Source release 17.1.0
This commit is contained in:
John "Juce" Bruce
@@ -1,16 +1,19 @@
|
||||
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
|
||||
// source code may only be used and distributed under the Widevine Master
|
||||
// License Agreement.
|
||||
// source code may only be used and distributed under the Widevine License
|
||||
// Agreement.
|
||||
//
|
||||
#ifndef WVCDM_CORE_DEVICE_FILES_H_
|
||||
#define WVCDM_CORE_DEVICE_FILES_H_
|
||||
|
||||
#include <mutex>
|
||||
#include <set>
|
||||
#include <string>
|
||||
#include <vector>
|
||||
|
||||
#include "crypto_wrapped_key.h"
|
||||
#include "device_files.pb.h"
|
||||
#include "disallow_copy_and_assign.h"
|
||||
#include "okp_info.h"
|
||||
#include "platform.h"
|
||||
#include "wv_cdm_types.h"
|
||||
|
||||
@@ -18,17 +21,31 @@
|
||||
# include <gtest/gtest_prod.h>
|
||||
#endif
|
||||
|
||||
namespace wvcdm {
|
||||
|
||||
namespace wvutil {
|
||||
class FileSystem;
|
||||
}
|
||||
|
||||
namespace wvcdm {
|
||||
|
||||
class DeviceFiles {
|
||||
public:
|
||||
typedef enum {
|
||||
kLicenseStateActive,
|
||||
kLicenseStateReleasing,
|
||||
kLicenseStateUnknown,
|
||||
} LicenseState;
|
||||
kCertificateValid,
|
||||
kCertificateExpired,
|
||||
kCertificateNotFound,
|
||||
kCertificateInvalid,
|
||||
kCannotHandle,
|
||||
} CertificateState;
|
||||
|
||||
// |kCertificateDefault| includes an expiration time set by the provisioning
|
||||
// service. This will replace any legacy certificates, if a forced
|
||||
// reprovisioning happens at the client or by the license service.
|
||||
// ATSC certificates are unaffected and have an unlimited lifetime.
|
||||
typedef enum {
|
||||
kCertificateDefault,
|
||||
kCertificateLegacy,
|
||||
kCertificateAtsc,
|
||||
} CertificateType;
|
||||
|
||||
// All error response codes start with 5000 to avoid overlap with other error
|
||||
// spaces.
|
||||
@@ -53,11 +70,17 @@ class DeviceFiles {
|
||||
kLicenseNotPresent = kResponseTypeBase + 16,
|
||||
};
|
||||
|
||||
// Converts the different enum types to a human readable C-string for
|
||||
// logging.
|
||||
static const char* CertificateStateToString(CertificateState state);
|
||||
static const char* CertificateTypeToString(CertificateType type);
|
||||
static const char* ResponseTypeToString(ResponseType type);
|
||||
|
||||
// CdmLicenseData represents all of the data that is stored in CDM
|
||||
// license file. License data is uniquely keyed using |key_set_id|.
|
||||
struct CdmLicenseData {
|
||||
std::string key_set_id;
|
||||
LicenseState state;
|
||||
CdmOfflineLicenseState state;
|
||||
CdmInitData pssh_data;
|
||||
// License request / response.
|
||||
CdmKeyMessage license_request;
|
||||
@@ -76,6 +99,8 @@ class DeviceFiles {
|
||||
// Usage entry and index.
|
||||
CdmUsageEntry usage_entry;
|
||||
uint32_t usage_entry_number;
|
||||
std::string drm_certificate;
|
||||
CryptoWrappedKey wrapped_private_key;
|
||||
};
|
||||
|
||||
struct CdmUsageData {
|
||||
@@ -85,9 +110,11 @@ class DeviceFiles {
|
||||
std::string key_set_id;
|
||||
CdmUsageEntry usage_entry;
|
||||
uint32_t usage_entry_number;
|
||||
std::string drm_certificate;
|
||||
CryptoWrappedKey wrapped_private_key;
|
||||
};
|
||||
|
||||
DeviceFiles(FileSystem*);
|
||||
DeviceFiles(wvutil::FileSystem*);
|
||||
virtual ~DeviceFiles();
|
||||
|
||||
virtual bool Init(CdmSecurityLevel security_level);
|
||||
@@ -98,15 +125,30 @@ class DeviceFiles {
|
||||
// ATSC certificates are installed by the ATSC service. They can be read
|
||||
// and used but not written or removed.
|
||||
virtual bool StoreCertificate(const std::string& certificate,
|
||||
const std::string& wrapped_private_key);
|
||||
virtual bool RetrieveCertificate(bool atsc_mode_enabled,
|
||||
std::string* certificate,
|
||||
std::string* wrapped_private_key,
|
||||
std::string* serial_number,
|
||||
uint32_t* system_id);
|
||||
const CryptoWrappedKey& private_key);
|
||||
virtual CertificateState RetrieveCertificate(bool atsc_mode_enabled,
|
||||
std::string* certificate,
|
||||
CryptoWrappedKey* private_key,
|
||||
std::string* serial_number,
|
||||
uint32_t* system_id);
|
||||
// Returns true if a DRM certificate is available.
|
||||
virtual bool HasCertificate(bool atsc_mode_enabled);
|
||||
// Retrieves the legacy DRM certificate without performing expiry
|
||||
// related validation. Use this only when restoring/releasing
|
||||
// licenses/usage entries
|
||||
virtual bool RetrieveLegacyCertificate(std::string* certificate,
|
||||
CryptoWrappedKey* private_key,
|
||||
std::string* serial_number,
|
||||
uint32_t* system_id);
|
||||
virtual bool RemoveCertificate();
|
||||
|
||||
virtual bool StoreOemCertificate(const std::string& certificate,
|
||||
const CryptoWrappedKey& private_key);
|
||||
virtual DeviceFiles::CertificateState RetrieveOemCertificate(
|
||||
std::string* certificate, CryptoWrappedKey* wrapped_private_key);
|
||||
virtual bool HasOemCertificate();
|
||||
virtual bool RemoveOemCertificate();
|
||||
|
||||
virtual bool StoreLicense(const CdmLicenseData& license_data,
|
||||
ResponseType* result);
|
||||
|
||||
@@ -134,13 +176,12 @@ class DeviceFiles {
|
||||
// required creation of reverse lookup tables (CdmUsageEntryInfo).
|
||||
// |app_id| however was hashed and unextractable, and necessitated the
|
||||
// switch to |usage_info_file_name|
|
||||
virtual bool StoreUsageInfo(const std::string& provider_session_token,
|
||||
const CdmKeyMessage& key_request,
|
||||
const CdmKeyResponse& key_response,
|
||||
const std::string& usage_info_file_name,
|
||||
const std::string& key_set_id,
|
||||
const CdmUsageEntry& usage_entry,
|
||||
uint32_t usage_entry_number);
|
||||
virtual bool StoreUsageInfo(
|
||||
const std::string& provider_session_token,
|
||||
const CdmKeyMessage& key_request, const CdmKeyResponse& key_response,
|
||||
const std::string& usage_info_file_name, const std::string& key_set_id,
|
||||
const CdmUsageEntry& usage_entry, uint32_t usage_entry_number,
|
||||
const std::string& drm_certificate, const CryptoWrappedKey& wrapped_key);
|
||||
|
||||
// Retrieve usage identifying information stored on the file system.
|
||||
// The caller needs to specify at least one of |ksids| or
|
||||
@@ -186,12 +227,6 @@ class DeviceFiles {
|
||||
|
||||
virtual bool DeleteAllUsageInfo();
|
||||
|
||||
// Retrieve one usage info from the file. Subsequent calls will retrieve
|
||||
// subsequent entries in the table for this app_id.
|
||||
virtual bool RetrieveUsageInfo(
|
||||
const std::string& usage_info_file_name,
|
||||
std::vector<std::pair<CdmKeyMessage, CdmKeyResponse> >* usage_info);
|
||||
|
||||
// Retrieve the usage info entry specified by |provider_session_token|.
|
||||
// Returns false if the entry could not be found.
|
||||
virtual bool RetrieveUsageInfo(const std::string& usage_info_file_name,
|
||||
@@ -199,14 +234,17 @@ class DeviceFiles {
|
||||
CdmKeyMessage* license_request,
|
||||
CdmKeyResponse* license_response,
|
||||
CdmUsageEntry* usage_entry,
|
||||
uint32_t* usage_entry_number);
|
||||
uint32_t* usage_entry_number,
|
||||
std::string* drm_certificate,
|
||||
CryptoWrappedKey* wrapped_key);
|
||||
// Retrieve the usage info entry specified by |key_set_id|.
|
||||
// Returns false if the entry could not be found.
|
||||
virtual bool RetrieveUsageInfoByKeySetId(
|
||||
const std::string& usage_info_file_name, const std::string& key_set_id,
|
||||
std::string* provider_session_token, CdmKeyMessage* license_request,
|
||||
CdmKeyResponse* license_response, CdmUsageEntry* usage_entry,
|
||||
uint32_t* usage_entry_number);
|
||||
uint32_t* usage_entry_number, std::string* drm_certificate,
|
||||
CryptoWrappedKey* wrapped_key);
|
||||
|
||||
// These APIs support upgrading from usage tables to usage tabler header +
|
||||
// entries introduced in OEMCrypto V13.
|
||||
@@ -245,9 +283,23 @@ class DeviceFiles {
|
||||
|
||||
virtual bool DeleteUsageTableInfo();
|
||||
|
||||
// OTA Keybox Provisioning (OKP) information.
|
||||
virtual bool StoreOkpInfo(const okp::SystemFallbackInfo& info);
|
||||
virtual bool RetrieveOkpInfo(okp::SystemFallbackInfo* info);
|
||||
virtual bool DeleteOkpInfo();
|
||||
|
||||
private:
|
||||
// This method will retrieve the certificate and perform expiry validation
|
||||
// appropriate for a given certificate type
|
||||
CertificateState RetrieveCertificate(CertificateType certificate_type,
|
||||
std::string* certificate,
|
||||
CryptoWrappedKey* private_key,
|
||||
std::string* serial_number,
|
||||
uint32_t* system_id);
|
||||
bool HasCertificate(CertificateType certificate_type);
|
||||
|
||||
// Helpers that wrap the File interface and automatically handle hashing, as
|
||||
// well as adding the device files base path to to the file name.
|
||||
// well as adding the device files base path to the file name.
|
||||
ResponseType StoreFileWithHash(const std::string& name,
|
||||
const std::string& serialized_file);
|
||||
ResponseType StoreFileRaw(const std::string& name,
|
||||
@@ -259,27 +311,45 @@ class DeviceFiles {
|
||||
bool RemoveFile(const std::string& name);
|
||||
ssize_t GetFileSize(const std::string& name);
|
||||
|
||||
static std::string GetCertificateFileName(bool atsc_mode_enabled);
|
||||
static bool GetCertificateFileName(CertificateType certificate_type,
|
||||
std::string* certificate_file_name);
|
||||
static bool GetOemCertificateFileName(std::string* certificate_file_name);
|
||||
|
||||
static std::string GetHlsAttributesFileNameExtension();
|
||||
static std::string GetLicenseFileNameExtension();
|
||||
static std::string GetUsageTableFileName();
|
||||
static std::string GetOkpInfoFileName();
|
||||
static std::string GetFileNameSafeHash(const std::string& input);
|
||||
|
||||
#if defined(UNIT_TEST)
|
||||
FRIEND_TEST(DeviceFilesSecurityLevelTest, SecurityLevel);
|
||||
FRIEND_TEST(DeviceCertificateTest, StoreCertificate);
|
||||
FRIEND_TEST(DeviceFilesSecurityLevelTest, RequestedSecurityLevel);
|
||||
FRIEND_TEST(DeviceCertificateTest, ReadCertificate);
|
||||
FRIEND_TEST(DeviceCertificateTest, HasCertificate);
|
||||
FRIEND_TEST(DeviceFilesStoreTest, StoreLicense);
|
||||
FRIEND_TEST(DeviceFilesHlsAttributesTest, Delete);
|
||||
FRIEND_TEST(DeviceFilesHlsAttributesTest, Read);
|
||||
FRIEND_TEST(DeviceFilesHlsAttributesTest, Store);
|
||||
FRIEND_TEST(DeviceFilesTest, DeleteLicense);
|
||||
FRIEND_TEST(DeviceFilesTest, ReserveLicenseIdsDoesNotUseFileSystem);
|
||||
FRIEND_TEST(DeviceFilesTest, RetrieveLicenses);
|
||||
FRIEND_TEST(DeviceFilesTest, AppParametersBackwardCompatibility);
|
||||
FRIEND_TEST(DeviceFilesTest, DeleteLicense);
|
||||
FRIEND_TEST(DeviceFilesTest, HasCertificateAtsc);
|
||||
FRIEND_TEST(DeviceFilesTest, HasCertificateDefault);
|
||||
FRIEND_TEST(DeviceFilesTest, HasCertificateLegacy);
|
||||
FRIEND_TEST(DeviceFilesTest, HasCertificateNone);
|
||||
FRIEND_TEST(DeviceFilesTest, ReserveLicenseIdsDoesNotUseFileSystem);
|
||||
FRIEND_TEST(DeviceFilesTest, RetrieveAtscCertificate);
|
||||
FRIEND_TEST(DeviceFilesTest, RetrieveAtscCertificateNotFound);
|
||||
FRIEND_TEST(DeviceFilesTest, RetrieveCertificateWithoutKeyType);
|
||||
FRIEND_TEST(DeviceFilesTest, RetrieveDefaultCertificate);
|
||||
FRIEND_TEST(DeviceFilesTest, RetrieveDefaultCertificateNeverExpires);
|
||||
FRIEND_TEST(DeviceFilesTest,
|
||||
RetrieveLegacyCertificateWithClientExpirationTime);
|
||||
FRIEND_TEST(DeviceFilesTest, RetrieveLegacyCertificateWithoutExpirationTime);
|
||||
FRIEND_TEST(DeviceFilesTest, RetrieveLicenses);
|
||||
FRIEND_TEST(DeviceFilesTest, StoreCertificateInvalidParams);
|
||||
FRIEND_TEST(DeviceFilesTest, StoreLicenses);
|
||||
FRIEND_TEST(DeviceFilesTest, UpdateLicenseState);
|
||||
FRIEND_TEST(DeviceFilesTest, OkpInfo_FileDoesNotExist);
|
||||
FRIEND_TEST(DeviceFilesTest, OkpInfo_DeleteFile);
|
||||
FRIEND_TEST(DeviceFilesTest, OkpInfo_StoreAndRetrieve);
|
||||
FRIEND_TEST(DeviceFilesUsageInfoTest, Delete);
|
||||
FRIEND_TEST(DeviceFilesUsageInfoTest, DeleteAll);
|
||||
FRIEND_TEST(DeviceFilesUsageInfoTest, Read);
|
||||
@@ -287,6 +357,9 @@ class DeviceFiles {
|
||||
FRIEND_TEST(DeviceFilesUsageTableTest, Read);
|
||||
FRIEND_TEST(DeviceFilesUsageTableTest, Store);
|
||||
FRIEND_TEST(DeviceFilesUsageTableTest, ReadWithoutLruData);
|
||||
FRIEND_TEST(RetrieveDefaultCertificateTest, ErrorScenarios);
|
||||
FRIEND_TEST(RetrieveLegacyCertificateTest, ErrorScenarios);
|
||||
FRIEND_TEST(StoreCertificateTest, DefaultAndLegacy);
|
||||
FRIEND_TEST(WvCdmRequestLicenseTest, UnprovisionTest);
|
||||
FRIEND_TEST(WvCdmRequestLicenseTest, ForceL3Test);
|
||||
FRIEND_TEST(WvCdmRequestLicenseTest, UsageInfoRetryTest);
|
||||
@@ -297,8 +370,9 @@ class DeviceFiles {
|
||||
#endif
|
||||
|
||||
static std::set<std::string> reserved_license_ids_;
|
||||
static std::mutex reserved_license_ids_mutex_;
|
||||
|
||||
FileSystem* file_system_;
|
||||
wvutil::FileSystem* file_system_;
|
||||
CdmSecurityLevel security_level_;
|
||||
bool initialized_;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user