//////////////////////////////////////////////////////////////////////////////// // Copyright 2019 Google LLC. // // This software is licensed under the terms defined in the Widevine Master // License Agreement. For a copy of this agreement, please contact // widevine-licensing@google.com. //////////////////////////////////////////////////////////////////////////////// #ifndef COMMON_KEYBOX_CLIENT_CERT_H_ #define COMMON_KEYBOX_CLIENT_CERT_H_ #include "common/client_cert.h" #include "common/error_space.h" #include "common/hash_algorithm.h" #include "protos/public/errors.pb.h" namespace widevine { class KeyboxClientCert : public ClientCert { public: KeyboxClientCert() {} ~KeyboxClientCert() override {} KeyboxClientCert(const KeyboxClientCert&) = delete; KeyboxClientCert& operator=(const KeyboxClientCert&) = delete; Status Initialize(const std::string& keybox_token); Status VerifySignature(const std::string& message, HashAlgorithm hash_algorithm, const std::string& signature, ProtocolVersion protocol_version) const override; void GenerateSigningKey(const std::string& message, ProtocolVersion protocol_version) override; const std::string& encrypted_key() const override { return unimplemented_; } const std::string& key() const override { return device_key_; } SignedMessage::SessionKeyType key_type() const override { return SignedMessage::WRAPPED_AES_KEY; } bool using_dual_certificate() const override { return false; } const std::string& serial_number() const override { return serial_number_; } const std::string& service_id() const override { return unimplemented_; } const std::string& signing_key() const override { return signing_key_; } const std::string& signer_serial_number() const override { return unimplemented_; } uint32_t signer_creation_time_seconds() const override { return 0; } bool signed_by_provisioner() const override { return false; } uint32_t system_id() const override { return system_id_; } widevine::ClientIdentification::TokenType type() const override { return ClientIdentification::KEYBOX; } const std::string& encrypted_unique_id() const override { return unimplemented_; } const std::string& unique_id_hash() const override { return unimplemented_; } // Set the system-wide pre-provisioning keys; argument must be human-readable // hex digits. // Must be called before any other method of this class is called, unless // created by ClientCert::CreateWithPreProvisioningKey(...). static void SetPreProvisioningKeys( const std::multimap& keymap); static bool IsSystemIdKnown(const uint32_t system_id); static uint32_t GetSystemId(const std::string& keybox_bytes); Status SystemIdUnknownError() const override { return Status(error_space, UNSUPPORTED_SYSTEM_ID, "keybox-unsupported-system-id"); } Status SystemIdRevokedError() const override { return Status(error_space, DRM_DEVICE_CERTIFICATE_REVOKED, "keybox-system-id-revoked"); } private: std::string unimplemented_; std::string device_key_; uint32_t system_id_; std::string serial_number_; std::string signing_key_; }; } // namespace widevine #endif // COMMON_KEYBOX_CLIENT_CERT_H_