121d554c20
------------- Add libcurl to media_cas_packager_sdk. libcurl will later be used by a key fetcher to retrieve entitlement key from License Server using a HTTP request. ------------- Add a function named parsehelper to parse DCSL from the key smith response. ------------- Move wv_cas_key_fetcher to media_cas_packager_sdk so partners can use it request entitlement keys from License Server. ------------- Add pkcs7 write method to x509_cert.cc ------------- Update boringssl_repo to latest in master-with-bazel ------------- Add a TsPacket class to media_cas_packager_sdk to allow the construction of a ECM TS packet in the SDK. ------------- Move InsertEcm() from our internal CAS directory to the media_cas_packager_sdk, to be used to build a ECM TS packet by the SDK. ------------- Add METADATA in common folder ------------- Refactoring of certificate verification into DrmRootCertificate. ------------- Extend the default duration of leaf certificates. ------------- Fix moe_test ------------- Add a new method to WvCasEcm to allow partner to create a TS packet carrying the generated ECM. ------------- Change from SHA1 to SHA256 for Cast certificates ------------- Update crypto mode enumeration to match WV ECM document ------------- Fix the way we set the validity dates ------------- Move exported_root/util/status to common/ to prepare for util::Status migration Also added constructor/operator to copy from/to util::Status. ------------- Add GenerateDCSLrequest function to certificate_util.h. ------------- Fix build break ------------- Allow 'table_id' (in the section header) be specified by caller of SDK method WvCasEcm::GenerateTsPacket(). ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=224535399
58 lines
1.5 KiB
C++
58 lines
1.5 KiB
C++
////////////////////////////////////////////////////////////////////////////////
|
|
// Copyright 2017 Google LLC.
|
|
//
|
|
// This software is licensed under the terms defined in the Widevine Master
|
|
// License Agreement. For a copy of this agreement, please contact
|
|
// widevine-licensing@google.com.
|
|
////////////////////////////////////////////////////////////////////////////////
|
|
//
|
|
// Description:
|
|
// Singleton object which validates VMP (Verified Media Pipeline) data for
|
|
// purposes of platform software verification.
|
|
|
|
#ifndef COMMON_VMP_CHECKER_H_
|
|
#define COMMON_VMP_CHECKER_H_
|
|
|
|
#include <memory>
|
|
#include <string>
|
|
|
|
#include "util/status.h"
|
|
#include "common/certificate_type.h"
|
|
|
|
namespace widevine {
|
|
class X509CA;
|
|
|
|
class VmpChecker {
|
|
public:
|
|
enum Result {
|
|
kUnverified = 0,
|
|
kVerified = 1,
|
|
kSecureStorageVerified = 2,
|
|
kTampered = 3
|
|
};
|
|
|
|
// Singleton accessor.
|
|
static VmpChecker* Instance();
|
|
|
|
// Select the type of root to use. Not thread-safe.
|
|
virtual util::Status SelectCertificateType(CertificateType cert_type);
|
|
|
|
// Verify VMP data and return appropriate result.
|
|
virtual util::Status VerifyVmpData(const std::string& vmp_data, Result* result);
|
|
|
|
// Enable/disable development code signing certificates.
|
|
void set_allow_development_vmp(bool allow) { allow_development_vmp_ = allow; }
|
|
bool allow_development_vmp() const { return allow_development_vmp_; }
|
|
|
|
private:
|
|
VmpChecker();
|
|
~VmpChecker();
|
|
|
|
std::unique_ptr<X509CA> ca_;
|
|
bool allow_development_vmp_ = false;
|
|
};
|
|
|
|
} // namespace widevine
|
|
|
|
#endif // COMMON_VMP_CHECKER_H_
|