widevine-partner/media_cas_packager_sdk_source
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Specify widevine/media_cas_packager_sdk/presubmit in media_cas_packager_sdk METADATA file.

Browse Source 
-------------
Moves ecm_generator to media_cas_packager_sdk/internal.

-------------
Add a simple TCP server listening on a port. My intention is to use this server to support the Simulcrypt APIs (TODO).

Also add a simple TCP client binary for testing the server and also demo how to call the Simulcrypt APIs (TODO).

-------------
If only a single key is in the ECM, it is the EVEN key. To make the code matches this understanding, change a parameter from 'false' to 'true'. But this change has NO impact on the produced ECM, regardless this parameter is 'false' or 'true' (i.e., whether using push_front or push_back), only a single key is in the ECM.

-------------
Add classes that process Simulcrypt ECMG messages
1) Stream_set-up
2) CW_provision

-------------
Renames server and client binaries.

-------------
Make ecmg call ecm_generator to generate ecm. The return of the ecm to Simulcrypt caller will be implemented in the next CL.

For now, using the 'key' (control word) in CW_provision message also as the 'key_id'.

-------------
Move common folder

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=217358698
This commit is contained in:
Fang Yu
2018-10-16 11:56:49 -07:00
parent ba0d63e2c1
commit 9962e87676
61 changed files with 2294 additions and 1251 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
common/BUILD
View File

@@ -1,16 +1,16 @@
################################################################################
# Copyright 2016 Google LLC.
# Copyright 2017 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
# widevine-licensing@google.com.
################################################################################
#
# Description:
# Build file for code common to multiple Widevine services.
# Constants, data structures, util classes for Widevine libraries.
package(default_visibility = ["//visibility:public"])
package(
default_visibility = ["//visibility:public"],
)
filegroup(
name = "binary_release_files",
@@ -19,6 +19,13 @@ filegroup(
],
)
cc_library(
name = "widevine_system_id",
srcs = ["widevine_system_id.cc"],
hdrs = ["widevine_system_id.h"],
deps = ["//base"],
)
cc_library(
name = "certificate_type",
hdrs = ["certificate_type.h"],
@@ -48,10 +55,10 @@ cc_test(
srcs = ["drm_root_certificate_test.cc"],
deps = [
":drm_root_certificate",
":rsa_key",
":rsa_test_keys",
"//base",
"//testing:gunit_main",
"//common:rsa_key",
"//common:rsa_test_keys",
"//protos/public:drm_certificate_proto",
"//protos/public:errors_proto",
"//protos/public:signed_drm_certificate_proto",
@@ -64,9 +71,12 @@ cc_library(
hdrs = ["certificate_util.h"],
deps = [
":certificate_type",
":drm_root_certificate",
":drm_service_certificate",
":verified_media_pipeline",
":vmp_checker",
"//base",
"//util:status",
"//license_server_sdk/internal:sdk",
],
)
@@ -105,6 +115,7 @@ cc_test(
deps = [
":rsa_test_keys",
":rsa_util",
"//base",
"//testing:gunit",
"//testing:gunit_main",
"//external:openssl",
@@ -139,6 +150,7 @@ cc_test(
deps = [
":rsa_key",
":rsa_test_keys",
":rsa_util",
"//testing:gunit",
"//testing:gunit_main",
],
@@ -320,6 +332,7 @@ cc_test(
size = "small",
srcs = ["signing_key_util_test.cc"],
deps = [
":crypto_util",
":signing_key_util",
"//testing:gunit",
"//testing:gunit_main",
@@ -519,9 +532,10 @@ cc_library(
deps = [
":certificate_type",
":error_space",
":rsa_key",
":x509_cert",
"//base",
"@abseil_repo//absl/strings",
"//util:status",
"//protos/public:errors_proto",
"//protos/public:verified_media_pipeline_proto",
],
@@ -561,4 +575,3 @@ cc_test(
"//testing:gunit_main",
],
)

1
common/aes_cbc_util_test.cc
View File

@@ -7,7 +7,6 @@
////////////////////////////////////////////////////////////////////////////////
#include "common/aes_cbc_util.h"
#include "testing/gmock.h"
#include "testing/gunit.h"

1
common/certificate_util.cc
View File

@@ -8,6 +8,7 @@
#include "common/certificate_util.h"
#include "common/certificate_type.h"
#include "common/drm_root_certificate.h"
#include "common/drm_service_certificate.h"
#include "common/verified_media_pipeline.h"

4
common/client_id_util.h
View File

@@ -45,8 +45,8 @@ std::string GetClientInfo(const ClientIdentification& client_id,
// |client_id| is owned by caller.
// Returns util::Status::OK, if successful, else an error.
util::Status DecryptEncryptedClientIdentification(
const EncryptedClientIdentification& encrypted_client_id,
ClientIdentification* client_id);
const EncryptedClientIdentification& encrypted_client_id,
ClientIdentification* client_id);
// Decrypts the encrypted client identification in |encrypted_client_id| into
// |client_id| using |privacy_key|.

5
common/crypto_util.cc
View File

@@ -10,14 +10,13 @@
#include "common/crypto_util.h"
#include <openssl/hmac.h>
#include <openssl/sha.h>
#include "glog/logging.h"
#include "absl/strings/string_view.h"
#include "openssl/aes.h"
#include "openssl/cmac.h"
#include "openssl/evp.h"
#include "openssl/hmac.h"
#include "openssl/sha.h"
#include "util/endian/endian.h"
namespace widevine {

3
common/crypto_util_test.cc
View File

@@ -8,8 +8,6 @@
// Unit tests for the crypto_util helper functions.
#include "common/crypto_util.h"
#include <string>
#include "testing/gmock.h"
@@ -17,6 +15,7 @@
#include "absl/strings/escaping.h"
#include "absl/strings/str_cat.h"
#include "absl/strings/string_view.h"
#include "common/crypto_util.h"
namespace widevine {
namespace crypto_util {

1
common/drm_root_certificate.cc
View File

@@ -13,6 +13,7 @@
#include "glog/logging.h"
#include "absl/strings/escaping.h"
#include "openssl/sha.h"
#include "common/certificate_type.h"
#include "common/error_space.h"
#include "common/rsa_key.h"
#include "protos/public/drm_certificate.pb.h"

6
common/drm_root_certificate.h
View File

@@ -10,8 +10,8 @@
// Root device certificate holder class which deserializes, validates,
// and extracts the root certificate public key.
#ifndef COMMON_DRM_ROOT_CERTIFICATE_H__
#define COMMON_DRM_ROOT_CERTIFICATE_H__
#ifndef COMMON_DRM_ROOT_CERTIFICATE_H_
#define COMMON_DRM_ROOT_CERTIFICATE_H_
#include <memory>
#include <string>
@@ -63,4 +63,4 @@ class DrmRootCertificate {
} // namespace widevine
#endif // COMMON_DRM_ROOT_CERTIFICATE_H__
#endif // COMMON_DRM_ROOT_CERTIFICATE_H_

3
common/drm_root_certificate_test.cc
View File

@@ -9,11 +9,10 @@
// Description:
// Unit tests for drm_root_certificate.cc
#include "common/drm_root_certificate.h"
#include <memory>
#include "testing/gunit.h"
#include "common/drm_root_certificate.h"
#include "common/rsa_key.h"
#include "common/rsa_test_keys.h"
#include "protos/public/drm_certificate.pb.h"

27
common/drm_service_certificate.cc
View File

@@ -18,6 +18,7 @@
#include "absl/synchronization/mutex.h"
#include "util/gtl/map_util.h"
#include "common/aes_cbc_util.h"
#include "common/certificate_type.h"
#include "common/drm_root_certificate.h"
#include "common/error_space.h"
#include "common/rsa_util.h"
@@ -299,6 +300,32 @@ void DrmServiceCertificate::ResetServiceCertificates() {
DrmServiceCertificateMap::GetInstance()->Reset();
}
util::Status DrmServiceCertificate::ValidateDrmServiceCertificate() {
const DrmServiceCertificate* service_certificate =
GetDefaultDrmServiceCertificate();
if (!service_certificate) {
return util::Status(error_space, SERVICE_CERTIFICATE_NOT_FOUND,
"drm service certificate is not found.");
}
SignedDrmCertificate signed_cert;
if (!signed_cert.ParseFromString(service_certificate->certificate())) {
return util::Status(error_space, INVALID_DRM_CERTIFICATE,
"signed drm service certificate is failed to parse.");
}
DrmCertificate drm_cert;
if (!drm_cert.ParseFromString(signed_cert.drm_certificate())) {
return util::Status(error_space, INVALID_DRM_CERTIFICATE,
"Drm service certificate is failed to parse.");
}
if (!drm_cert.has_creation_time_seconds()) {
return util::Status(error_space, INVALID_SERVICE_CERTIFICATE,
"missing certificate creation time");
}
// TODO(user): Check creation_time_seconds field in DrmCertificate and also
// export the absl/time dependency through moe.
return util::OkStatus();
}
DrmServiceCertificate::DrmServiceCertificate(
const std::string& service_certificate, const std::string& provider_id,
const std::string& serial_number, const uint32_t creation_time_seconds,

12
common/drm_service_certificate.h
View File

@@ -9,8 +9,8 @@
// Description:
// Service certificate holder used to decrypt encrypted client credentials.
#ifndef COMMON_DRM_SERVICE_CERTIFICATE_H__
#define COMMON_DRM_SERVICE_CERTIFICATE_H__
#ifndef COMMON_DRM_SERVICE_CERTIFICATE_H_
#define COMMON_DRM_SERVICE_CERTIFICATE_H_
#include <map>
#include <memory>
@@ -86,6 +86,12 @@ class DrmServiceCertificate {
const RsaPrivateKey* const private_key() const { return private_key_.get(); }
const RsaPublicKey* const public_key() const { return public_key_.get(); }
// Returns the validation result of drm service certificate. Returns
// status::OK if successful, or in case of error, contact
// widevine-tam@google.com to get the next valid service certificate renewed
// via get deviceCertificate StatusList.
static util::Status ValidateDrmServiceCertificate();
private:
friend class DrmServiceCertificateTest;
friend class widevine::RequestInspectorTest;
@@ -120,4 +126,4 @@ class DrmServiceCertificate {
} // namespace widevine
#endif // COMMON_DRM_SERVICE_CERTIFICATE_H__
#endif // COMMON_DRM_SERVICE_CERTIFICATE_H_

3
common/drm_service_certificate_test.cc
View File

@@ -6,8 +6,6 @@
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
#include "common/drm_service_certificate.h"
#include <memory>
#include "glog/logging.h"
@@ -16,6 +14,7 @@
#include "testing/gunit.h"
#include "absl/strings/escaping.h"
#include "common/aes_cbc_util.h"
#include "common/drm_service_certificate.h"
#include "common/rsa_key.h"
#include "common/rsa_test_keys.h"
#include "common/rsa_util.h"

4
common/ecb_util.cc
View File

@@ -80,7 +80,7 @@ bool EncryptAesEcb(absl::string_view key, absl::string_view src, std::string* ds
}
dst->resize(src.size());
for (int i = 0; i < src.size(); i += AES_BLOCK_SIZE) {
AES_encrypt(reinterpret_cast<const uint8_t*>(src.data()+i),
AES_encrypt(reinterpret_cast<const uint8_t*>(src.data() + i),
reinterpret_cast<uint8_t*>(&(*dst)[i]), &aes_key);
}
return true;
@@ -103,7 +103,7 @@ bool DecryptAesEcb(absl::string_view key, absl::string_view src, std::string* ds
}
dst->resize(src.size());
for (int i = 0; i < src.size(); i += AES_BLOCK_SIZE) {
AES_decrypt(reinterpret_cast<const uint8_t*>(src.data()+i),
AES_decrypt(reinterpret_cast<const uint8_t*>(src.data() + i),
reinterpret_cast<uint8_t*>(&(*dst)[i]), &aes_key);
}
return true;

2
common/file_util.cc
View File

@@ -39,7 +39,7 @@ bool GetContents(const std::string& file_name, std::string* contents) {
LOG(WARNING) << "Failed to read all file contents.";
return false;
}
return true;;
return true;
}
bool SetContents(const std::string& file_name, const std::string& contents) {

1
common/file_util_test.cc
View File

@@ -7,7 +7,6 @@
////////////////////////////////////////////////////////////////////////////////
#include "common/file_util.h"
#include "testing/gunit.h"
#include "absl/strings/str_cat.h"

6
common/mock_rsa_key.h
View File

@@ -39,8 +39,8 @@ class MockRsaPublicKey : public RsaPublicKey {
MOCK_CONST_METHOD2(Encrypt, bool(const std::string& clear_message,
std::string* encrypted_message));
MOCK_CONST_METHOD2(VerifySignature, bool(const std::string& message,
const std::string& signature));
MOCK_CONST_METHOD2(VerifySignature,
bool(const std::string& message, const std::string& signature));
MOCK_CONST_METHOD1(MatchesPrivateKey, bool(const RsaPrivateKey& private_key));
MOCK_CONST_METHOD1(MatchesPublicKey, bool(const RsaPublicKey& public_key));
@@ -49,7 +49,7 @@ class MockRsaPublicKey : public RsaPublicKey {
MockRsaPublicKey& operator=(const MockRsaPublicKey&) = delete;
};
class MockRsaKeyFactory : public RsaKeyFactory{
class MockRsaKeyFactory : public RsaKeyFactory {
public:
MockRsaKeyFactory() {}
~MockRsaKeyFactory() override {}

6
common/openssl_util.h
View File

@@ -9,8 +9,8 @@
// RAII wrapper classes for cleaning up various OpenSSL dynamically allocated
// structures.
#ifndef COMMON_OPENSSL_UTIL_H__
#define COMMON_OPENSSL_UTIL_H__
#ifndef COMMON_OPENSSL_UTIL_H_
#define COMMON_OPENSSL_UTIL_H_
#include "openssl/bio.h"
#include "openssl/evp.h"
@@ -74,4 +74,4 @@ using ScopedX509InfoStack =
ScopedOpenSSLStack<STACK_OF(X509_INFO), X509_INFO, X509_INFO_free>;
using ScopedX509InfoStackOnly = ScopedOpenSSLStackOnly<STACK_OF(X509_INFO)>;
#endif // COMMON_OPENSSL_UTIL_H__
#endif // COMMON_OPENSSL_UTIL_H_

1
common/random_util_test.cc
View File

@@ -7,7 +7,6 @@
////////////////////////////////////////////////////////////////////////////////
#include "common/random_util.h"
#include "testing/gunit.h"
namespace widevine {

6
common/remote_attestation_verifier.h
View File

@@ -9,8 +9,8 @@
// Description:
// Functionality used to verifier ChromeOS remote attestation.
#ifndef COMMON_REMOTE_ATTESTATION_VERIFIER_H__
#define COMMON_REMOTE_ATTESTATION_VERIFIER_H__
#ifndef COMMON_REMOTE_ATTESTATION_VERIFIER_H_
#define COMMON_REMOTE_ATTESTATION_VERIFIER_H_
#include <map>
#include <memory>
@@ -89,4 +89,4 @@ class RemoteAttestationVerifier {
} // namespace widevine
#endif // COMMON_REMOTE_ATTESTATION_VERIFIER_H__
#endif // COMMON_REMOTE_ATTESTATION_VERIFIER_H_

1
common/rsa_key.h
View File

@@ -93,7 +93,6 @@ class RsaPublicKey {
virtual bool VerifySignature(const std::string& message,
const std::string& signature) const;
// Verify a signature. This method takes two parameters: |message| which is a
// std::string containing the data which was signed, and |signature| which is a
// std::string containing the message SHA256 digest signature with PKCS#7

1861
common/rsa_test_keys.cc
View File

File diff suppressed because it is too large Load Diff

52
common/rsa_util.cc
View File

@@ -42,8 +42,9 @@ static bool SerializeRsaKey(const RSA* key, std::string* serialized_key,
return false;
}
if (serialized_key == nullptr) {
LOG(ERROR) << "Pointer to hold serialized RSA" << (serialize_private_key ?
"Private" : "Public") << "Key is nullptr.";
LOG(ERROR) << "Pointer to hold serialized RSA"
<< (serialize_private_key ? "Private" : "Public")
<< "Key is nullptr.";
return false;
}
BIO* bio = BIO_new(BIO_s_mem());
@@ -52,9 +53,9 @@ static bool SerializeRsaKey(const RSA* key, std::string* serialized_key,
return false;
}
bool success = false;
if ((serialize_private_key ?
i2d_RSAPrivateKey_bio(bio, const_cast<RSA*>(key)) :
i2d_RSAPublicKey_bio(bio, const_cast<RSA*>(key))) != 0) {
if ((serialize_private_key
? i2d_RSAPrivateKey_bio(bio, const_cast<RSA*>(key))
: i2d_RSAPublicKey_bio(bio, const_cast<RSA*>(key))) != 0) {
int serialized_size = BIO_pending(bio);
serialized_key->assign(serialized_size, 0);
if (BIO_read(bio, &(*serialized_key)[0], serialized_size) ==
@@ -64,8 +65,8 @@ static bool SerializeRsaKey(const RSA* key, std::string* serialized_key,
LOG(ERROR) << "BIO_read failure";
}
} else {
LOG(ERROR) << (serialize_private_key ? "Private" : "Public") <<
" key serialization failure";
LOG(ERROR) << (serialize_private_key ? "Private" : "Public")
<< " key serialization failure";
}
BIO_free(bio);
return success;
@@ -74,13 +75,15 @@ static bool SerializeRsaKey(const RSA* key, std::string* serialized_key,
static bool DeserializeRsaKey(const std::string& serialized_key, RSA** key,
bool deserialize_private_key) {
if (serialized_key.empty()) {
LOG(ERROR) << "Serialized RSA" << (deserialize_private_key ?
"Private" : "Public") << "Key is empty.";
LOG(ERROR) << "Serialized RSA"
<< (deserialize_private_key ? "Private" : "Public")
<< "Key is empty.";
return false;
}
if (key == nullptr) {
LOG(ERROR) << "Pointer to hold new RSA " << (deserialize_private_key ?
"private" : "public") << " key is nullptr.";
LOG(ERROR) << "Pointer to hold new RSA "
<< (deserialize_private_key ? "private" : "public")
<< " key is nullptr.";
return false;
}
BIO* bio = BIO_new_mem_buf(const_cast<char*>(serialized_key.data()),
@@ -89,12 +92,12 @@ static bool DeserializeRsaKey(const std::string& serialized_key, RSA** key,
LOG(ERROR) << "BIO_new_mem_buf returned nullptr";
return false;
}
*key = deserialize_private_key ? d2i_RSAPrivateKey_bio(bio, nullptr) :
d2i_RSAPublicKey_bio(bio, nullptr);
*key = deserialize_private_key ? d2i_RSAPrivateKey_bio(bio, nullptr)
: d2i_RSAPublicKey_bio(bio, nullptr);
BIO_free(bio);
if (*key == nullptr) {
LOG(ERROR) << (deserialize_private_key ? "Private" : "Public") <<
" RSA key deserialization failure";
LOG(ERROR) << (deserialize_private_key ? "Private" : "Public")
<< " RSA key deserialization failure";
}
return *key != nullptr;
}
@@ -139,7 +142,7 @@ bool SerializePrivateKeyInfo(const RSA* private_key,
return false;
}
bool success = false;
PKCS8_PRIV_KEY_INFO *pkcs8_pki = nullptr;
PKCS8_PRIV_KEY_INFO* pkcs8_pki = nullptr;
BIO* bio = nullptr;
if (EVP_PKEY_set1_RSA(evp, const_cast<RSA*>(private_key)) == 0) {
LOG(ERROR) << "EVP_PKEY_set1_RSA failed.";
@@ -203,7 +206,7 @@ bool DeserializePrivateKeyInfo(const std::string& serialized_private_key,
}
bool success = false;
EVP_PKEY* evp = nullptr;
PKCS8_PRIV_KEY_INFO *pkcs8_pki = d2i_PKCS8_PRIV_KEY_INFO_bio(bio, nullptr);
PKCS8_PRIV_KEY_INFO* pkcs8_pki = d2i_PKCS8_PRIV_KEY_INFO_bio(bio, nullptr);
if (pkcs8_pki == nullptr) {
LOG(ERROR) << "d2i_PKCS8_PRIV_KEY_INFO_bio returned nullptr.";
goto cleanup;
@@ -312,7 +315,7 @@ cleanup:
namespace {
// Password retrieval function used by DeserializeEncryptedPrivateKeyInfo below.
int get_password(char *buf, int size, int rwflag, void *u) {
int get_password(char* buf, int size, int rwflag, void* u) {
CHECK(buf);
CHECK(u);
const std::string* pass(static_cast<const std::string*>(u));
@@ -372,9 +375,8 @@ bool RsaPrivateKeyToEncryptedPrivateKeyInfo(const std::string& rsa_private_key,
std::string* private_key_info) {
RSA* key = nullptr;
if (DeserializeRsaPrivateKey(rsa_private_key, &key)) {
bool success = SerializeEncryptedPrivateKeyInfo(key,
passphrase,
private_key_info);
bool success =
SerializeEncryptedPrivateKeyInfo(key, passphrase, private_key_info);
RSA_free(key);
return success;
}
@@ -449,8 +451,8 @@ bool ConvertToEulerTotient(const std::string& private_key,
return false;
}
bssl::UniquePtr<RSA> rsa(rsa_ptr);
if (!rsa_util::ConvertToEulerTotient(rsa.get())
|| !rsa_util::SerializeRsaPrivateKey(rsa.get(), euler_private_key)) {
if (!rsa_util::ConvertToEulerTotient(rsa.get()) ||
!rsa_util::SerializeRsaPrivateKey(rsa.get(), euler_private_key)) {
return false;
}
@@ -502,8 +504,8 @@ bool ConvertToCarmichaelTotient(const std::string& private_key,
return false;
}
bssl::UniquePtr<RSA> rsa(rsa_ptr);
if (!rsa_util::ConvertToCarmichaelTotient(rsa.get())
|| !rsa_util::SerializeRsaPrivateKey(rsa.get(), carmichael_private_key)) {
if (!rsa_util::ConvertToCarmichaelTotient(rsa.get()) ||
!rsa_util::SerializeRsaPrivateKey(rsa.get(), carmichael_private_key)) {
return false;
}

1
common/rsa_util.h
View File

@@ -99,7 +99,6 @@ bool RsaPrivateKeyToPrivateKeyInfo(const std::string& rsa_private_key,
bool PrivateKeyInfoToRsaPrivateKey(const std::string& private_key_info,
std::string* rsa_private_key);
// Serialize RSA private key into DER encoded PKCS#8 EncryptedPrivateKeyInfo.
// - private_key is the RSA key to be serialized, which must not be NULL.
// - passphrase is the password to use for PKCS#5 v2.0 3DES encryption.

3
common/rsa_util_test.cc
View File

@@ -10,8 +10,6 @@
// Description:
// Unit test for rsa_util RSA utilties library.
#include "common/rsa_util.h"
#include <stddef.h>
#include <memory>
@@ -21,6 +19,7 @@
#include "testing/gunit.h"
#include "openssl/bn.h"
#include "common/rsa_test_keys.h"
#include "common/rsa_util.h"
using ::testing::NotNull;

1
common/sha_util_test.cc
View File

@@ -7,7 +7,6 @@
////////////////////////////////////////////////////////////////////////////////
#include "common/sha_util.h"
#include "testing/gunit.h"
#include "absl/strings/escaping.h"

1
common/signing_key_util_test.cc
View File

@@ -7,7 +7,6 @@
////////////////////////////////////////////////////////////////////////////////
#include "common/signing_key_util.h"
#include "testing/gunit.h"
#include "absl/strings/escaping.h"
#include "common/crypto_util.h"

1
common/string_util_test.cc
View File

@@ -7,7 +7,6 @@
////////////////////////////////////////////////////////////////////////////////
#include "common/string_util.h"
#include "testing/gmock.h"
#include "testing/gunit.h"

4
common/test_certificates.h
View File

@@ -24,9 +24,7 @@ class TestCertificates {
virtual ~TestCertificates() {}
// returns a test root certificate
const std::string& test_root_certificate() const {
return test_root_certificate_;
}
const std::string& test_root_certificate() const { return test_root_certificate_; }
// returns a test intermediate certificate
const std::string& test_intermediate_certificate() const {

6
common/test_utils.h
View File

@@ -9,8 +9,8 @@
// Description:
// Auxiliary functions for license server SDK testing.
#ifndef COMMON_TEST_UTILS_H__
#define COMMON_TEST_UTILS_H__
#ifndef COMMON_TEST_UTILS_H_
#define COMMON_TEST_UTILS_H_
#include <string>
@@ -29,4 +29,4 @@ util::Status GenerateRsaSignatureSha256Pkcs1(const std::string& pem_private_key,
} // namespace widevine
#endif // COMMON_TEST_UTILS_H__
#endif // COMMON_TEST_UTILS_H_

1
common/vmp_checker.cc
View File

@@ -17,6 +17,7 @@
#include <cstdint>
#include "glog/logging.h"
#include "common/certificate_type.h"
#include "common/error_space.h"
#include "common/rsa_key.h"
#include "common/x509_cert.h"

4
common/vmp_checker.h
View File

@@ -41,9 +41,7 @@ class VmpChecker {
virtual util::Status VerifyVmpData(const std::string& vmp_data, Result* result);
// Enable/disable development code signing certificates.
void set_allow_development_vmp(bool allow) {
allow_development_vmp_ = allow;
}
void set_allow_development_vmp(bool allow) { allow_development_vmp_ = allow; }
bool allow_development_vmp() const { return allow_development_vmp_; }
private:

19
common/widevine_system_id.cc Normal file
View File

@@ -0,0 +1,19 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2017 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
//
// Common Encryption (CENC) system ID for Widevine DRM.
#include "common/widevine_system_id.h"
namespace widevine {
const uint8_t kWidevineSystemId[16] = {0xed, 0xef, 0x8b, 0xa9, 0x79, 0xd6,
0x4a, 0xce, 0xa3, 0xc8, 0x27, 0xdc,
0xd5, 0x1d, 0x21, 0xed};
} // namespace widevine

22
common/widevine_system_id.h Normal file
View File

@@ -0,0 +1,22 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2017 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
//
// Common Encryption (CENC) system ID for Widevine DRM.
#ifndef COMMON_WIDEVINE_SYSTEM_ID_H_
#define COMMON_WIDEVINE_SYSTEM_ID_H_
#include <cstdint>
namespace widevine {
extern const uint8_t kWidevineSystemId[16];
} // namespace widevine
#endif // COMMON_WIDEVINE_SYSTEM_ID_H_

1
common/wvm_token_handler_test.cc
View File

@@ -7,7 +7,6 @@
////////////////////////////////////////////////////////////////////////////////
#include "common/wvm_token_handler.h"
#include "testing/gmock.h"
#include "testing/gunit.h"
#include "absl/strings/escaping.h"

9
common/x509_cert.cc
View File

@@ -17,6 +17,7 @@
#include "openssl/bio.h"
#include "openssl/evp.h"
#include "openssl/pem.h"
#include "openssl/pkcs7.h"
#include "openssl/x509.h"
#include "openssl/x509v3.h"
#include "common/openssl_util.h"
@@ -52,8 +53,7 @@ bool PemEncodeX509Certificate(const X509& certificate,
namespace widevine {
std::unique_ptr<X509Cert> X509Cert::FromOpenSslCert(
ScopedX509 certificate) {
std::unique_ptr<X509Cert> X509Cert::FromOpenSslCert(ScopedX509 certificate) {
return std::unique_ptr<X509Cert>(new X509Cert(certificate.release()));
}
@@ -194,10 +194,11 @@ bool X509Cert::GetV3BooleanExtension(const std::string& oid, bool* value) const
if (ext_pos < 0) return false;
X509_EXTENSION* extension(X509_get_ext(openssl_cert_, ext_pos));
if (!extension) return false;
ASN1_OCTET_STRING *extension_data(X509_EXTENSION_get_data(extension));
ASN1_OCTET_STRING* extension_data(X509_EXTENSION_get_data(extension));
if (!extension_data) return false;
if ((extension_data->length != 3) || (extension_data->data[0] != 1) ||
(extension_data->data[1] != 1)) return false;
(extension_data->data[1] != 1))
return false;
*value = extension_data->data[2] != 0;
return true;

11
common/x509_cert.h
View File

@@ -9,8 +9,8 @@
// Description:
// X.509 certificate classes used by the license server SDK.
#ifndef COMMON_X509_CERT_H__
#define COMMON_X509_CERT_H__
#ifndef COMMON_X509_CERT_H_
#define COMMON_X509_CERT_H_
#include <stddef.h>
#include <map>
@@ -26,11 +26,10 @@
#include "openssl/x509v3.h"
#include "util/status.h"
#include "common/openssl_util.h"
#include "common/rsa_key.h"
namespace widevine {
class RsaPublicKey;
// NOTE: All util::Status codes are in the canonical error space.
// Class which holds a single X.509 certificates.
@@ -141,7 +140,7 @@ class X509CA {
private:
util::Status InitializeStore();
util::Status OpenSslX509Verify(const X509* cert, STACK_OF(X509)* stack);
util::Status OpenSslX509Verify(const X509* cert, STACK_OF(X509) * stack);
std::unique_ptr<X509Cert> ca_cert_;
absl::Mutex openssl_store_mutex_;
@@ -152,4 +151,4 @@ class X509CA {
} // namespace widevine
#endif // COMMON_X509_CERT_H__
#endif // COMMON_X509_CERT_H_

3
common/x509_cert_test.cc
View File

@@ -6,14 +6,13 @@
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
#include "common/x509_cert.h"
#include <memory>
#include "testing/gunit.h"
#include "absl/strings/escaping.h"
#include "common/rsa_key.h"
#include "common/test_utils.h"
#include "common/x509_cert.h"
namespace widevine {
const char kTestRootCaDerCert[] =