79 lines
3.1 KiB
C++
79 lines
3.1 KiB
C++
////////////////////////////////////////////////////////////////////////////////
|
|
// Copyright 2019 Google LLC.
|
|
//
|
|
// This software is licensed under the terms defined in the Widevine Master
|
|
// License Agreement. For a copy of this agreement, please contact
|
|
// widevine-licensing@google.com.
|
|
////////////////////////////////////////////////////////////////////////////////
|
|
|
|
#ifndef COMMON_CLIENT_CERT_H__
|
|
#define COMMON_CLIENT_CERT_H__
|
|
|
|
#include <memory>
|
|
|
|
#include "common/drm_root_certificate.h"
|
|
#include "common/status.h"
|
|
#include "protos/public/client_identification.pb.h"
|
|
#include "protos/public/license_protocol.pb.h"
|
|
|
|
namespace widevine {
|
|
|
|
// Handler class for LicenseRequests; validates requests and encrypts licenses.
|
|
class ClientCert {
|
|
protected:
|
|
ClientCert() = default;
|
|
|
|
public:
|
|
// Creates a ClientCert from the |token|. The type of ClientCert created is
|
|
// determined by the |token_type|.
|
|
static Status Create(
|
|
const DrmRootCertificate* root_certificate,
|
|
widevine::ClientIdentification::TokenType token_type,
|
|
const std::string& token, std::unique_ptr<ClientCert>* client_cert);
|
|
|
|
// Creates a Keybox based ClientCert. The |client_cert| is a caller supplied
|
|
// unique_ptr to receive the new ClientCert.
|
|
static Status CreateWithKeybox(const std::string& keybox_token,
|
|
std::unique_ptr<ClientCert>* client_cert);
|
|
|
|
// Creates a Device Certificate based ClientCert.
|
|
static Status CreateWithDrmCertificate(
|
|
const DrmRootCertificate* root_certificate,
|
|
const std::string& drm_certificate,
|
|
std::unique_ptr<ClientCert>* client_cert);
|
|
|
|
virtual ~ClientCert() = default;
|
|
ClientCert(const ClientCert&) = delete;
|
|
ClientCert& operator=(const ClientCert&) = delete;
|
|
|
|
// Checks the passed in signature against a signature created used the
|
|
// classes information and the passed in message. Returns OK if signature
|
|
// is valid.
|
|
virtual Status VerifySignature(const std::string& message,
|
|
const std::string& signature,
|
|
ProtocolVersion protocol_version) const = 0;
|
|
|
|
// Creates a signing_key that is accessible using signing_key(). Signing_key
|
|
// is constructed by doing a key derivation using the key() and message.
|
|
virtual void GenerateSigningKey(const std::string& message,
|
|
ProtocolVersion protocol_version) = 0;
|
|
|
|
virtual const std::string& encrypted_key() const = 0;
|
|
virtual const std::string& key() const = 0;
|
|
virtual SignedMessage::SessionKeyType key_type() const = 0;
|
|
virtual const std::string& serial_number() const = 0;
|
|
virtual const std::string& service_id() const = 0;
|
|
virtual const std::string& signing_key() const = 0;
|
|
virtual const std::string& signer_serial_number() const = 0;
|
|
virtual uint32_t signer_creation_time_seconds() const = 0;
|
|
virtual bool signed_by_provisioner() const = 0;
|
|
virtual uint32_t system_id() const = 0;
|
|
virtual widevine::ClientIdentification::TokenType type() const = 0;
|
|
virtual const std::string& encrypted_unique_id() const = 0;
|
|
virtual const std::string& unique_id_hash() const = 0;
|
|
};
|
|
|
|
} // namespace widevine
|
|
|
|
#endif // COMMON_CLIENT_CERT_H__
|