Update Simulcrypt ECMg

common/client_cert.cc

@@ -17,6 +17,7 @@
 #include "absl/strings/escaping.h"
 #include "common/certificate_client_cert.h"
 #include "common/crypto_util.h"
+#include "common/dual_certificate_client_cert.h"
 #include "common/error_space.h"
 #include "common/keybox_client_cert.h"
 #include "common/random_util.h"
@@ -52,23 +53,34 @@ uint32_t KeyboxClientCert::GetSystemId(const std::string& keybox_bytes) {
   return WvmTokenHandler::GetSystemId(keybox_bytes);
 }
 
-Status ClientCert::Create(
-    const DrmRootCertificate* root_certificate,
-    widevine::ClientIdentification::TokenType token_type,
-    const std::string& token, std::unique_ptr<ClientCert>* client_cert) {
+Status ClientCert::Create(const DrmRootCertificate* root_certificate,
+                          const widevine::ClientIdentification& client_id,
+                          std::unique_ptr<ClientCert>* client_cert) {
   CHECK(client_cert);
-  Status status;
-  switch (token_type) {
+
+  switch (client_id.type()) {
     case ClientIdentification::KEYBOX:
-      return CreateWithKeybox(token, client_cert);
-
+      return CreateWithKeybox(client_id.token(), client_cert);
     case ClientIdentification::DRM_DEVICE_CERTIFICATE:
-      return CreateWithDrmCertificate(root_certificate, token, client_cert);
+      if (!client_id.has_device_credentials()) {
+        return CreateWithDrmCertificate(root_certificate, client_id.token(),
+                                        client_cert);
+      }
+      // Assumes |client_id.token| is the signing cert and
+      // |client_id.device_credentials().token| is the encryption cert.
+      if (client_id.device_credentials().type() !=
+          ClientIdentification::DRM_DEVICE_CERTIFICATE)
+        return Status(error_space, INVALID_DRM_CERTIFICATE,
+                      "unsupported-encryption-certificate");
 
+      return CreateWithDualDrmCertificates(
+          root_certificate, client_id.token(),
+          client_id.device_credentials().token(), client_cert);
     default:
       return Status(error_space, error::UNIMPLEMENTED,
                     "client-type-not-implemented");
   }
+
   return OkStatus();
 }
 
@@ -78,6 +90,7 @@ Status ClientCert::CreateWithDrmCertificate(
     const DrmRootCertificate* root_certificate,
     const std::string& drm_certificate,
     std::unique_ptr<ClientCert>* client_cert) {
+  CHECK(root_certificate);
   CHECK(client_cert);
   auto device_cert = absl::make_unique<CertificateClientCert>();
   Status status = device_cert->Initialize(root_certificate, drm_certificate);
@@ -87,6 +100,22 @@ Status ClientCert::CreateWithDrmCertificate(
   return status;
 }
 
+Status ClientCert::CreateWithDualDrmCertificates(
+    const DrmRootCertificate* root_certificate,
+    const std::string& signing_drm_certificate,
+    const std::string& encryption_drm_certificate,
+    std::unique_ptr<ClientCert>* client_cert) {
+  CHECK(root_certificate);
+  CHECK(client_cert);
+  auto device_cert = absl::make_unique<DualCertificateClientCert>();
+  Status status = device_cert->Initialize(
+      root_certificate, signing_drm_certificate, encryption_drm_certificate);
+  if (status.ok()) {
+    *client_cert = std::move(device_cert);
+  }
+  return status;
+}
+
 Status ClientCert::CreateWithKeybox(const std::string& keybox_token,
                                     std::unique_ptr<ClientCert>* client_cert) {
   CHECK(client_cert);