Minimal implementation of Widevine MediaCAS ECMG.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=226515998

common/x509_cert.h

@@ -24,13 +24,13 @@
 #include "openssl/pem.h"
 #include "openssl/x509.h"
 #include "openssl/x509v3.h"
-#include "common/status.h"
 #include "common/openssl_util.h"
 #include "common/rsa_key.h"
+#include "common/status.h"
 
 namespace widevine {
 
-// NOTE: All util::Status codes are in the canonical error space.
+// NOTE: All Status codes are in the canonical error space.
 
 // Class which holds a single X.509 certificates.
 class X509Cert {
@@ -43,11 +43,11 @@ class X509Cert {
 
   // Load an X.509 certificate. Takes a single parameter, |pem_cert|, which is
   // a PEM-encoded certificate.
-  util::Status LoadPem(const std::string& pem_cert);
+  Status LoadPem(const std::string& pem_cert);
 
   // Load an X.509 certificate. Takes a single parameter, |pem_cert|, which is
   // a DER-encoded certificate.
-  util::Status LoadDer(const std::string& der_cert);
+  Status LoadDer(const std::string& der_cert);
 
   // Return a std::string containing the PEM-encoded certificate.
   std::string GetPem() const;
@@ -91,8 +91,8 @@ class X509Cert {
 
  private:
   explicit X509Cert(X509* openssl_cert);
-  util::Status Asn1TimeToEpochSeconds(const ASN1_TIME* asn1_time,
-                                      int64_t* epoch_seconds) const;
+  Status Asn1TimeToEpochSeconds(const ASN1_TIME* asn1_time,
+                                int64_t* epoch_seconds) const;
 
   X509* openssl_cert_;
   std::string subject_name_;
@@ -112,12 +112,12 @@ class X509CertChain {
   // |pem_cert_chain|, which is the concatenation of a number of PEM X.509
   // certificates, beginning with the leaf certificate, and ending with the
   // certificate signed by the root CA.
-  util::Status LoadPem(const std::string& pem_cert_chain);
+  Status LoadPem(const std::string& pem_cert_chain);
 
   // Loads a chain of DER-encoded PKCS#7 certificates. Takes a single parameter,
   // |pk7_cert_chain|, which is a DER-encoded PKCS#7 X.509 certificate
   // container.
-  util::Status LoadPkcs7(const std::string& pk7_cert_chain);
+  Status LoadPkcs7(const std::string& pk7_cert_chain);
 
   // Writes the |cert_chain_| to a DER-encoded PKCS#7 X.509 cryptographic
   // message. The final message does not include signed data.
@@ -148,21 +148,21 @@ class X509CA {
 
   // Does X.509 PKI validation of |cert| against the root CA certificate
   // used when constructing X509CA. This method is thread-safe.
-  util::Status VerifyCert(const X509Cert& cert);
+  Status VerifyCert(const X509Cert& cert);
 
   // Does X.509 PKI validation of |cert_chain| against the root CA certificate
   // used when constructing X509CA. This method is thread-safe.
-  util::Status VerifyCertChain(const X509CertChain& cert_chain);
+  Status VerifyCertChain(const X509CertChain& cert_chain);
 
   // Does X.509 PKI validation of |cert| using the |cert_chain|
   // certificates. This method allows |cert| to be an ICA. This method is
   // thread-safe.
-  util::Status VerifyCertWithChain(const X509Cert& cert,
-                                   const X509CertChain& cert_chain);
+  Status VerifyCertWithChain(const X509Cert& cert,
+                             const X509CertChain& cert_chain);
 
  private:
-  util::Status InitializeStore();
-  util::Status OpenSslX509Verify(const X509* cert, STACK_OF(X509) * stack);
+  Status InitializeStore();
+  Status OpenSslX509Verify(const X509* cert, STACK_OF(X509) * intermediates);
 
   std::unique_ptr<X509Cert> ca_cert_;
   absl::Mutex openssl_store_mutex_;