Source release v2.1.1-0-738 + third_party libs

Change-Id: I76e298f8092951d4214c776d6bbcad6b763eb5b2

core/src/certificate_provisioning.cpp

@@ -6,12 +6,13 @@
 #include "license_protocol.pb.h"
 #include "log.h"
 #include "string_conversions.h"
+#include "wv_cdm_constants.h"
 
 namespace {
 
-// WHAT: URL for Google Provisioning Server.
-// WHY:  The provisioning server supplies the certificate that is needed
-//       to communicate with the License Server.
+// URL for Google Provisioning Server.
+// The provisioning server supplies the certificate that is needed
+// to communicate with the License Server.
 const std::string kProvisioningServerUrl =
   "https://www.googleapis.com/"
   "certificateprovisioning/v1/devicecertificates/create"
@@ -21,6 +22,7 @@ const std::string kProvisioningServerUrl =
 namespace wvcdm {
 // Protobuf generated classes.
 using video_widevine_server::sdk::ClientIdentification;
+using video_widevine_server::sdk::ProvisioningOptions;
 using video_widevine_server::sdk::ProvisioningRequest;
 using video_widevine_server::sdk::ProvisioningResponse;
 using video_widevine_server::sdk::SignedProvisioningMessage;
@@ -58,6 +60,8 @@ void CertificateProvisioning::ComposeJsonRequestAsQueryString(
  */
 CdmResponseType CertificateProvisioning::GetProvisioningRequest(
     SecurityLevel requested_security_level,
+    CdmCertificateType cert_type,
+    const std::string& cert_authority,
     CdmProvisioningRequest* request,
     std::string* default_url) {
   if (!default_url) {
@@ -95,6 +99,24 @@ CdmResponseType CertificateProvisioning::GetProvisioningRequest(
   std::string the_nonce(reinterpret_cast<char*>(&nonce), sizeof(nonce));
   provisioning_request.set_nonce(the_nonce);
 
+  ProvisioningOptions* options = provisioning_request.mutable_options();
+  switch (cert_type) {
+    case kCertificateWidevine:
+      options->set_certificate_type(
+          video_widevine_server::sdk::ProvisioningOptions_CertificateType_RSA_WIDEVINE);
+      break;
+    case kCertificateX509:
+      options->set_certificate_type(
+          video_widevine_server::sdk::ProvisioningOptions_CertificateType_X509);
+      break;
+    default:
+      LOGE("GetProvisioningRequest: unknown certificate type %ld", cert_type);
+      return UNKNOWN_ERROR;
+  }
+
+  cert_type_ = cert_type;
+  options->set_certificate_authority(cert_authority);
+
   std::string serialized_message;
   provisioning_request.SerializeToString(&serialized_message);
 
@@ -164,7 +186,9 @@ bool CertificateProvisioning::ParseJsonResponse(
  * Returns NO_ERROR for success and UNKNOWN_ERROR if fails.
  */
 CdmResponseType CertificateProvisioning::HandleProvisioningResponse(
-    CdmProvisioningResponse& response) {
+    CdmProvisioningResponse& response,
+    std::string* cert,
+    std::string* wrapped_key) {
 
   // Extracts signed response from JSON string, decodes base64 signed response
   const std::string kMessageStart = "\"signedResponse\": \"";
@@ -229,6 +253,12 @@ CdmResponseType CertificateProvisioning::HandleProvisioningResponse(
 
   crypto_session_.Close();
 
+  if (cert_type_ == kCertificateX509) {
+    *cert = provisioning_response.device_certificate();
+    *wrapped_key = wrapped_rsa_key;
+    return NO_ERROR;
+  }
+
   const std::string& device_certificate =
       provisioning_response.device_certificate();