Add Provisioning 4 support
Widevine provisioning 4 support is added in this patch.
This commit is contained in:
Lu Chen
@@ -10,7 +10,10 @@
|
||||
|
||||
#include "cas_status.h"
|
||||
#include "crypto_session.h"
|
||||
#include "crypto_wrapped_key.h"
|
||||
#include "file_store.h"
|
||||
#include "policy_engine.h"
|
||||
#include "service_certificate.h"
|
||||
#include "timer.h"
|
||||
|
||||
namespace wvcas {
|
||||
@@ -28,32 +31,33 @@ class CasLicense : public wvutil::TimerHandler, public wvcas::CasEventListener {
|
||||
// Generate a request to obtain a device certificate for requesting
|
||||
// entitlements. The generated message is set in |provisioning_request|.
|
||||
virtual CasStatus GenerateDeviceProvisioningRequest(
|
||||
std::string* provisioning_request) const;
|
||||
wvutil::FileSystem& file_system, std::string* provisioning_request);
|
||||
|
||||
// Process a server response containing a device certificate for use in
|
||||
// requesting entitlements. The contained certificate data will be extracted
|
||||
// and wrapped for storage. The public key cert will be returned in
|
||||
// |device_certificate|. The private key information will be wrapped by the
|
||||
// crypto session and returned in |wrapped_rsa_key|.
|
||||
// crypto session and returned in |wrapped_private_key|.
|
||||
// A secure binary file image containing the device cert is returned in
|
||||
// |device_file| if not nullptr. This file is suitable for storage on a device
|
||||
virtual CasStatus HandleDeviceProvisioningResponse(
|
||||
wvutil::FileSystem* file_system,
|
||||
const std::string& signed_provisioning_response,
|
||||
std::string* device_certificate, std::string* wrapped_rsa_key,
|
||||
std::string* device_file) const;
|
||||
std::string* device_certificate,
|
||||
CryptoWrappedKey* wrapped_private_key) const;
|
||||
|
||||
// Generate a request to obtain an EMM (Entitlement Management Message) to
|
||||
// use to enable processing of ECM(s) (Encryption Management Message).
|
||||
// |init_data| is widevine metadata about the stream needed in the request.
|
||||
// |wrapped_rsa_key| and |signed_license_request| are the device certificate
|
||||
// |private_key| and |signed_license_request| are the device certificate
|
||||
// obtained by HandleDeviceProvisioningResponse.
|
||||
virtual CasStatus GenerateEntitlementRequest(
|
||||
const std::string& init_data, const std::string& device_certificate,
|
||||
const std::string& wrapped_rsa_key, LicenseType license_type,
|
||||
const CryptoWrappedKey& private_key, LicenseType license_type,
|
||||
std::string* signed_license_request);
|
||||
|
||||
// Restores a stored license making the keys available for use.
|
||||
virtual CasStatus HandleStoredLicense(const std::string& wrapped_rsa_key,
|
||||
virtual CasStatus HandleStoredLicense(const CryptoWrappedKey& private_key,
|
||||
const std::string& license_file);
|
||||
|
||||
// Process a server response containing a EMM for use in the processing of
|
||||
@@ -68,7 +72,7 @@ class CasLicense : public wvutil::TimerHandler, public wvcas::CasEventListener {
|
||||
// for use in an EMM request.
|
||||
virtual CasStatus HandleStoredDrmCert(const std::string& certificate,
|
||||
std::string* device_certificate,
|
||||
std::string* wrapped_rsa_key);
|
||||
CryptoWrappedKey* private_key);
|
||||
|
||||
// Generate an entitlement renewal request message in
|
||||
// |signed_renewal_request|.
|
||||
@@ -156,6 +160,19 @@ class CasLicense : public wvutil::TimerHandler, public wvcas::CasEventListener {
|
||||
private:
|
||||
CasStatus GenerateDeviceProvisioningRequestWithKeybox(
|
||||
std::string* provisioning_request) const;
|
||||
CasStatus GetProvisioning40RequestInternal(
|
||||
wvutil::FileSystem& file_system,
|
||||
std::string* serialized_provisioning_request);
|
||||
CasStatus FillEncryptedClientId(
|
||||
const std::string& client_token,
|
||||
video_widevine::ProvisioningRequest& provisioning_request,
|
||||
const ServiceCertificate& service_certificate) const;
|
||||
void FillClientProperties(
|
||||
video_widevine::ClientIdentification& client_id) const;
|
||||
CasStatus HandleProvisioning40Response(
|
||||
wvutil::FileSystem* file_system,
|
||||
const video_widevine::SignedProvisioningMessage& signed_response,
|
||||
std::string* cert, CryptoWrappedKey* wrapped_key) const;
|
||||
CasStatus GenerateDeviceProvisioningRequestWithOEMCert() const;
|
||||
CasStatus InstallLicense(const std::string& session_key,
|
||||
const std::string& serialized_license,
|
||||
@@ -177,6 +194,13 @@ class CasLicense : public wvutil::TimerHandler, public wvcas::CasEventListener {
|
||||
std::string renewal_response_;
|
||||
std::string init_data_;
|
||||
bool is_renewal_in_license_file_ = false;
|
||||
std::unique_ptr<ServiceCertificate> wv_service_cert_;
|
||||
// The wrapped private key in provisioning 4 generated by calling
|
||||
// GenerateCertificateKeyPair. It will be saved to file system if a valid
|
||||
// response is received.
|
||||
std::string provisioning_40_wrapped_private_key_;
|
||||
// Key type of the generated key pair in provisioning 4.
|
||||
CryptoWrappedKey::Type provisioning_40_key_type_;
|
||||
};
|
||||
|
||||
} // namespace wvcas
|
||||
|
||||
Reference in New Issue
Block a user