105 lines
3.5 KiB
C++
105 lines
3.5 KiB
C++
// Copyright 2012 Google Inc. All Rights Reserved.
|
|
|
|
#ifndef WVCDM_CORE_CRYPTO_SESSSION_H_
|
|
#define WVCDM_CORE_CRYPTO_SESSSION_H_
|
|
|
|
#include <string>
|
|
#include <map>
|
|
|
|
#include "lock.h"
|
|
#include "oemcrypto_adapter.h"
|
|
#include "OEMCryptoCENC.h"
|
|
#include "wv_cdm_types.h"
|
|
|
|
namespace wvcdm {
|
|
|
|
class CryptoKey;
|
|
typedef std::map<CryptoKeyId, CryptoKey*> CryptoKeyMap;
|
|
|
|
class CryptoSession {
|
|
public:
|
|
CryptoSession();
|
|
~CryptoSession();
|
|
|
|
bool ValidateKeybox();
|
|
bool GetToken(std::string* token);
|
|
CdmSecurityLevel GetSecurityLevel();
|
|
bool GetDeviceUniqueId(std::string* device_id);
|
|
bool GetSystemId(uint32_t* system_id);
|
|
bool GetProvisioningId(std::string* provisioning_id);
|
|
|
|
CdmResponseType Open() { return Open(kLevelDefault); }
|
|
CdmResponseType Open(SecurityLevel requested_security_level);
|
|
void Close();
|
|
|
|
bool IsOpen() { return open_; }
|
|
CryptoSessionId oec_session_id() { return oec_session_id_; }
|
|
|
|
// Key request/response
|
|
void GenerateRequestId(std::string& req_id_str);
|
|
bool PrepareRequest(const std::string& key_deriv_message,
|
|
bool is_provisioning, std::string* signature);
|
|
bool PrepareRenewalRequest(const std::string& message,
|
|
std::string* signature);
|
|
CdmResponseType LoadKeys(const std::string& message,
|
|
const std::string& signature,
|
|
const std::string& mac_key_iv,
|
|
const std::string& mac_key,
|
|
int num_keys, const CryptoKey* key_array);
|
|
bool LoadCertificatePrivateKey(std::string& wrapped_key);
|
|
bool RefreshKeys(const std::string& message, const std::string& signature,
|
|
int num_keys, const CryptoKey* key_array);
|
|
bool GenerateNonce(uint32_t* nonce);
|
|
bool GenerateDerivedKeys(const std::string& message);
|
|
bool GenerateDerivedKeys(const std::string& message,
|
|
const std::string& session_key);
|
|
bool RewrapDeviceRSAKey(const std::string& message,
|
|
const std::string& signature,
|
|
const std::string& nonce,
|
|
const std::string& enc_rsa_key,
|
|
const std::string& rsa_key_iv,
|
|
std::string* wrapped_rsa_key);
|
|
|
|
// Media data path
|
|
CdmResponseType Decrypt(const CdmDecryptionParameters& parameters);
|
|
|
|
bool GetRandom(size_t data_length, uint8_t* random_data);
|
|
|
|
private:
|
|
void Init();
|
|
void Terminate();
|
|
void GenerateMacContext(const std::string& input_context,
|
|
std::string* deriv_context);
|
|
void GenerateEncryptContext(const std::string& input_context,
|
|
std::string* deriv_context);
|
|
bool GenerateSignature(const std::string& message, std::string* signature);
|
|
bool GenerateRsaSignature(const std::string& message, std::string* signature);
|
|
size_t GetOffset(std::string message, std::string field);
|
|
bool SetDestinationBufferType();
|
|
|
|
bool SelectKey(const std::string& key_id);
|
|
|
|
static const size_t kSignatureSize = 32; // size for HMAC-SHA256 signature
|
|
static Lock crypto_lock_;
|
|
static bool initialized_;
|
|
static int session_count_;
|
|
|
|
bool open_;
|
|
CryptoSessionId oec_session_id_;
|
|
|
|
OEMCryptoBufferType destination_buffer_type_;
|
|
bool is_destination_buffer_type_valid_;
|
|
SecurityLevel requested_security_level_;
|
|
|
|
KeyId key_id_;
|
|
|
|
uint64_t request_id_base_;
|
|
static uint64_t request_id_index_;
|
|
|
|
CORE_DISALLOW_COPY_AND_ASSIGN(CryptoSession);
|
|
};
|
|
|
|
}; // namespace wvcdm
|
|
|
|
#endif // WVCDM_CORE_CRYPTO_SESSSION_H_
|