58 lines
1.5 KiB
C++
58 lines
1.5 KiB
C++
////////////////////////////////////////////////////////////////////////////////
|
|
// Copyright 2017 Google LLC.
|
|
//
|
|
// This software is licensed under the terms defined in the Widevine Master
|
|
// License Agreement. For a copy of this agreement, please contact
|
|
// widevine-licensing@google.com.
|
|
////////////////////////////////////////////////////////////////////////////////
|
|
//
|
|
// Description:
|
|
// Singleton object which validates VMP (Verified Media Pipeline) data for
|
|
// purposes of platform software verification.
|
|
|
|
#ifndef COMMON_VMP_CHECKER_H_
|
|
#define COMMON_VMP_CHECKER_H_
|
|
|
|
#include <memory>
|
|
#include <string>
|
|
|
|
#include "common/certificate_type.h"
|
|
#include "common/status.h"
|
|
|
|
namespace widevine {
|
|
class X509CA;
|
|
|
|
class VmpChecker {
|
|
public:
|
|
enum Result {
|
|
kUnverified = 0,
|
|
kVerified = 1,
|
|
kSecureStorageVerified = 2,
|
|
kTampered = 3
|
|
};
|
|
|
|
// Singleton accessor.
|
|
static VmpChecker* Instance();
|
|
|
|
// Select the type of root to use. Not thread-safe.
|
|
virtual Status SelectCertificateType(CertificateType cert_type);
|
|
|
|
// Verify VMP data and return appropriate result.
|
|
virtual Status VerifyVmpData(const std::string& vmp_data, Result* result);
|
|
|
|
// Enable/disable development code signing certificates.
|
|
void set_allow_development_vmp(bool allow) { allow_development_vmp_ = allow; }
|
|
bool allow_development_vmp() const { return allow_development_vmp_; }
|
|
|
|
private:
|
|
VmpChecker();
|
|
~VmpChecker();
|
|
|
|
std::unique_ptr<X509CA> ca_;
|
|
bool allow_development_vmp_ = false;
|
|
};
|
|
|
|
} // namespace widevine
|
|
|
|
#endif // COMMON_VMP_CHECKER_H_
|