Replace hardcoded parameters

common/rot_id_util.cc

@@ -0,0 +1,51 @@
+////////////////////////////////////////////////////////////////////////////////
+// Copyright 2019 Google LLC.
+//
+// This software is licensed under the terms defined in the Widevine Master
+// License Agreement. For a copy of this agreement, please contact
+// widevine-licensing@google.com.
+////////////////////////////////////////////////////////////////////////////////
+//
+// Description:
+//   Helper methods for the Root of Trust Id.
+
+#include "common/rot_id_util.h"
+
+#include <memory>
+
+#include "glog/logging.h"
+#include "absl/strings/str_cat.h"
+#include "common/crypto_util.h"
+#include "common/ec_key.h"
+#include "common/sha_util.h"
+
+namespace widevine {
+
+bool IsRotIdRevoked(const std::string& encrypted_unique_id, uint32_t system_id,
+                    const std::string& rot_id_hash,
+                    const std::vector<std::string>& revoked_ids) {
+  // This could conceivably happen for legacy DRM certificates without a ROT id.
+  // No need to match if there's nothing to match against.
+  if (encrypted_unique_id.empty() || rot_id_hash.empty()) {
+    return false;
+  }
+
+  for (const auto& revoked_id : revoked_ids) {
+    std::string revoked_hash =
+        GenerateRotIdHash(encrypted_unique_id, system_id, revoked_id);
+    if (rot_id_hash == revoked_hash) {
+      return true;
+    }
+  }
+  return false;
+}
+
+std::string GenerateRotIdHash(const std::string& salt, uint32_t system_id,
+                              const std::string& unique_id_hash) {
+  if (salt.empty() || unique_id_hash.empty()) {
+    return "";
+  }
+  return Sha256_Hash(absl::StrCat(salt, system_id, unique_id_hash));
+}
+
+}  // namespace widevine