Replace hardcoded parameters

common/certificate_client_cert.h

@@ -0,0 +1,96 @@
+////////////////////////////////////////////////////////////////////////////////
+// Copyright 2019 Google LLC.
+//
+// This software is licensed under the terms defined in the Widevine Master
+// License Agreement. For a copy of this agreement, please contact
+// widevine-licensing@google.com.
+////////////////////////////////////////////////////////////////////////////////
+
+#ifndef COMMON_CERTIFICATE_CLIENT_CERT_H_
+#define COMMON_CERTIFICATE_CLIENT_CERT_H_
+
+#include "common/client_cert.h"
+#include "protos/public/drm_certificate.pb.h"
+
+namespace widevine {
+
+class ClientCertAlgorithm {
+ public:
+  ClientCertAlgorithm() = default;
+  virtual ~ClientCertAlgorithm() = default;
+  ClientCertAlgorithm(const ClientCertAlgorithm&) = delete;
+  ClientCertAlgorithm& operator=(const ClientCertAlgorithm&) = delete;
+
+  // Initialize the algorithm module using the |public_key| from the drm
+  // certificate. The |algorithm| value provides additional information needed
+  // by the ECC implementation of this interface.
+  virtual Status Initialize(const std::string& public_key,
+                            DrmCertificate::Algorithm algorithm) = 0;
+
+  // Verify the |signature| of an incoming request |message| using the public
+  // key from the drm certificate.
+  virtual Status VerifySignature(const std::string& message,
+                                 const std::string& signature) const = 0;
+
+  // Returns the key to be used in key derivation of the license
+  // protocol.
+  virtual const std::string& session_key() const = 0;
+
+  // Returns a byte std::string to be included in the SignedMessage::session_key
+  // field of a license response. This key may be either an encrypted aes key,
+  // or the bytes of an ephemeral public key.
+  virtual const std::string& wrapped_session_key() const = 0;
+};
+
+class CertificateClientCert : public ClientCert {
+ public:
+  CertificateClientCert() {}
+  ~CertificateClientCert() override {}
+  CertificateClientCert(const CertificateClientCert&) = delete;
+  CertificateClientCert& operator=(const CertificateClientCert&) = delete;
+  Status Initialize(const DrmRootCertificate* root_certificate,
+                    const std::string& serialized_certificate);
+
+  Status VerifySignature(const std::string& message,
+                         const std::string& signature,
+                         ProtocolVersion protocol_version) const override;
+
+  void GenerateSigningKey(const std::string& message,
+                          ProtocolVersion protocol_version) override;
+
+  const std::string& encrypted_key() const override {
+    return algorithm_->wrapped_session_key();
+  }
+  const std::string& key() const override { return algorithm_->session_key(); }
+  const std::string& serial_number() const override {
+    return device_cert_.serial_number();
+  }
+  const std::string& service_id() const override {
+    return provisioner_certificate_.provider_id();
+  }
+  const std::string& signing_key() const override { return signing_key_; }
+  const std::string& signer_serial_number() const override {
+    return model_certificate_.serial_number();
+  }
+  uint32_t signer_creation_time_seconds() const override {
+    return model_certificate_.creation_time_seconds();
+  }
+  bool signed_by_provisioner() const override { return signed_by_provisioner_; }
+  uint32_t system_id() const override { return model_certificate_.system_id(); }
+  widevine::ClientIdentification::TokenType type() const override {
+    return ClientIdentification::DRM_DEVICE_CERTIFICATE;
+  }
+
+ private:
+  std::unique_ptr<ClientCertAlgorithm> algorithm_;
+  bool signed_by_provisioner_ = false;
+  std::string signing_key_;
+  DrmCertificate model_certificate_;
+  DrmCertificate device_cert_;
+  DrmCertificate provisioner_certificate_;
+  bool is_initialized_ = false;
+};
+
+}  // namespace widevine
+
+#endif  // COMMON_CERTIFICATE_CLIENT_CERT_H_