITIALIZATION_DATA_H_

16
core/include/key_session.h
View File

@@ -1,26 +1,26 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_KEY_SESSION_H_
#define WVCDM_CORE_KEY_SESSION_H_
#include <string>
#include <vector>
#include "OEMCryptoCENC.h"
#include "metrics_collections.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvcdm {
class CryptoKey;
class KeySession {
protected:
KeySession(metrics::CryptoMetrics* metrics) : metrics_(metrics) {}
public:
typedef enum { kDefault, kEntitlement } KeySessionType;
KeySession() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(KeySession);
virtual ~KeySession() {}
virtual KeySessionType Type() = 0;
virtual OEMCryptoResult LoadKeys(const std::string& message,
@@ -54,9 +54,9 @@ class KeySession {
const std::string& signature) = 0;
protected:
KeySession(metrics::CryptoMetrics* metrics) : metrics_(metrics) {}
metrics::CryptoMetrics* metrics_;
};
}; // class KeySession
} // namespace wvcdm
#endif // WVCDM_CORE_KEY_SESSION_H_

220
core/include/license.h
View File

@@ -1,68 +1,66 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_LICENSE_H_
#define WVCDM_CORE_LICENSE_H_
#include <memory>
#include <set>
#include "disallow_copy_and_assign.h"
#include "initialization_data.h"
#include "license_protocol.pb.h"
#include "service_certificate.h"
#include "wv_cdm_types.h"
namespace video_widevine {
class SignedMessage;
class LicenseRequest;
class VersionInfo;
} // namespace video_widevine
#include "wv_class_utils.h"
namespace wvutil {
class Clock;
}
} // namespace wvutil
namespace wvcdm {
class CryptoSession;
class PolicyEngine;
class CdmSession;
class CryptoKey;
using ::google::protobuf::RepeatedPtrField;
using video_widevine::License_KeyContainer;
using video_widevine::VersionInfo;
using video_widevine::WidevinePsshData_EntitledKey;
class CryptoSession;
class InitializationData;
class PolicyEngine;
class CdmLicense {
public:
CdmLicense(const CdmSessionId& session_id);
using PsshEntitledKey = video_widevine::WidevinePsshData::EntitledKey;
CdmLicense() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(CdmLicense);
explicit CdmLicense(const CdmSessionId& session_id);
virtual ~CdmLicense();
virtual bool Init(bool use_privacy_mode,
const std::string& signed_service_certificate,
CryptoSession* session, PolicyEngine* policy_engine);
// == Accessors ==
virtual bool is_offline() const { return is_offline_; }
virtual std::string provider_session_token() {
return provider_session_token_;
}
virtual bool HasInitData() { return static_cast<bool>(stored_init_data_); }
virtual const video_widevine::VersionInfo& GetServiceVersion() {
return latest_service_version_;
}
virtual bool IsKeyLoaded(const KeyId& key_id);
// == Service Certificate API ==
// Override the currently-installed service certificate with a new service
// certificate.
virtual CdmResponseType SetServiceCertificate(
const std::string& signed_service_certificate);
virtual CdmResponseType PrepareKeyRequest(
const InitializationData& init_data, const std::string& client_token,
CdmLicenseType license_type, const CdmAppParameterMap& app_parameters,
CdmKeyMessage* signed_request, std::string* server_url);
virtual CdmResponseType PrepareKeyUpdateRequest(
bool is_renewal, const CdmAppParameterMap& app_parameters,
CdmSession* cdm_session, CdmKeyMessage* signed_request,
std::string* server_url);
virtual CdmResponseType HandleKeyResponse(
bool is_restore, const CdmKeyResponse& license_response);
virtual CdmResponseType HandleKeyUpdateResponse(
bool is_renewal, bool is_restore, const CdmKeyResponse& license_response);
virtual CdmResponseType HandleEmbeddedKeyData(
const InitializationData& init_data);
// == License Restoring API ==
virtual CdmResponseType RestoreOfflineLicense(
const std::string& client_token, const CdmKeyMessage& license_request,
@@ -73,23 +71,36 @@ class CdmLicense {
virtual CdmResponseType RestoreLicenseForRelease(
const std::string& client_token, const CdmKeyMessage& license_request,
const CdmKeyResponse& license_response);
virtual bool HasInitData() { return static_cast<bool>(stored_init_data_); }
virtual bool IsKeyLoaded(const KeyId& key_id);
virtual std::string provider_session_token() {
return provider_session_token_;
}
// == Request/Response API ==
virtual bool is_offline() const { return is_offline_; }
virtual CdmResponseType PrepareKeyRequest(
const InitializationData& init_data, const std::string& client_token,
CdmLicenseType license_type, const CdmAppParameterMap& app_parameters,
CdmKeyMessage* signed_request, std::string* server_url);
virtual const VersionInfo& GetServiceVersion() {
return latest_service_version_;
}
virtual CdmResponseType PrepareKeyUpdateRequest(
bool is_renewal, const CdmAppParameterMap& app_parameters,
CdmSession* cdm_session, CdmKeyMessage* signed_request,
std::string* server_url);
virtual CdmResponseType HandleKeyResponse(
bool is_restore, const CdmKeyResponse& license_response);
virtual CdmResponseType HandleKeyUpdateResponse(
bool is_renewal, bool is_restore, const CdmKeyResponse& license_response);
virtual CdmResponseType HandleEmbeddedKeyData(
const InitializationData& init_data);
// == Utilities ==
static bool ExtractProviderSessionToken(
const CdmKeyResponse& license_response,
std::string* provider_session_token);
// == Test Accessors ==
// Testing only. Caller retains ownership of pointers.
void set_crypto_session(CryptoSession* crypto_session) {
crypto_session_ = crypto_session;
@@ -100,9 +111,42 @@ class CdmLicense {
}
private:
// Test Constructor.
// CdmLicense takes ownership of the clock.
CdmLicense(const CdmSessionId& session_id, wvutil::Clock* clock);
// == Internal Request/Response API ==
// Prepare to reload a key update message. Some special code is needed to work
// around b/166010609.
// TODO(b/166007195): Remove this.
CdmResponseType PrepareKeyUpdateReload(CdmSession* cdm_session);
CdmResponseType HandleKeyErrorResponse(
const video_widevine::SignedMessage& signed_message);
CdmResponseType HandleContentKeyResponse(
bool is_restore, const std::string& session_key, const std::string& msg,
const std::string& core_message, const std::string& signature,
const std::vector<CryptoKey>& license_keys,
const video_widevine::License& license);
// Loads the entitlement keys in |license_keys| into
// the crypto session.
//
// In addition, it also extracts content keys from
// |request_entitled_keys_| and loads them for use.
CdmResponseType HandleEntitlementKeyResponse(
bool is_restore, const std::string& session_key, const std::string& msg,
const std::string& core_message, const std::string& signature,
const std::vector<CryptoKey>& license_keys,
const video_widevine::License& license);
CdmResponseType HandleNewEntitledKeys(
const std::vector<PsshEntitledKey>& packaged_entitled_keys);
// == Internal Utilities ==
CdmResponseType PrepareClientId(
const CdmAppParameterMap& app_parameters,
const std::string& provider_client_token,
@@ -113,82 +157,66 @@ class CdmLicense {
const std::string& request_id,
video_widevine::LicenseRequest* license_request);
CdmResponseType HandleContentKeyResponse(
bool is_restore, const std::string& session_key, const std::string& msg,
const std::string& core_message, const std::string& signature,
const std::vector<CryptoKey>& key_array,
const video_widevine::License& license);
// HandleEntitlementKeyResponse loads the entitlement keys in |key_array| into
// the crypto session. In addition, it also extracts content keys from
// |wrapped_keys_| and loads them for use.
CdmResponseType HandleEntitlementKeyResponse(
bool is_restore, const std::string& session_key, const std::string& msg,
const std::string& core_message, const std::string& signature,
const std::vector<CryptoKey>& key_array,
const video_widevine::License& license);
// Prepare to reload a key update message. Some special code is needed to work
// around b/166010609.
// TODO(b/166007195): Remove this.
CdmResponseType PrepareKeyUpdateReload(CdmSession* cdm_session);
CdmResponseType HandleNewEntitledKeys(
const std::vector<WidevinePsshData_EntitledKey>& wrapped_keys);
template <typename T>
bool SetTypeAndId(CdmLicenseType license_type, const std::string& request_id,
T* content_id);
CryptoSession* crypto_session_ = nullptr;
PolicyEngine* policy_engine_ = nullptr;
std::string server_url_;
std::string client_token_;
// == Creation-time Variables ==
const CdmSessionId session_id_;
std::unique_ptr<InitializationData> stored_init_data_;
bool initialized_;
std::set<KeyId> loaded_keys_;
std::string provider_session_token_;
video_widevine::ProtocolVersion protocol_version_;
bool renew_with_client_id_;
bool is_offline_;
// Associated with ClientIdentification encryption
bool use_privacy_mode_;
ServiceCertificate service_certificate_;
// Used for certificate based licensing
CdmKeyMessage key_request_;
std::unique_ptr<wvutil::Clock> clock_;
// For testing
// CdmLicense takes ownership of the clock.
CdmLicense(const CdmSessionId& session_id, wvutil::Clock* clock);
// == Initialization-time Variables ==
bool initialized_ = false;
CryptoSession* crypto_session_ = nullptr;
PolicyEngine* policy_engine_ = nullptr;
// Associated with ClientIdentification encryption
bool use_privacy_mode_ = false;
ServiceCertificate service_certificate_;
video_widevine::ProtocolVersion protocol_version_ =
video_widevine::VERSION_2_2;
// == License Request/Response variables ==
std::string client_token_;
std::unique_ptr<InitializationData> stored_init_data_;
// The nonce used in the original license request.
uint32_t license_nonce_ = 0;
CdmKeyMessage license_request_;
// For entitlement key licensing. This holds the keys from the init_data.
// These keys are extracted from the PSSH when we generate a license request.
// It is used to load content keys after we have received a license and
// entitlement keys. It is also used in updating the key status info.
std::vector<WidevinePsshData_EntitledKey> wrapped_keys_;
CdmLicenseKeyType license_key_type_;
RepeatedPtrField<License_KeyContainer> entitlement_keys_;
std::vector<PsshEntitledKey> request_entitled_keys_;
std::string provider_client_token_;
std::string provider_session_token_;
bool renew_with_client_id_ = false;
std::string renewal_server_url_;
// This is the latest version info extracted from the SignedMessage in
// HandleKeyResponse
VersionInfo latest_service_version_;
video_widevine::VersionInfo latest_service_version_;
// The nonce used in the original license request.
uint32_t license_nonce_;
// == License Life-Time Variables ==
CdmLicenseKeyType license_key_type_ = kLicenseKeyTypeContent;
bool is_offline_ = false;
std::set<KeyId> content_key_ids_;
std::set<KeyId> entitlement_key_ids_;
#if defined(UNIT_TEST)
friend class CdmLicenseTestPeer;
#endif
CORE_DISALLOW_COPY_AND_ASSIGN(CdmLicense);
};
}; // class CdmLicense
} // namespace wvcdm
#endif // WVCDM_CORE_LICENSE_H_

28
core/include/license_key_status.h
View File

@@ -1,16 +1,16 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_LICENSE_KEY_STATUS_H_
#define WVCDM_CORE_LICENSE_KEY_STATUS_H_
#include <map>
#include <vector>
#include "crypto_session.h"
#include "disallow_copy_and_assign.h"
#include "license_protocol.pb.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvcdm {
@@ -21,7 +21,10 @@ using video_widevine::WidevinePsshData_EntitledKey;
// Holds all content and operator session keys for a session.
class LicenseKeys {
public:
LicenseKeys(CdmSecurityLevel security_level)
LicenseKeys() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(LicenseKeys);
explicit LicenseKeys(CdmSecurityLevel security_level)
: security_level_(security_level) {}
virtual ~LicenseKeys() { Clear(); }
@@ -83,7 +86,6 @@ class LicenseKeys {
void Clear();
bool is_initialized_;
// |key_statuses_| can hold either content key statuses, or entitlement key
// statuses.
std::map<KeyId, LicenseKeyStatus*> key_statuses_;
@@ -93,15 +95,17 @@ class LicenseKeys {
std::map<KeyId, KeyId> content_keyid_to_entitlement_key_id_;
CdmSecurityLevel security_level_;
CORE_DISALLOW_COPY_AND_ASSIGN(LicenseKeys);
};
}; // class LicenseKeys
// Holds the current license status of a key.
class LicenseKeyStatus {
public:
friend class LicenseKeys;
public:
LicenseKeyStatus() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(LicenseKeyStatus);
virtual ~LicenseKeyStatus() {}
// Returns true if the key is a content key (not an operator session key)
virtual bool IsContentKey() { return is_content_key_; }
@@ -145,8 +149,6 @@ class LicenseKeyStatus {
LicenseKeyStatus(const KeyContainer& key, CdmSecurityLevel level);
virtual ~LicenseKeyStatus() {}
private:
void ParseContentKey(const KeyContainer& key, CdmSecurityLevel level);
void ParseOperatorSessionKey(const KeyContainer& key);
@@ -164,10 +166,6 @@ class LicenseKeyStatus {
CryptoSession::HdcpCapability last_reported_device_hdcp_level_ = HDCP_NONE;
CryptoSession::HdcpCapability last_reported_license_hdcp_level_ = HDCP_NONE;
ConstraintList constraints_;
CORE_DISALLOW_COPY_AND_ASSIGN(LicenseKeyStatus);
};
}; // class LicenseKeyStatus
} // namespace wvcdm
#endif // WVCDM_CORE_LICENSE_KEY_STATUS_H_

2
core/include/license_protocol_conversions.h
View File

@@ -4,8 +4,6 @@
#ifndef WVCDM_CORE_LICENSE_PROTOCOL_CONVERSIONS_H_
#define WVCDM_CORE_LICENSE_PROTOCOL_CONVERSIONS_H_
#include <stdbool.h>
#include "OEMCryptoCENC.h"
#include "license_protocol.pb.h"

4
core/include/oemcrypto_adapter.h
View File

@@ -1,10 +1,11 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
//
#ifndef WVCDM_CORE_OEMCRYPTO_ADAPTER_H_
#define WVCDM_CORE_OEMCRYPTO_ADAPTER_H_
#include <inttypes.h>
#include "OEMCryptoCENC.h"
#include "wv_cdm_types.h"
@@ -97,5 +98,4 @@ OEMCryptoResult OEMCrypto_Generic_Verify(
OEMCryptoResult OEMCrypto_GetBCCType(RequestedSecurityLevel level,
OEMCrypto_BCCType* bcc_type);
} // namespace wvcdm
#endif // WVCDM_CORE_OEMCRYPTO_ADAPTER_H_

7
core/include/okp_fallback_policy.h
View File

@@ -3,15 +3,16 @@
// Agreement.
#ifndef WVCDM_CORE_OKP_FALLBACK_POLICY_H_
#define WVCDM_CORE_OKP_FALLBACK_POLICY_H_
#include <inttypes.h>
#include <memory>
#include <mutex>
#include "clock.h"
#include "disallow_copy_and_assign.h"
#include "file_store.h"
#include "okp_info.h"
#include "wv_class_utils.h"
namespace wvcdm {
class DeviceFiles;
@@ -36,6 +37,8 @@ static constexpr int64_t kMaxInitialBackoffDuration =
// build, there should only be at most one SystemFallbackPolicy instance.
class SystemFallbackPolicy {
public:
WVCDM_DISALLOW_COPY_AND_MOVE(SystemFallbackPolicy);
// Creates a new instance of SystemFallbackPolicy. If there exists
// OKP information for the device in storage, it will be loaded and
// the system policy will resume from its previous state. If no
@@ -115,8 +118,6 @@ class SystemFallbackPolicy {
// All public methods must lock to protect from simultaneous
// engine access.
mutable std::mutex mutex_;
CORE_DISALLOW_COPY_AND_ASSIGN(SystemFallbackPolicy);
}; // class SystemFallbackPolicy
} // namespace okp
} // namespace wvcdm

51
core/include/okp_info.h
View File

@@ -6,6 +6,8 @@
#include <inttypes.h>
#include "wv_class_utils.h"
namespace wvcdm {
// OTA Keybox Provisioning (OKP)
namespace okp {
@@ -23,38 +25,43 @@ const char* SystemStateToString(SystemState state);
// Container for all the device information related to OKP.
class SystemFallbackInfo {
public:
SystemState state() const { return state_; }
void SetState(SystemState state) { state_ = state; }
constexpr SystemFallbackInfo() = default;
WVCDM_CONSTEXPR_DEFAULT_COPY_AND_MOVE(SystemFallbackInfo);
bool HasFirstCheckedTime() const { return first_checked_time_ != 0; }
int64_t first_checked_time() const { return first_checked_time_; }
void SetFirstCheckedTime(int64_t time) {
constexpr SystemState state() const { return state_; }
constexpr void SetState(SystemState state) { state_ = state; }
constexpr bool HasFirstCheckedTime() const {
return first_checked_time_ != 0;
}
constexpr int64_t first_checked_time() const { return first_checked_time_; }
constexpr void SetFirstCheckedTime(int64_t time) {
first_checked_time_ = (time > 0 ? time : 0);
}
bool HasBackoffStartTime() const { return backoff_start_time_ > 0; }
int64_t backoff_start_time() const { return backoff_start_time_; }
void SetBackoffStartTime(int64_t time) {
constexpr bool HasBackoffStartTime() const { return backoff_start_time_ > 0; }
constexpr int64_t backoff_start_time() const { return backoff_start_time_; }
constexpr void SetBackoffStartTime(int64_t time) {
backoff_start_time_ = (time > 0 ? time : 0);
}
void ClearBackoffStartTime() { backoff_start_time_ = 0; }
constexpr void ClearBackoffStartTime() { backoff_start_time_ = 0; }
bool HasBackoffDuration() const { return backoff_duration_ > 0; }
int64_t backoff_duration() const { return backoff_duration_; }
void SetBackoffDuration(int64_t duration) {
constexpr bool HasBackoffDuration() const { return backoff_duration_ > 0; }
constexpr int64_t backoff_duration() const { return backoff_duration_; }
constexpr void SetBackoffDuration(int64_t duration) {
backoff_duration_ = (duration > 0 ? duration : 0);
}
void DoubleBackoffDuration() { backoff_duration_ *= 2; }
void ClearBackoffDuration() { backoff_duration_ = 0; }
constexpr void DoubleBackoffDuration() { backoff_duration_ *= 2; }
constexpr void ClearBackoffDuration() { backoff_duration_ = 0; }
bool HasProvisioningTime() const { return provisioning_time_ != 0; }
int64_t provisioning_time() const { return provisioning_time_; }
void SetProvisioningTime(int64_t time) {
constexpr bool HasProvisioningTime() const { return provisioning_time_ != 0; }
constexpr int64_t provisioning_time() const { return provisioning_time_; }
constexpr void SetProvisioningTime(int64_t time) {
provisioning_time_ = (time > 0 ? time : 0);
}
void ClearProvisioningTime() { provisioning_time_ = 0; }
constexpr void ClearProvisioningTime() { provisioning_time_ = 0; }
void Clear() {
constexpr void Clear() {
state_ = SystemState::kUnknown;
first_checked_time_ = 0;
backoff_start_time_ = 0;
@@ -62,10 +69,8 @@ class SystemFallbackInfo {
provisioning_time_ = 0;
}
bool operator==(const SystemFallbackInfo& other) const;
bool operator!=(const SystemFallbackInfo& other) const {
return !(*this == other);
}
bool IsEqualTo(const SystemFallbackInfo& other) const;
WVCDM_DEFINE_EQ_OPERATORS(SystemFallbackInfo);
private:
SystemState state_ = SystemState::kUnknown;

6
core/include/ota_keybox_provisioner.h
View File

@@ -8,9 +8,9 @@
#include <string>
#include "client_identification.h"
#include "disallow_copy_and_assign.h"
#include "metrics_collections.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvcdm {
class CryptoSession;
@@ -32,6 +32,8 @@ class OtaKeyboxProvisioner {
std::unique_ptr<CryptoSession>&& crypto_session,
okp::SystemFallbackPolicy* fallback_policy);
OtaKeyboxProvisioner() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(OtaKeyboxProvisioner);
~OtaKeyboxProvisioner();
// Returns true if the underlying SystemFallbackPolicy is
@@ -78,8 +80,6 @@ class OtaKeyboxProvisioner {
// These flags are for debugging purposes.
bool request_generated_ = false;
bool response_received_ = false;
CORE_DISALLOW_COPY_AND_ASSIGN(OtaKeyboxProvisioner);
}; // class OtaKeyboxProvisioner
} // namespace wvcdm
#endif // WVCDM_CORE_OTA_KEYBOX_PROVISIONER_H_

14
core/include/policy_engine.h
View File

@@ -1,7 +1,6 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_POLICY_ENGINE_H_
#define WVCDM_CORE_POLICY_ENGINE_H_
@@ -10,14 +9,14 @@
#include <string>
#include "clock.h"
#include "disallow_copy_and_assign.h"
#include "license_key_status.h"
#include "license_protocol.pb.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvutil {
class Clock;
}
} // namespace wvutil
namespace wvcdm {
@@ -32,6 +31,9 @@ class WvCdmEventListener;
// or no(false) you may not decrypt this data anymore."
class PolicyEngine {
public:
PolicyEngine() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(PolicyEngine);
PolicyEngine(CdmSessionId session_id, WvCdmEventListener* event_listener,
CryptoSession* crypto_session);
virtual ~PolicyEngine();
@@ -204,10 +206,6 @@ class PolicyEngine {
std::unique_ptr<PolicyTimers> policy_timers_;
std::unique_ptr<wvutil::Clock> clock_;
CORE_DISALLOW_COPY_AND_ASSIGN(PolicyEngine);
};
}; // class PolicyEngine
} // namespace wvcdm
#endif // WVCDM_CORE_POLICY_ENGINE_H_

12
core/include/policy_timers.h
View File

@@ -8,22 +8,22 @@
#include <memory>
#include <string>
#include "disallow_copy_and_assign.h"
#include "license_protocol.pb.h"
#include "wv_cdm_constants.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvcdm {
// This is driven by the Policy Engine and maintains timer related
// information from the policy such as duration windows and renewals.
// Timer expiration behavior has changed with the introduction of core
// messages in OEMCrypto v16. Handling of behavior that differs between
// a OEMCrypto v16 license with core messages and one without is left to
// a class that derives from this interface.
class PolicyTimers {
public:
WVCDM_DISALLOW_COPY_AND_MOVE(PolicyTimers);
virtual ~PolicyTimers() {}
// SetLicense is used in handling the initial license response.
@@ -143,10 +143,6 @@ class PolicyTimers {
int64_t current_time, bool ignore_soft_enforce_playback_duration);
bool HasRentalOrPlaybackDurationExpired(int64_t current_time);
virtual int64_t GetRentalDurationRemaining(int64_t current_time);
CORE_DISALLOW_COPY_AND_ASSIGN(PolicyTimers);
};
}; // class PolicyTimers
} // namespace wvcdm
#endif // WVCDM_CORE_POLICY_TIMERS_H_

17
core/include/policy_timers_v16.h
View File

@@ -1,17 +1,17 @@
// Copyright 2020 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_POLICY_TIMERS_V16_H_
#define WVCDM_CORE_POLICY_TIMERS_V16_H_
#include "disallow_copy_and_assign.h"
#include <inttypes.h>
#include "license_protocol.pb.h"
#include "policy_timers.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvcdm {
// OEMCrypto v16 and core messages introduced changes to how duration values
// and clocks should be evaluated. This class provides backward compatibility
// for licenses that do not include a core message. Durations are handled
@@ -21,10 +21,10 @@ namespace wvcdm {
// * OEMCrypto has not been upgraded to v16
// * Licenses were persisted before the device was upgraded to v16
// * License service does not yet support core messages
class PolicyTimersV16 : public PolicyTimers {
public:
PolicyTimersV16() {}
PolicyTimersV16() = default;
WVCDM_DISALLOW_COPY_AND_MOVE(PolicyTimersV16);
~PolicyTimersV16() override {}
@@ -45,11 +45,6 @@ class PolicyTimersV16 : public PolicyTimers {
// Renewal related methods
bool HasRenewalDelayExpired(int64_t current_time) override;
private:
CORE_DISALLOW_COPY_AND_ASSIGN(PolicyTimersV16);
};
}; // class PolicyTimersV16
} // namespace wvcdm
#endif // WVCDM_CORE_POLICY_TIMERS_V16_H_

16
core/include/policy_timers_v18.h
View File

@@ -1,27 +1,27 @@
// Copyright 2022 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_POLICY_TIMERS_V18_H_
#define WVCDM_CORE_POLICY_TIMERS_V18_H_
#include "disallow_copy_and_assign.h"
#include <inttypes.h>
#include "license_protocol.pb.h"
#include "policy_timers.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvcdm {
// OEMCrypto v18 includes support for renewing licenses on load by using
// |initial_renewal_delay_base| and TimerDelayBase.
//
// Backward compatibility may be needed if
// * OEMCrypto has not been upgraded to v18
// * Licenses were persisted before the device was upgraded to v18
class PolicyTimersV18 : public PolicyTimers {
public:
PolicyTimersV18() {}
PolicyTimersV18() = default;
WVCDM_DISALLOW_COPY_AND_MOVE(PolicyTimersV18);
~PolicyTimersV18() override {}
@@ -48,10 +48,6 @@ class PolicyTimersV18 : public PolicyTimers {
bool license_renewal_ = false;
bool renew_on_first_decrypt_ = false;
bool can_renew_ = false;
CORE_DISALLOW_COPY_AND_ASSIGN(PolicyTimersV18);
};
}; // class PolicyTimersV18
} // namespace wvcdm
#endif // WVCDM_CORE_POLICY_TIMERS_V18_H_

14
core/include/privacy_crypto.h
View File

@@ -26,14 +26,15 @@
#include <string>
#include "disallow_copy_and_assign.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvcdm {
class AesCbcKey {
public:
AesCbcKey();
WVCDM_DISALLOW_COPY_AND_MOVE(AesCbcKey);
~AesCbcKey();
bool Init(const std::string& key);
@@ -44,13 +45,12 @@ class AesCbcKey {
private:
std::string key_;
CORE_DISALLOW_COPY_AND_ASSIGN(AesCbcKey);
};
}; // class AesCbcKey
class RsaPublicKey {
public:
RsaPublicKey();
WVCDM_DISALLOW_COPY_AND_MOVE(RsaPublicKey);
~RsaPublicKey();
// Initializes an RsaPublicKey object using a DER encoded PKCS#1 RSAPublicKey
@@ -67,9 +67,7 @@ class RsaPublicKey {
private:
std::string serialized_key_;
CORE_DISALLOW_COPY_AND_ASSIGN(RsaPublicKey);
};
}; // class RsaPublicKey
/**
* Extracts an integer value from the extensions in a certificate.
@@ -88,7 +86,5 @@ std::string Md5Hash(const std::string& data);
std::string Sha1Hash(const std::string& data);
std::string Sha256Hash(const std::string& data);
std::string Sha512Hash(const std::string& data);
} // namespace wvcdm
#endif // WVCDM_CORE_PRIVACY_CRYPTO_H_

11
core/include/properties.h
View File

@@ -11,8 +11,8 @@
#include <string>
#include "cdm_client_property_set.h"
#include "disallow_copy_and_assign.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
#if defined(UNIT_TEST)
#include <gtest/gtest_prod.h>
@@ -30,6 +30,9 @@ using CdmClientPropertySetMap = std::map<CdmSessionId, CdmClientPropertySet*>;
// Setter methods are provided but their only planned use is for testing.
class Properties {
public:
Properties() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(Properties);
static void Init() {
std::unique_lock<std::mutex> lock(init_mutex_);
@@ -156,10 +159,6 @@ class Properties {
static bool allow_restore_of_offline_licenses_with_release_;
static bool delay_oem_crypto_termination_;
static std::unique_ptr<CdmClientPropertySetMap> session_property_set_;
CORE_DISALLOW_COPY_AND_ASSIGN(Properties);
};
}; // class Properties
} // namespace wvcdm
#endif // WVCDM_CORE_PROPERTIES_H_

32
core/include/service_certificate.h
View File

@@ -1,10 +1,21 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
//
#ifndef WVCDM_CORE_SERVICE_CERTIFICATE_H_
#define WVCDM_CORE_SERVICE_CERTIFICATE_H_
#include <memory>
#include <string>
#include "license_protocol.pb.h"
#include "privacy_crypto.h"
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvcdm {
class CryptoSession;
// Service Certificates are used to encrypt the ClientIdentification message
// that is part of Device Provisioning, License, Renewal, and Release requests.
// It also supplies a provider_id setting used in device provisioning.
@@ -12,21 +23,10 @@
// is not supplied and privacy mode is enabled, the CDM will send a Service
// Certificate Request to the target server to get one. Once the Service
// Certificate is established for the session, it should not change.
#include <memory>
#include "disallow_copy_and_assign.h"
#include "license_protocol.pb.h"
#include "privacy_crypto.h"
#include "wv_cdm_types.h"
namespace wvcdm {
class CryptoSession;
class ServiceCertificate {
public:
ServiceCertificate() : has_certificate_(false) {}
WVCDM_DISALLOW_COPY_AND_MOVE(ServiceCertificate);
virtual ~ServiceCertificate() {}
// Set up a new service certificate.
@@ -79,10 +79,6 @@ class ServiceCertificate {
// Public key.
std::unique_ptr<RsaPublicKey> public_key_;
CORE_DISALLOW_COPY_AND_ASSIGN(ServiceCertificate);
};
}; // class ServiceCertificate
} // namespace wvcdm
#endif // WVCDM_CORE_SERVICE_CERTIFICATE_H_

15
core/include/system_id_extractor.h
View File

@@ -4,9 +4,10 @@
#ifndef WVCDM_CORE_SYSTEM_ID_EXTRACTOR_H_
#define WVCDM_CORE_SYSTEM_ID_EXTRACTOR_H_
#include <stdint.h>
#include <inttypes.h>
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvutil {
class FileSystem;
@@ -21,6 +22,8 @@ class DeviceFiles;
// different place.
class SystemIdExtractor {
public:
SystemIdExtractor() = delete;
WVCDM_DISALLOW_COPY_AND_MOVE(SystemIdExtractor);
// The constructor should be provided all the parameters necessary
// to find the system ID. Although certain provisioning methods
// may not use all parameters, this class must behave in a way which
@@ -31,7 +34,7 @@ class SystemIdExtractor {
// |security_level|
// - Requested security level, uses the |crypto_session| handle
// to convert to a concrete security level.
// |crypto_sesssion|
// |crypto_session|
// - Handle into the OEMCrypto platform. If handle is open,
// then the session's real security level should match
// |security_level|.
@@ -41,12 +44,6 @@ class SystemIdExtractor {
CryptoSession* crypto_session, wvutil::FileSystem* fs);
virtual ~SystemIdExtractor() {}
// Disallow copy and move.
SystemIdExtractor(const SystemIdExtractor&) = delete;
SystemIdExtractor(SystemIdExtractor&&) = delete;
SystemIdExtractor& operator=(const SystemIdExtractor&) = delete;
SystemIdExtractor& operator=(SystemIdExtractor&&) = delete;
// Extracts the system ID from the appropriate source.
virtual bool ExtractSystemId(uint32_t* system_id);
@@ -102,6 +99,6 @@ class SystemIdExtractor {
// Test only handle to DeviceFiles. When not null, |fs_| will be
// ignored.
DeviceFiles* test_device_files_ = nullptr;
};
}; // class SystemIdExtractor
} // namespace wvcdm
#endif // WVCDM_CORE_SYSTEM_ID_EXTRACTOR_H_

4
core/include/wv_cdm_constants.h
View File

@@ -1,10 +1,11 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_WV_CDM_CONSTANTS_H_
#define WVCDM_CORE_WV_CDM_CONSTANTS_H_
#include <inttypes.h>
#include <limits>
#include <string>
@@ -187,5 +188,4 @@ constexpr uint32_t HDCP_UNSPECIFIED_VIDEO_RESOLUTION = 0;
constexpr int64_t HDCP_DEVICE_CHECK_INTERVAL = 10;
constexpr char EMPTY_APP_PACKAGE_NAME[] = "";
} // namespace wvcdm
#endif // WVCDM_CORE_WV_CDM_CONSTANTS_H_

17
core/include/wv_cdm_event_listener.h
View File

@@ -1,19 +1,21 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_WV_CDM_EVENT_LISTENER_H_
#define WVCDM_CORE_WV_CDM_EVENT_LISTENER_H_
#include "disallow_copy_and_assign.h"
#include <inttypes.h>
#include "wv_cdm_types.h"
#include "wv_class_utils.h"
namespace wvcdm {
// Listener for events from the Content Decryption Module.
class WvCdmEventListener {
public:
WvCdmEventListener() {}
WvCdmEventListener() = default;
WVCDM_DISALLOW_COPY_AND_MOVE(WvCdmEventListener);
virtual ~WvCdmEventListener() {}
virtual void OnSessionRenewalNeeded(const CdmSessionId& session_id) = 0;
@@ -24,11 +26,6 @@ class WvCdmEventListener {
// license.
virtual void OnExpirationUpdate(const CdmSessionId& session_id,
int64_t new_expiry_time_seconds) = 0;
private:
CORE_DISALLOW_COPY_AND_ASSIGN(WvCdmEventListener);
};
}; // class WvCdmEventListener
} // namespace wvcdm
#endif // WVCDM_CORE_WV_CDM_EVENT_LISTENER_H_

41
core/include/wv_cdm_types.h
View File

@@ -1,11 +1,10 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
#ifndef WVCDM_CORE_WV_CDM_TYPES_H_
#define WVCDM_CORE_WV_CDM_TYPES_H_
#include <stdint.h>
#include <inttypes.h>
#include <array>
#include <map>
@@ -13,9 +12,9 @@
#include <vector>
#include "OEMCryptoCENC.h"
#include "wv_class_utils.h"
namespace wvcdm {
using CdmKeySystem = std::string;
using CdmInitData = std::string;
using CdmKeyMessage = std::string;
@@ -467,11 +466,12 @@ enum CdmResponseEnum : int32_t {
// Don't forget to add new values to
// * core/src/wv_cdm_types.cpp
// * android/include/mapErrors-inl.h
};
}; // enum CdmResponseEnum
class CdmResponseType {
public:
constexpr CdmResponseType() {}
constexpr CdmResponseType() = default;
WVCDM_CONSTEXPR_DEFAULT_COPY_AND_MOVE(CdmResponseType);
constexpr explicit CdmResponseType(CdmResponseEnum code) : code_(code) {}
constexpr CdmResponseType(CdmResponseEnum code, OEMCryptoResult oemc_result,
const char* crypto_session_method)
@@ -504,12 +504,12 @@ class CdmResponseType {
constexpr int ToInt() const { return static_cast<int>(code_); }
constexpr explicit operator int() const { return ToInt(); };
bool operator==(CdmResponseEnum other) const { return code_ == other; }
bool operator!=(CdmResponseEnum other) const { return code_ != other; }
bool operator==(const CdmResponseType& other) const;
bool operator!=(const CdmResponseType& other) const {
return !(*this == other);
constexpr bool IsEqualTo(const CdmResponseEnum& other) const {
return code_ == other;
}
WVCDM_DEFINE_CONSTEXPR_EQ_OPERATORS(CdmResponseEnum);
bool IsEqualTo(const CdmResponseType& other) const;
WVCDM_DEFINE_EQ_OPERATORS(CdmResponseType);
std::string ToString() const;
@@ -522,13 +522,15 @@ class CdmResponseType {
bool has_oemc_result_ = false;
OEMCryptoResult oemc_result_ = OEMCrypto_SUCCESS;
const char* crypto_session_method_ = nullptr;
};
}; // class CdmResponseType
inline bool operator==(const CdmResponseEnum lhs, const CdmResponseType& rhs) {
constexpr inline bool operator==(const CdmResponseEnum lhs,
const CdmResponseType& rhs) {
return lhs == rhs.code();
}
inline bool operator!=(const CdmResponseEnum lhs, const CdmResponseType& rhs) {
constexpr inline bool operator!=(const CdmResponseEnum lhs,
const CdmResponseType& rhs) {
return lhs != rhs.code();
}
@@ -636,7 +638,7 @@ struct CdmUsageEntryInfo {
std::string usage_info_file_name;
int64_t last_use_time;
int64_t offline_license_expiry_time; // Only for offline licenses.
bool operator==(const CdmUsageEntryInfo& other) const {
bool IsEqualTo(const CdmUsageEntryInfo& other) const {
if (this == &other) {
return true;
}
@@ -654,6 +656,7 @@ struct CdmUsageEntryInfo {
// else storage_type == kStorageTypeUnknown
return true;
}
WVCDM_DEFINE_EQ_OPERATORS(CdmUsageEntryInfo);
void Clear() {
storage_type = kStorageTypeUnknown;
@@ -662,7 +665,7 @@ struct CdmUsageEntryInfo {
last_use_time = 0;
offline_license_expiry_time = 0;
}
};
}; // struct CdmUsageEntryInfo
enum CdmKeySecurityLevel : int32_t {
kKeySecurityLevelUnset,
@@ -696,6 +699,7 @@ enum CdmProductionReadiness : int32_t {
class CdmKeyAllowedUsage {
public:
CdmKeyAllowedUsage() { Clear(); }
WVCDM_DEFAULT_COPY_AND_MOVE(CdmKeyAllowedUsage);
bool Valid() const { return valid_; }
void SetValid() { valid_ = true; }
@@ -711,7 +715,7 @@ class CdmKeyAllowedUsage {
valid_ = false;
}
bool Equals(const CdmKeyAllowedUsage& other) {
bool IsEqualTo(const CdmKeyAllowedUsage& other) const {
return valid_ && other.Valid() &&
decrypt_to_clear_buffer == other.decrypt_to_clear_buffer &&
decrypt_to_secure_buffer == other.decrypt_to_secure_buffer &&
@@ -721,6 +725,7 @@ class CdmKeyAllowedUsage {
generic_verify == other.generic_verify &&
key_security_level_ == other.key_security_level_;
}
WVCDM_DEFINE_EQ_OPERATORS(CdmKeyAllowedUsage);
bool decrypt_to_clear_buffer;
bool decrypt_to_secure_buffer;
@@ -732,7 +737,7 @@ class CdmKeyAllowedUsage {
private:
bool valid_;
};
}; // class CdmKeyAllowedUsage
// For schemes that do not use pattern encryption (cenc), encrypt and skip
// must be set to 0. For those that do (cbcs), it is recommended that
@@ -935,6 +940,7 @@ const char* RequestedSecurityLevelToString(
RequestedSecurityLevel security_level);
const char* CdmWatermarkingSupportToString(CdmWatermarkingSupport support);
const char* CdmProductionReadinessToString(CdmProductionReadiness readiness);
const char* CdmCipherModeToString(CdmCipherMode cipher_mode);
// Converts a generic, unknown enum value to a string representation
// containing its numeric value.
// The pointer returned from this function is thread_local.
@@ -953,5 +959,4 @@ const char* BoolToString(bool value);
// Logging utilities for OEMCrypto types.
const char* OemCryptoResultToString(OEMCryptoResult result);
} // namespace wvcdm
#endif // WVCDM_CORE_WV_CDM_TYPES_H_