//////////////////////////////////////////////////////////////////////////////// // Copyright 2020 Google LLC. // // This software is licensed under the terms defined in the Widevine Master // License Agreement. For a copy of this agreement, please contact // widevine-licensing@google.com. //////////////////////////////////////////////////////////////////////////////// // // Description: // Container of device security profiles. Security profiles indicate rules // to allow using the profile. The rules are based on DRM capabilities of a // device. #ifndef COMMON_SECURITY_PROFILE_LIST_H_ #define COMMON_SECURITY_PROFILE_LIST_H_ #include "absl/synchronization/mutex.h" #include "protos/public/client_identification.pb.h" #include "protos/public/device_security_profile_data.pb.h" #include "protos/public/provisioned_device_info.pb.h" #include "protos/public/security_profile.pb.h" namespace widevine { using ClientCapabilities = ClientIdentification::ClientCapabilities; // The SecurityProfileList will hold all security profiles. During license // acquisition, information from the client and information from the server are // combined to deternmine the device's security profile level. class SecurityProfileList { public: explicit SecurityProfileList(const std::string& profile_namespace); virtual ~SecurityProfileList() {} // Initialize the security profile list. The size of the profile list is // returned. virtual int Init(); // Add the specified profile to the existing list of profiles. Returns true // if successfully inserted, false if unable to insert. bool InsertProfile(const SecurityProfile& profile_to_insert); // Populates |profiles_allow| with a list of profiles from the specified // |profiles_to_check| list that meet the requirements for the this device. // The number of profiles is returned. virtual int GetQualifiedProfilesFromSpecifiedProfiles( const std::vector& profiles_to_check, const ClientIdentification& client_id, const ProvisionedDeviceInfo& device_info, std::vector* qualified_profiles) const; // Populates |profiles_to_allow| with a list of profiles that meet the // requirements for the this device. The number of profiles is returned. virtual int GetQualifiedProfiles( const ClientIdentification& client_id, const ProvisionedDeviceInfo& device_info, std::vector* qualified_profiles) const; // Return true if a profile exist matching the specified |name|. // |security_profile| is owned by the caller and is populated if a profile // exist. bool GetProfileByName(const std::string& name, SecurityProfile* security_profile) const; // Return the device security capabilities. |drm_info| is populated with // data from |client_id| and |device_info|. |drm_info| must not be null and // is owned by the caller. bool GetDrmInfo(const ClientIdentification& client_id, const ProvisionedDeviceInfo& device_info, SecurityProfile::DrmInfo* drm_info) const; // Return the number of profiles in the list. int NumProfiles() const; // Return a list of profile names. virtual void GetProfileNames(std::vector* profile_names) const; protected: void ClearAllProfiles(); private: bool DoesProfileQualify(const SecurityProfile& profile, const ClientIdentification& client_id, const ProvisionedDeviceInfo& device_info) const; int64_t GetCurrentTimeSeconds() const; bool IsProfileActive(const SecurityProfile& profile, int64_t current_time_seconds) const; mutable absl::Mutex mutex_; // Security profiles std::string profile_namespace_; std::vector security_profiles_ ABSL_GUARDED_BY(mutex_); }; } // namespace widevine #endif // COMMON_SECURITY_PROFILE_LIST_H_