widevine-partner/ce_cdm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Source release 19.1.0

Browse Source
This commit is contained in:
Matt Feddersen
2024-03-28 19:21:54 -07:00
parent 28ec8548c6
commit b8bdfccebe
182 changed files with 10645 additions and 2040 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
core/include/cdm_engine.h
View File

@@ -332,12 +332,6 @@ class CdmEngine {
return CryptoSession::SetDebugIgnoreKeyboxCount(count);
}
// This tells the OEMCrypto adapter to allow the device to continue with a
// test keybox. Otherwise, the keybox is reported as invalid.
static CdmResponseType SetAllowTestKeybox(bool allow) {
return CryptoSession::SetAllowTestKeybox(allow);
}
static CdmResponseType ParseDecryptHashString(const std::string& hash_string,
CdmSessionId* id,
uint32_t* frame_number,

7
core/include/cdm_session.h
View File

@@ -265,8 +265,6 @@ class CdmSession {
bool HasRootOfTrustBeenRenewed();
CdmResponseType ResetCryptoSession();
// These setters are for testing only. Takes ownership of the pointers.
void set_license_parser(CdmLicense* license_parser);
void set_crypto_session(CryptoSession* crypto_session);
@@ -342,9 +340,8 @@ class CdmSession {
bool has_license_been_loaded_ = false;
bool has_license_been_restored_ = false;
bool mock_crypto_session_in_use_ = false;
bool mock_license_parser_in_use_ = false;
bool mock_policy_engine_in_use_ = false;
bool mock_license_parser_in_use_;
bool mock_policy_engine_in_use_;
CORE_DISALLOW_COPY_AND_ASSIGN(CdmSession);
};

1
core/include/certificate_provisioning.h
View File

@@ -125,6 +125,7 @@ class CertificateProvisioning {
std::unique_ptr<CryptoSession> crypto_session_;
CdmCertificateType cert_type_;
std::unique_ptr<ServiceCertificate> service_certificate_;
std::string request_;
// The wrapped private key in provisioning 4 generated by calling
// GenerateCertificateKeyPair. It will be saved to file system if a valid
// response is received.

7
core/include/content_key_session.h
View File

@@ -24,13 +24,6 @@ class ContentKeySession : public KeySession {
KeySessionType Type() override { return kDefault; }
// Generate Derived Keys for ContentKeySession
OEMCryptoResult GenerateDerivedKeys(const std::string& message) override;
// Generate Derived Keys (from session key) for ContentKeySession
OEMCryptoResult GenerateDerivedKeys(const std::string& message,
const std::string& session_key) override;
// Load Keys for ContentKeySession
OEMCryptoResult LoadKeys(const std::string& message,
const std::string& signature,

33
core/include/crypto_session.h
View File

@@ -91,6 +91,13 @@ class CryptoSession {
virtual CdmResponseType GetProvisioningToken(std::string* token,
std::string* additional_token);
virtual CdmResponseType GetProvisioning40TokenType(
RequestedSecurityLevel requested_security_level,
OEMCrypto_BCCType* bcc_type);
// Must be called after session is open.
virtual CdmResponseType GetProvisioning40TokenType(
OEMCrypto_BCCType* bcc_type);
virtual CdmClientTokenType GetPreProvisionTokenType() {
return pre_provision_token_type_;
}
@@ -162,7 +169,9 @@ class CryptoSession {
OEMCrypto_SignatureHashAlgorithm& algorithm);
virtual CdmResponseType UseSecondaryKey(bool dual_key);
// V16 licenses.
virtual CdmResponseType LoadLicense(const std::string& signed_message,
virtual CdmResponseType LoadLicense(const std::string& context,
const std::string& session_key,
const std::string& signed_message,
const std::string& core_message,
const std::string& signature,
CdmLicenseKeyType key_type);
@@ -181,17 +190,19 @@ class CryptoSession {
const std::vector<CryptoKey>& key_array);
// Provisioning request/responses
virtual CdmResponseType GenerateDerivedKeys(const std::string& message);
virtual CdmResponseType GenerateDerivedKeys(const std::string& message,
const std::string& session_key);
virtual CdmResponseType PrepareAndSignProvisioningRequest(
const std::string& message, std::string* core_message,
std::string* signature, bool& should_specify_algorithm,
OEMCrypto_SignatureHashAlgorithm& algorithm);
virtual CdmResponseType LoadProvisioning(const std::string& signed_message,
virtual CdmResponseType LoadProvisioning(const std::string& request,
const std::string& signed_message,
const std::string& core_message,
const std::string& signature,
std::string* wrapped_private_key);
virtual CdmResponseType LoadProvisioningCast(
const std::string& derivation_key, const std::string& request,
const std::string& signed_message, const std::string& core_message,
const std::string& signature, std::string* wrapped_private_key);
virtual CdmResponseType LoadCertificatePrivateKey(
const CryptoWrappedKey& private_key);
virtual CdmResponseType GetBootCertificateChain(
@@ -341,10 +352,6 @@ class CryptoSession {
// report that it needs provisioning instead.
static CdmResponseType SetDebugIgnoreKeyboxCount(uint32_t count);
// This tells the OEMCrypto adapter to allow the device to continue with a
// test keybox. Otherwise, the keybox is reported as invalid.
static CdmResponseType SetAllowTestKeybox(bool allow);
// Returns a system-wide singleton instance of SystemFallbackPolicy
// to be used for communicating OTA keybox provisioning state between
// apps. Returns a null pointer if OTA provisioning is not supported,
@@ -484,12 +491,12 @@ class CryptoSession {
// otherwise, such as making two calls into OEMCrypto immediately after each
// other.
template <class Func>
static auto WithStaticFieldWriteLock(const char* tag, Func body)
-> decltype(body());
static auto WithStaticFieldWriteLock(const char* tag,
Func body) -> decltype(body());
template <class Func>
static auto WithStaticFieldReadLock(const char* tag, Func body)
-> decltype(body());
static auto WithStaticFieldReadLock(const char* tag,
Func body) -> decltype(body());
template <class Func>
static auto WithOecWriteLock(const char* tag, Func body) -> decltype(body());

3
core/include/key_session.h
View File

@@ -23,9 +23,6 @@ class KeySession {
typedef enum { kDefault, kEntitlement } KeySessionType;
virtual ~KeySession() {}
virtual KeySessionType Type() = 0;
virtual OEMCryptoResult GenerateDerivedKeys(const std::string& message) = 0;
virtual OEMCryptoResult GenerateDerivedKeys(
const std::string& message, const std::string& session_key) = 0;
virtual OEMCryptoResult LoadKeys(const std::string& message,
const std::string& signature,
const std::string& mac_key_iv,

24
core/include/license.h
View File

@@ -90,15 +90,6 @@ class CdmLicense {
const CdmKeyResponse& license_response,
std::string* provider_session_token);
// Testing only. Caller retains ownership of pointers.
void set_crypto_session(CryptoSession* crypto_session) {
crypto_session_ = crypto_session;
}
void set_policy_engine(PolicyEngine* policy_engine) {
policy_engine_ = policy_engine;
}
private:
CdmResponseType HandleKeyErrorResponse(
const video_widevine::SignedMessage& signed_message);
@@ -114,16 +105,18 @@ class CdmLicense {
video_widevine::LicenseRequest* license_request);
CdmResponseType HandleContentKeyResponse(
bool is_restore, const std::string& msg, const std::string& core_message,
const std::string& signature, const std::vector<CryptoKey>& key_array,
bool is_restore, const std::string& session_key, const std::string& msg,
const std::string& core_message, const std::string& signature,
const std::vector<CryptoKey>& key_array,
const video_widevine::License& license);
// HandleEntitlementKeyResponse loads the entitlement keys in |key_array| into
// the crypto session. In addition, it also extracts content keys from
// |wrapped_keys_| and loads them for use.
CdmResponseType HandleEntitlementKeyResponse(
bool is_restore, const std::string& msg, const std::string& core_message,
const std::string& signature, const std::vector<CryptoKey>& key_array,
bool is_restore, const std::string& session_key, const std::string& msg,
const std::string& core_message, const std::string& signature,
const std::vector<CryptoKey>& key_array,
const video_widevine::License& license);
// Prepare to reload a key update message. Some special code is needed to work
@@ -138,8 +131,8 @@ class CdmLicense {
bool SetTypeAndId(CdmLicenseType license_type, const std::string& request_id,
T* content_id);
CryptoSession* crypto_session_ = nullptr;
PolicyEngine* policy_engine_ = nullptr;
CryptoSession* crypto_session_;
PolicyEngine* policy_engine_;
std::string server_url_;
std::string client_token_;
const CdmSessionId session_id_;
@@ -147,6 +140,7 @@ class CdmLicense {
bool initialized_;
std::set<KeyId> loaded_keys_;
std::string provider_session_token_;
video_widevine::ProtocolVersion protocol_version_;
bool renew_with_client_id_;
bool is_offline_;

7
core/include/oemcrypto_adapter.h
View File

@@ -20,10 +20,6 @@ OEMCryptoResult OEMCrypto_InitializeAndCheckKeybox(
// report that it needs provisioning instead.
OEMCryptoResult OEMCrypto_SetDebugIgnoreKeyboxCount(uint32_t count);
// This tells the OEMCrypto adapter to allow the device to continue with a
// test keybox. Otherwise, the keybox is reported as invalid.
OEMCryptoResult OEMCrypto_SetAllowTestKeybox(bool allow);
// This attempts to open a session at the desired security level.
// If one level is not available, the other will be used instead.
OEMCryptoResult OEMCrypto_OpenSession(OEMCrypto_SESSION* session,
@@ -98,7 +94,8 @@ OEMCryptoResult OEMCrypto_Generic_Verify(
size_t key_handle_length, const OEMCrypto_SharedMemory* buffer,
size_t buffer_length, OEMCrypto_Algorithm algorithm,
const OEMCrypto_SharedMemory* signature, size_t signature_length);
OEMCryptoResult OEMCrypto_GetBCCType(RequestedSecurityLevel level,
OEMCrypto_BCCType* bcc_type);
} // namespace wvcdm
#endif // WVCDM_CORE_OEMCRYPTO_ADAPTER_H_

7
core/include/policy_engine.h
View File

@@ -106,8 +106,6 @@ class PolicyEngine {
virtual const LicenseIdentification& license_id() { return license_id_; }
WvCdmEventListener* event_listener() { return event_listener_; }
bool GetSecondsSinceStarted(int64_t* seconds_since_started);
bool GetSecondsSinceLastPlayed(int64_t* seconds_since_started);
@@ -133,11 +131,6 @@ class PolicyEngine {
return license_keys_->MeetsConstraints(key_id);
}
// Testing only. Caller retains ownership.
void set_crypto_session(CryptoSession* crypto_session) {
crypto_session_ = crypto_session;
}
private:
friend class PolicyEngineTest;
friend class PolicyEngineConstraintsTest;

1
core/include/privacy_crypto.h
View File

@@ -83,6 +83,7 @@ bool ExtractExtensionValueFromCertificate(const std::string& cert,
std::string Md5Hash(const std::string& data);
std::string Sha256Hash(const std::string& data);
std::string Sha512Hash(const std::string& data);
} // namespace wvcdm

2
core/include/properties.h
View File

@@ -82,6 +82,8 @@ class Properties {
static bool GetSandboxId(std::string* sandbox_id);
static bool AlwaysUseKeySetIds();
static bool UseProviderIdInProvisioningRequest();
// Cdm only loads L3 library when this returns true
static bool ForceL3();
static bool GetSecurityLevelDirectories(std::vector<std::string>* dirs);
static bool GetApplicationId(const CdmSessionId& session_id,

2
core/include/wv_cdm_types.h
View File

@@ -948,8 +948,6 @@ const char* IdToString(const std::string& id);
// provided as string pointers.
const char* IdPtrToString(const std::string* id);
const char* BoolToString(bool value);
// Logging utilities for OEMCrypto types.
const char* OemCryptoResultToString(OEMCryptoResult result);
} // namespace wvcdm