diff --git a/example/example_data/certificate_list b/example/example_data/certificate_list index cf9d5da..17beb58 100644 Binary files a/example/example_data/certificate_list and b/example/example_data/certificate_list differ diff --git a/example/example_data/intermediate.encrypted.private b/example/example_data/intermediate.encrypted.private index 91f3edf..1bab10a 100644 Binary files a/example/example_data/intermediate.encrypted.private and b/example/example_data/intermediate.encrypted.private differ diff --git a/example/example_data/intermediate.public b/example/example_data/intermediate.public index c187cb9..4ddcd26 100644 Binary files a/example/example_data/intermediate.public and b/example/example_data/intermediate.public differ diff --git a/example/example_data/message b/example/example_data/message index 4f75666..df77986 100644 Binary files a/example/example_data/message and b/example/example_data/message differ diff --git a/example/example_data/provider.cert b/example/example_data/provider.cert deleted file mode 100644 index 178d9b3..0000000 Binary files a/example/example_data/provider.cert and /dev/null differ diff --git a/example/example_data/provider.encrypted.private b/example/example_data/provider.encrypted.private deleted file mode 100644 index 056470f..0000000 Binary files a/example/example_data/provider.encrypted.private and /dev/null differ diff --git a/example/example_data/provisioner.cert b/example/example_data/provisioner.cert new file mode 100644 index 0000000..e98d6ff Binary files /dev/null and b/example/example_data/provisioner.cert differ diff --git a/example/example_data/provisioner.encrypted.private b/example/example_data/provisioner.encrypted.private new file mode 100644 index 0000000..b174a3e Binary files /dev/null and b/example/example_data/provisioner.encrypted.private differ diff --git a/example/example_data/provider.passphrase b/example/example_data/provisioner.passphrase similarity index 100% rename from example/example_data/provider.passphrase rename to example/example_data/provisioner.passphrase diff --git a/example/example_data/provisioner.spoid_secret b/example/example_data/provisioner.spoid_secret new file mode 100644 index 0000000..7f3fe95 --- /dev/null +++ b/example/example_data/provisioner.spoid_secret @@ -0,0 +1,4 @@ +Twas bryllyg, and ye slythy toves +Did gyre and gymble in ye wabe: +All mimsy were ye borogoves; +And ye mome raths outgrabe. diff --git a/example/example_data/provisioning_message_generator b/example/example_data/provisioning_message_generator index f693bff..0cd22eb 100755 Binary files a/example/example_data/provisioning_message_generator and b/example/example_data/provisioning_message_generator differ diff --git a/example/example_data/root.private b/example/example_data/root.private new file mode 100644 index 0000000..03b99d9 Binary files /dev/null and b/example/example_data/root.private differ diff --git a/example/example_data/service.cert b/example/example_data/service.cert index ff6ee16..b17b7d4 100644 Binary files a/example/example_data/service.cert and b/example/example_data/service.cert differ diff --git a/example/example_data/service.encrypted.private b/example/example_data/service.encrypted.private index 5b17231..2615dbe 100644 Binary files a/example/example_data/service.encrypted.private and b/example/example_data/service.encrypted.private differ diff --git a/example/example_data/service.public b/example/example_data/service.public index c9c0d0d..292a265 100644 Binary files a/example/example_data/service.public and b/example/example_data/service.public differ diff --git a/example/example_data/user.private b/example/example_data/user.private index b7b5f33..5eb66de 100644 Binary files a/example/example_data/user.private and b/example/example_data/user.private differ diff --git a/example/example_data/user.public b/example/example_data/user.public index 4ec3886..0be4b27 100644 Binary files a/example/example_data/user.public and b/example/example_data/user.public differ diff --git a/example/provisioning_example.cc b/example/provisioning_example.cc index 907d0a6..2539807 100644 --- a/example/provisioning_example.cc +++ b/example/provisioning_example.cc @@ -1,3 +1,11 @@ +//////////////////////////////////////////////////////////////////////////////// +// Copyright 2016 Google Inc. +// +// This software is licensed under the terms defined in the Widevine Master +// License Agreement. For a copy of this agreement, please contact +// widevine-licensing@google.com. +//////////////////////////////////////////////////////////////////////////////// + #include #include #include @@ -12,7 +20,7 @@ using widevine::OK; using widevine::ProvisioningEngine; using widevine::ProvisioningSession; -using widevine::kCertDevelopment; +using widevine::kCertTesting; std::string GetContents(const std::string& file_name) { if (file_name.empty()) { @@ -42,12 +50,13 @@ int main(int argc, char** argv) { // Call Initialize to setup the engine. if (engine.Initialize( - kCertDevelopment, GetContents("example_data/service.cert"), + kCertTesting, GetContents("example_data/service.cert"), GetContents("example_data/service.encrypted.private"), GetContents("example_data/service.passphrase"), - GetContents("example_data/provider.cert"), - GetContents("example_data/provider.encrypted.private"), - GetContents("example_data/provider.passphrase")) != OK) { + GetContents("example_data/provisioner.cert"), + GetContents("example_data/provisioner.encrypted.private"), + GetContents("example_data/provisioner.passphrase"), + GetContents("example_data/provisioner.spoid_secret")) != OK) { std::cout << "Failed to initialize." << std::endl; return 1; } diff --git a/libprovisioning_sdk.so b/libprovisioning_sdk.so index eda6e7f..3450896 100755 Binary files a/libprovisioning_sdk.so and b/libprovisioning_sdk.so differ diff --git a/protos/public/certificate_provisioning.proto b/protos/public/certificate_provisioning.proto index dae596b..3aacf45 100644 --- a/protos/public/certificate_provisioning.proto +++ b/protos/public/certificate_provisioning.proto @@ -1,5 +1,11 @@ -// Copyright 2013 Google Inc. All Rights Reserved. -// Author: tinskip@google.com (Thomas Inskip) +//////////////////////////////////////////////////////////////////////////////// +// Copyright 2016 Google Inc. +// +// This software is licensed under the terms defined in the Widevine Master +// License Agreement. For a copy of this agreement, please contact +// widevine-licensing@google.com. +//////////////////////////////////////////////////////////////////////////////// + // // Description: // Public protocol buffer definitions for Widevine Device Certificate @@ -39,12 +45,16 @@ message ProvisioningRequest { optional bytes nonce = 2; // Options for type of certificate to generate. Optional. optional ProvisioningOptions options = 3; - oneof origin_id { + oneof spoid_param { // Stable identifier, unique for each device + application (or origin). - // Required if doing per-origin provisioning. + // To be deprecated. bytes stable_id = 4; - // Stable content provider ID. + // Service provider ID from the service certificate's provider_id field. + // Preferred parameter. bytes provider_id = 6; + // Client-generated stable per-origin identifier to be copied directly + // to the client certificate serial number. + bytes spoid = 7; } } diff --git a/protos/public/client_identification.proto b/protos/public/client_identification.proto index 00a9b39..f2281ff 100644 --- a/protos/public/client_identification.proto +++ b/protos/public/client_identification.proto @@ -1,5 +1,11 @@ -// Copyright 2013 Google Inc. All Rights Reserved. -// Author: tinskip@google.com (Thomas Inskip) +//////////////////////////////////////////////////////////////////////////////// +// Copyright 2016 Google Inc. +// +// This software is licensed under the terms defined in the Widevine Master +// License Agreement. For a copy of this agreement, please contact +// widevine-licensing@google.com. +//////////////////////////////////////////////////////////////////////////////// + // // Description: // ClientIdentification messages used by provisioning and license protocols. @@ -37,6 +43,11 @@ message ClientIdentification { HDCP_NO_DIGITAL_OUTPUT = 0xff; } + enum CertificateKeyType { + RSA_2048 = 0; + RSA_3072 = 1; + } + optional bool client_token = 1 [default = false]; optional bool session_token = 2 [default = false]; optional bool video_resolution_constraints = 3 [default = false]; @@ -46,6 +57,12 @@ message ClientIdentification { // storing the generation number in secure memory. For Details, see: // https://docs.google.com/document/d/1Mm8oB51SYAgry62mEuh_2OEkabikBiS61kN7HsDnh9Y/edit#heading=h.xgjl2srtytjt optional bool anti_rollback_usage_table = 6 [default = false]; + // The client shall report |srm_version| if available. + optional uint32 srm_version = 7; + // A device may have SRM data, and report a version, but may not be capable + // of updating SRM data. + optional bool can_update_srm = 8 [default = false]; + repeated CertificateKeyType supported_certificate_key_type = 9; } // Type of factory-provisioned device root of trust. Optional. @@ -68,9 +85,9 @@ message ClientIdentification { // EncryptedClientIdentification message used to hold ClientIdentification // messages encrypted for privacy purposes. message EncryptedClientIdentification { - // Service ID for which the ClientIdentifcation is encrypted (owner of service - // certificate). - optional string service_id = 1; + // Provider ID for which the ClientIdentifcation is encrypted (owner of + // service certificate). + optional string provider_id = 1; // Serial number for the service certificate for which ClientIdentification is // encrypted. optional bytes service_certificate_serial_number = 2; diff --git a/protos/public/provisioned_device_info.proto b/protos/public/provisioned_device_info.proto index 480530c..c5c5b97 100644 --- a/protos/public/provisioned_device_info.proto +++ b/protos/public/provisioned_device_info.proto @@ -1,3 +1,11 @@ +//////////////////////////////////////////////////////////////////////////////// +// Copyright 2016 Google Inc. +// +// This software is licensed under the terms defined in the Widevine Master +// License Agreement. For a copy of this agreement, please contact +// widevine-licensing@google.com. +//////////////////////////////////////////////////////////////////////////////// + // Description: // Provisioned device info format definitions. diff --git a/protos/public/signed_device_certificate.proto b/protos/public/signed_device_certificate.proto index db808ff..23a9fbe 100644 --- a/protos/public/signed_device_certificate.proto +++ b/protos/public/signed_device_certificate.proto @@ -1,3 +1,11 @@ +//////////////////////////////////////////////////////////////////////////////// +// Copyright 2016 Google Inc. +// +// This software is licensed under the terms defined in the Widevine Master +// License Agreement. For a copy of this agreement, please contact +// widevine-licensing@google.com. +//////////////////////////////////////////////////////////////////////////////// + // Signed device certificate definition. syntax = "proto2"; diff --git a/provisioning_sdk/public/certificate_type.h b/provisioning_sdk/public/certificate_type.h index 4f1c92f..f4640d7 100644 --- a/provisioning_sdk/public/certificate_type.h +++ b/provisioning_sdk/public/certificate_type.h @@ -1,3 +1,11 @@ +//////////////////////////////////////////////////////////////////////////////// +// Copyright 2016 Google Inc. +// +// This software is licensed under the terms defined in the Widevine Master +// License Agreement. For a copy of this agreement, please contact +// widevine-licensing@google.com. +//////////////////////////////////////////////////////////////////////////////// + #ifndef PROVISIONING_SDK_PUBLIC_CERTIFICATE_TYPE_H_ #define PROVISIONING_SDK_PUBLIC_CERTIFICATE_TYPE_H_ diff --git a/provisioning_sdk/public/provisioning_engine.h b/provisioning_sdk/public/provisioning_engine.h index 6ba5049..c6c88b2 100644 --- a/provisioning_sdk/public/provisioning_engine.h +++ b/provisioning_sdk/public/provisioning_engine.h @@ -1,4 +1,10 @@ -// Copyright 2016 Google Inc. All rights reserved. +//////////////////////////////////////////////////////////////////////////////// +// Copyright 2016 Google Inc. +// +// This software is licensed under the terms defined in the Widevine Master +// License Agreement. For a copy of this agreement, please contact +// widevine-licensing@google.com. +//////////////////////////////////////////////////////////////////////////////// #ifndef PROVISIONING_SDK_PUBLIC_PROVISIONING_ENGINE_H_ #define PROVISIONING_SDK_PUBLIC_PROVISIONING_ENGINE_H_ @@ -40,6 +46,8 @@ class ProvisioningEngine { // corresponding to the provisioning certificate. // * |provisioning_private_key_passphrase| is the password required to // decrypt |provisioning_private_key|, if any. + // * |secret_spoid_sauce| is a stable secret used as a factor in the + // derivation of Stable Per-Origin IDentifiers. // * Returns OK on success, or an appropriate error status code otherwise. ProvisioningStatus Initialize( CertificateType certificate_type, @@ -48,7 +56,8 @@ class ProvisioningEngine { const std::string& service_private_key_passphrase, const std::string& provisioning_drm_certificate, const std::string& provisioning_private_key, - const std::string& provisioning_private_key_passphrase); + const std::string& provisioning_private_key_passphrase, + const std::string& secret_spoid_sauce); // Set the certificate status list for this engine. // * |certificate_status_list| is a certificate status list generated by the @@ -112,7 +121,9 @@ class ProvisioningEngine { // Generate a new device DRM certificate to be provisioned by means other than // the Widevine provisioning protocol. // NOTE: This API should only be used to provision devices which were - // manufactured without Widevine DRM support. + // manufactured without Widevine DRM support. It is meant to be used as + // an exception, and not the norm. Most devices should be provisioned + // by means of a ProvisioningSession. // * |system_id| is the Widevine system ID for the type of device being // provisioned. // * |public_key| is a DER-encoded PKCS#1.5 RSAPublicKey message which will diff --git a/provisioning_sdk/public/provisioning_session.h b/provisioning_sdk/public/provisioning_session.h index d8f85d8..c83455d 100644 --- a/provisioning_sdk/public/provisioning_session.h +++ b/provisioning_sdk/public/provisioning_session.h @@ -1,4 +1,10 @@ -// Copyright 2016 Google Inc. All rights reserved. +//////////////////////////////////////////////////////////////////////////////// +// Copyright 2016 Google Inc. +// +// This software is licensed under the terms defined in the Widevine Master +// License Agreement. For a copy of this agreement, please contact +// widevine-licensing@google.com. +//////////////////////////////////////////////////////////////////////////////// #ifndef PROVISIONING_SDK_PUBLIC_PROVISIONING_SESSION_H_ #define PROVISIONING_SDK_PUBLIC_PROVISIONING_SESSION_H_ diff --git a/provisioning_sdk/public/provisioning_status.h b/provisioning_sdk/public/provisioning_status.h index 40ae323..158f418 100644 --- a/provisioning_sdk/public/provisioning_status.h +++ b/provisioning_sdk/public/provisioning_status.h @@ -1,4 +1,10 @@ -// Copyright 2016 Google Inc. All rights reserved. +//////////////////////////////////////////////////////////////////////////////// +// Copyright 2016 Google Inc. +// +// This software is licensed under the terms defined in the Widevine Master +// License Agreement. For a copy of this agreement, please contact +// widevine-licensing@google.com. +//////////////////////////////////////////////////////////////////////////////// #ifndef PROVISIONING_SDK_PUBLIC_PROVISIONING_STATUS_H_ #define PROVISIONING_SDK_PUBLIC_PROVISIONING_STATUS_H_ @@ -12,9 +18,9 @@ enum ProvisioningStatus { INVALID_SERVICE_DRM_CERTIFICATE = 3, // Invalid service private key or private key passphrase. INVALID_SERVICE_PRIVATE_KEY = 4, - INVALID_PROVISIONING_DRM_CERTIFICATE = 5, - // Invalid provisioning private key or private key passphrase. - INVALID_PROVISIONING_PRIVATE_KEY = 6, + INVALID_PROVISIONER_DRM_CERTIFICATE = 5, + // Invalid provisioner private key or private key passphrase. + INVALID_PROVISIONER_PRIVATE_KEY = 6, INVALID_INTERMEDIATE_DRM_CERTIFICATE = 7, INVALID_INTERMEDIATE_PUBLIC_KEY = 8, // Invalid intermediate private key or private key passphrase. @@ -31,6 +37,7 @@ enum ProvisioningStatus { DEVICE_REVOKED = 19, INVALID_SERIAL_NUMBER = 20, INTERNAL_ERROR = 21, + INVALID_SPOID_SAUCE = 22, NUM_PROVISIONING_STATUS, }; diff --git a/provisioning_sdk/public/python/base.i b/provisioning_sdk/public/python/base.i index c2a03d3..db4d783 100644 --- a/provisioning_sdk/public/python/base.i +++ b/provisioning_sdk/public/python/base.i @@ -1,3 +1,11 @@ +//////////////////////////////////////////////////////////////////////////////// +// Copyright 2016 Google Inc. +// +// This software is licensed under the terms defined in the Widevine Master +// License Agreement. For a copy of this agreement, please contact +// widevine-licensing@google.com. +//////////////////////////////////////////////////////////////////////////////// + %include "std_string.i" %include "typemaps.i" diff --git a/provisioning_sdk/public/python/certificate_type.i b/provisioning_sdk/public/python/certificate_type.i index 1f70ec4..c83aaa3 100644 --- a/provisioning_sdk/public/python/certificate_type.i +++ b/provisioning_sdk/public/python/certificate_type.i @@ -1,3 +1,11 @@ +//////////////////////////////////////////////////////////////////////////////// +// Copyright 2016 Google Inc. +// +// This software is licensed under the terms defined in the Widevine Master +// License Agreement. For a copy of this agreement, please contact +// widevine-licensing@google.com. +//////////////////////////////////////////////////////////////////////////////// + // Swig file to generate a Python library for: // provisioning_sdk/public/certificate_type.h @@ -13,8 +21,8 @@ %unignore widevine; %unignore widevine::CertificateType; +%unignore widevine::kCertTesting; %unignore widevine::kCertDevelopment; - %include "provisioning_sdk/public/certificate_type.h" %unignoreall diff --git a/provisioning_sdk/public/python/crypto_utility.py b/provisioning_sdk/public/python/crypto_utility.py index b337121..fde1f05 100644 --- a/provisioning_sdk/public/python/crypto_utility.py +++ b/provisioning_sdk/public/python/crypto_utility.py @@ -1,3 +1,11 @@ +################################################################################ +# Copyright 2016 Google Inc. +# +# This software is licensed under the terms defined in the Widevine Master +# License Agreement. For a copy of this agreement, please contact +# widevine-licensing@google.com. +################################################################################ + """Utility functions for cryptography.""" from cryptography.hazmat import backends diff --git a/provisioning_sdk/public/python/drm_intermediate_certificate_test.py b/provisioning_sdk/public/python/drm_intermediate_certificate_test.py index e7df25e..5151990 100644 --- a/provisioning_sdk/public/python/drm_intermediate_certificate_test.py +++ b/provisioning_sdk/public/python/drm_intermediate_certificate_test.py @@ -1,3 +1,11 @@ +################################################################################ +# Copyright 2016 Google Inc. +# +# This software is licensed under the terms defined in the Widevine Master +# License Agreement. For a copy of this agreement, please contact +# widevine-licensing@google.com. +################################################################################ + import unittest import pywrapprovisioning_engine diff --git a/provisioning_sdk/public/python/engine_generate_certificate_test.py b/provisioning_sdk/public/python/engine_generate_certificate_test.py index fb1fddf..8c74cc3 100644 --- a/provisioning_sdk/public/python/engine_generate_certificate_test.py +++ b/provisioning_sdk/public/python/engine_generate_certificate_test.py @@ -1,3 +1,11 @@ +################################################################################ +# Copyright 2016 Google Inc. +# +# This software is licensed under the terms defined in the Widevine Master +# License Agreement. For a copy of this agreement, please contact +# widevine-licensing@google.com. +################################################################################ + import unittest import crypto_utility diff --git a/provisioning_sdk/public/python/init_engine_test.py b/provisioning_sdk/public/python/init_engine_test.py index a5d7454..5306208 100644 --- a/provisioning_sdk/public/python/init_engine_test.py +++ b/provisioning_sdk/public/python/init_engine_test.py @@ -1,3 +1,11 @@ +################################################################################ +# Copyright 2016 Google Inc. +# +# This software is licensed under the terms defined in the Widevine Master +# License Agreement. For a copy of this agreement, please contact +# widevine-licensing@google.com. +################################################################################ + import unittest import pywrapcertificate_type @@ -49,94 +57,114 @@ class InitEngineTest(unittest.TestCase): def testInitEngineInvalidServiceDrmCert(self): status = self._engine.Initialize( - pywrapcertificate_type.kCertDevelopment, 'INVALID_CERT', + pywrapcertificate_type.kCertTesting, 'INVALID_CERT', test_data_utility.SERVICE_PRIVATE_KEY, test_data_utility.SERVICE_PRIVATE_KEY_PASS, - test_data_utility.PROVISIONING_DRM_CERT, - test_data_utility.PROVISIONING_PRIVATE_KEY, - test_data_utility.PROVISIONING_PRIVATE_KEY_PASS) + test_data_utility.PROVISIONER_DRM_CERT, + test_data_utility.PROVISIONER_PRIVATE_KEY, + test_data_utility.PROVISIONER_PRIVATE_KEY_PASS, + test_data_utility.PROVISIONER_SPOID_SECRET) self.assertEqual(pywrapprovisioning_status.INVALID_SERVICE_DRM_CERTIFICATE, status) def testInitEngineInvalidServicePrivateKey(self): status = self._engine.Initialize( - pywrapcertificate_type.kCertDevelopment, + pywrapcertificate_type.kCertTesting, test_data_utility.SERVICE_DRM_CERT, 'INVALID_KEY', test_data_utility.SERVICE_PRIVATE_KEY_PASS, - test_data_utility.PROVISIONING_DRM_CERT, - test_data_utility.PROVISIONING_PRIVATE_KEY, - test_data_utility.PROVISIONING_PRIVATE_KEY_PASS) + test_data_utility.PROVISIONER_DRM_CERT, + test_data_utility.PROVISIONER_PRIVATE_KEY, + test_data_utility.PROVISIONER_PRIVATE_KEY_PASS, + test_data_utility.PROVISIONER_SPOID_SECRET) self.assertEqual(pywrapprovisioning_status.INVALID_SERVICE_PRIVATE_KEY, status) def testInitEngineWrongServicePrivateKey(self): status = self._engine.Initialize( - pywrapcertificate_type.kCertDevelopment, + pywrapcertificate_type.kCertTesting, test_data_utility.SERVICE_DRM_CERT, - test_data_utility.PROVISIONING_PRIVATE_KEY, + test_data_utility.PROVISIONER_PRIVATE_KEY, test_data_utility.SERVICE_PRIVATE_KEY_PASS, - test_data_utility.PROVISIONING_DRM_CERT, - test_data_utility.PROVISIONING_PRIVATE_KEY, - test_data_utility.PROVISIONING_PRIVATE_KEY_PASS) + test_data_utility.PROVISIONER_DRM_CERT, + test_data_utility.PROVISIONER_PRIVATE_KEY, + test_data_utility.PROVISIONER_PRIVATE_KEY_PASS, + test_data_utility.PROVISIONER_SPOID_SECRET) self.assertEqual(pywrapprovisioning_status.INVALID_SERVICE_PRIVATE_KEY, status) def testInitEngineInvalidServicePrivateKeyPassphrase(self): status = self._engine.Initialize( - pywrapcertificate_type.kCertDevelopment, + pywrapcertificate_type.kCertTesting, test_data_utility.SERVICE_DRM_CERT, test_data_utility.SERVICE_PRIVATE_KEY, 'INVALID_PASSPHRASE', - test_data_utility.PROVISIONING_DRM_CERT, - test_data_utility.PROVISIONING_PRIVATE_KEY, - test_data_utility.PROVISIONING_PRIVATE_KEY_PASS) + test_data_utility.PROVISIONER_DRM_CERT, + test_data_utility.PROVISIONER_PRIVATE_KEY, + test_data_utility.PROVISIONER_PRIVATE_KEY_PASS, + test_data_utility.PROVISIONER_SPOID_SECRET) self.assertEqual(pywrapprovisioning_status.INVALID_SERVICE_PRIVATE_KEY, status) def testInitEngineInvalidDrmCert(self): status = self._engine.Initialize( - pywrapcertificate_type.kCertDevelopment, + pywrapcertificate_type.kCertTesting, test_data_utility.SERVICE_DRM_CERT, test_data_utility.SERVICE_PRIVATE_KEY, test_data_utility.SERVICE_PRIVATE_KEY_PASS, 'INVALID_CERT', - test_data_utility.PROVISIONING_PRIVATE_KEY, - test_data_utility.PROVISIONING_PRIVATE_KEY_PASS) + test_data_utility.PROVISIONER_PRIVATE_KEY, + test_data_utility.PROVISIONER_PRIVATE_KEY_PASS, + test_data_utility.PROVISIONER_SPOID_SECRET) self.assertEqual( - pywrapprovisioning_status.INVALID_PROVISIONING_DRM_CERTIFICATE, status) + pywrapprovisioning_status.INVALID_PROVISIONER_DRM_CERTIFICATE, status) def testInitEngineInvalidDrmPrivateKey(self): status = self._engine.Initialize( - pywrapcertificate_type.kCertDevelopment, + pywrapcertificate_type.kCertTesting, test_data_utility.SERVICE_DRM_CERT, test_data_utility.SERVICE_PRIVATE_KEY, test_data_utility.SERVICE_PRIVATE_KEY_PASS, - test_data_utility.PROVISIONING_DRM_CERT, 'INVALID_KEY', - test_data_utility.PROVISIONING_PRIVATE_KEY_PASS) - self.assertEqual(pywrapprovisioning_status.INVALID_PROVISIONING_PRIVATE_KEY, + test_data_utility.PROVISIONER_DRM_CERT, 'INVALID_KEY', + test_data_utility.PROVISIONER_PRIVATE_KEY_PASS, + test_data_utility.PROVISIONER_SPOID_SECRET) + self.assertEqual(pywrapprovisioning_status.INVALID_PROVISIONER_PRIVATE_KEY, status) def testInitEngineWrongDrmPrivateKey(self): status = self._engine.Initialize( - pywrapcertificate_type.kCertDevelopment, + pywrapcertificate_type.kCertTesting, test_data_utility.SERVICE_DRM_CERT, test_data_utility.SERVICE_PRIVATE_KEY, test_data_utility.SERVICE_PRIVATE_KEY_PASS, - test_data_utility.PROVISIONING_DRM_CERT, + test_data_utility.PROVISIONER_DRM_CERT, test_data_utility.SERVICE_PRIVATE_KEY, - test_data_utility.PROVISIONING_PRIVATE_KEY_PASS) - self.assertEqual(pywrapprovisioning_status.INVALID_PROVISIONING_PRIVATE_KEY, + test_data_utility.PROVISIONER_PRIVATE_KEY_PASS, + test_data_utility.PROVISIONER_SPOID_SECRET) + self.assertEqual(pywrapprovisioning_status.INVALID_PROVISIONER_PRIVATE_KEY, status) def testInitEngineInvalidDrmPrivateKeyPassphrase(self): - status = self._engine.Initialize(pywrapcertificate_type.kCertDevelopment, - test_data_utility.SERVICE_DRM_CERT, - test_data_utility.SERVICE_PRIVATE_KEY, - test_data_utility.SERVICE_PRIVATE_KEY_PASS, - test_data_utility.PROVISIONING_DRM_CERT, - test_data_utility.PROVISIONING_PRIVATE_KEY, - 'INVALID_PASSPHRASE') - self.assertEqual(pywrapprovisioning_status.INVALID_PROVISIONING_PRIVATE_KEY, + status = self._engine.Initialize( + pywrapcertificate_type.kCertTesting, + test_data_utility.SERVICE_DRM_CERT, + test_data_utility.SERVICE_PRIVATE_KEY, + test_data_utility.SERVICE_PRIVATE_KEY_PASS, + test_data_utility.PROVISIONER_DRM_CERT, + test_data_utility.PROVISIONER_PRIVATE_KEY, + 'INVALID_PASSPHRASE', + test_data_utility.PROVISIONER_SPOID_SECRET) + self.assertEqual(pywrapprovisioning_status.INVALID_PROVISIONER_PRIVATE_KEY, status) + def testInitEngineInvalidSpoidSecret(self): + status = self._engine.Initialize( + pywrapcertificate_type.kCertTesting, + test_data_utility.SERVICE_DRM_CERT, + test_data_utility.SERVICE_PRIVATE_KEY, + test_data_utility.SERVICE_PRIVATE_KEY_PASS, + test_data_utility.PROVISIONER_DRM_CERT, + test_data_utility.PROVISIONER_PRIVATE_KEY, + test_data_utility.PROVISIONER_PRIVATE_KEY_PASS, + '') + self.assertEqual(pywrapprovisioning_status.INVALID_SPOID_SAUCE, status) if __name__ == '__main__': unittest.main() diff --git a/provisioning_sdk/public/python/new_session_test.py b/provisioning_sdk/public/python/new_session_test.py index c1e1106..8702b41 100644 --- a/provisioning_sdk/public/python/new_session_test.py +++ b/provisioning_sdk/public/python/new_session_test.py @@ -1,3 +1,11 @@ +################################################################################ +# Copyright 2016 Google Inc. +# +# This software is licensed under the terms defined in the Widevine Master +# License Agreement. For a copy of this agreement, please contact +# widevine-licensing@google.com. +################################################################################ + import unittest import crypto_utility diff --git a/provisioning_sdk/public/python/provisioning_engine.i b/provisioning_sdk/public/python/provisioning_engine.i index 6b0bfdc..64c7c1e 100644 --- a/provisioning_sdk/public/python/provisioning_engine.i +++ b/provisioning_sdk/public/python/provisioning_engine.i @@ -1,3 +1,11 @@ +//////////////////////////////////////////////////////////////////////////////// +// Copyright 2016 Google Inc. +// +// This software is licensed under the terms defined in the Widevine Master +// License Agreement. For a copy of this agreement, please contact +// widevine-licensing@google.com. +//////////////////////////////////////////////////////////////////////////////// + // Swig file to generate a Python library for: // provisioning_sdk/public/provisioning_engine.h diff --git a/provisioning_sdk/public/python/provisioning_session.i b/provisioning_sdk/public/python/provisioning_session.i index 06d40ce..cbefa36 100644 --- a/provisioning_sdk/public/python/provisioning_session.i +++ b/provisioning_sdk/public/python/provisioning_session.i @@ -1,3 +1,11 @@ +//////////////////////////////////////////////////////////////////////////////// +// Copyright 2016 Google Inc. +// +// This software is licensed under the terms defined in the Widevine Master +// License Agreement. For a copy of this agreement, please contact +// widevine-licensing@google.com. +//////////////////////////////////////////////////////////////////////////////// + // Swig file to generate a Python library for: // provisioning_sdk/public/provisioning_session.h diff --git a/provisioning_sdk/public/python/provisioning_status.i b/provisioning_sdk/public/python/provisioning_status.i index ede3558..4c6c1ae 100644 --- a/provisioning_sdk/public/python/provisioning_status.i +++ b/provisioning_sdk/public/python/provisioning_status.i @@ -1,3 +1,11 @@ +//////////////////////////////////////////////////////////////////////////////// +// Copyright 2016 Google Inc. +// +// This software is licensed under the terms defined in the Widevine Master +// License Agreement. For a copy of this agreement, please contact +// widevine-licensing@google.com. +//////////////////////////////////////////////////////////////////////////////// + // Swig file to generate a Python library for: // provisioning_sdk/public/provisioning_status.h @@ -17,8 +25,8 @@ %unignore widevine::PROVISIONING_ENGINE_UNINITIALIZED; %unignore widevine::INVALID_SERVICE_DRM_CERTIFICATE; %unignore widevine::INVALID_SERVICE_PRIVATE_KEY; -%unignore widevine::INVALID_PROVISIONING_DRM_CERTIFICATE; -%unignore widevine::INVALID_PROVISIONING_PRIVATE_KEY; +%unignore widevine::INVALID_PROVISIONER_DRM_CERTIFICATE; +%unignore widevine::INVALID_PROVISIONER_PRIVATE_KEY; %unignore widevine::INVALID_STATUS_LIST; %unignore widevine::STATUS_LIST_EXPIRED; %unignore widevine::UNKNOWN_SYSTEM_ID; @@ -28,6 +36,7 @@ %unignore widevine::MISSING_DRM_INTERMEDIATE_CERT; %unignore widevine::DEVICE_REVOKED; %unignore widevine::INVALID_SERIAL_NUMBER; +%unignore widevine::INVALID_SPOID_SAUCE; %unignore widevine::GetProvisioningStatusMessage; %include "provisioning_sdk/public/provisioning_status.h" diff --git a/provisioning_sdk/public/python/set_certificate_status_list_test.py b/provisioning_sdk/public/python/set_certificate_status_list_test.py index 3a4e048..42bf9e9 100644 --- a/provisioning_sdk/public/python/set_certificate_status_list_test.py +++ b/provisioning_sdk/public/python/set_certificate_status_list_test.py @@ -1,3 +1,11 @@ +################################################################################ +# Copyright 2016 Google Inc. +# +# This software is licensed under the terms defined in the Widevine Master +# License Agreement. For a copy of this agreement, please contact +# widevine-licensing@google.com. +################################################################################ + import unittest import pywrapprovisioning_engine diff --git a/provisioning_sdk/public/python/setup.py b/provisioning_sdk/public/python/setup.py index c3ccb17..4f84aa6 100644 --- a/provisioning_sdk/public/python/setup.py +++ b/provisioning_sdk/public/python/setup.py @@ -1,3 +1,11 @@ +################################################################################ +# Copyright 2016 Google Inc. +# +# This software is licensed under the terms defined in the Widevine Master +# License Agreement. For a copy of this agreement, please contact +# widevine-licensing@google.com. +################################################################################ + """setup script to build Python wrappers using swig configurations.""" import os diff --git a/provisioning_sdk/public/python/test_data_utility.py b/provisioning_sdk/public/python/test_data_utility.py index 5203ae7..f794132 100644 --- a/provisioning_sdk/public/python/test_data_utility.py +++ b/provisioning_sdk/public/python/test_data_utility.py @@ -1,3 +1,11 @@ +################################################################################ +# Copyright 2016 Google Inc. +# +# This software is licensed under the terms defined in the Widevine Master +# License Agreement. For a copy of this agreement, please contact +# widevine-licensing@google.com. +################################################################################ + """Utility class for Provisioning SDK testing.""" import os @@ -23,9 +31,10 @@ SERVICE_DRM_CERT = GetTestData('service.cert') SERVICE_PUBLIC_KEY = GetTestData('service.public') SERVICE_PRIVATE_KEY = GetTestData('service.encrypted.private') SERVICE_PRIVATE_KEY_PASS = GetTestData('service.passphrase') -PROVISIONING_DRM_CERT = GetTestData('provider.cert') -PROVISIONING_PRIVATE_KEY = GetTestData('provider.encrypted.private') -PROVISIONING_PRIVATE_KEY_PASS = GetTestData('provider.passphrase') +PROVISIONER_DRM_CERT = GetTestData('provisioner.cert') +PROVISIONER_PRIVATE_KEY = GetTestData('provisioner.encrypted.private') +PROVISIONER_PRIVATE_KEY_PASS = GetTestData('provisioner.passphrase') +PROVISIONER_SPOID_SECRET = GetTestData('provisioner.spoid_secret') CA_PUBLIC_KEY = GetTestData('intermediate.public') DEVICE_PUBLIC_KEY = GetTestData('user.public') DEVICE_PRIVATE_KEY = GetTestData('user.private') @@ -42,11 +51,12 @@ def InitProvisionEngineWithTestData(engine, verify_success=False): Returns: OK on success, or an appropriate error status code otherwise. """ - status = engine.Initialize(pywrapcertificate_type.kCertDevelopment, + status = engine.Initialize(pywrapcertificate_type.kCertTesting, SERVICE_DRM_CERT, SERVICE_PRIVATE_KEY, - SERVICE_PRIVATE_KEY_PASS, PROVISIONING_DRM_CERT, - PROVISIONING_PRIVATE_KEY, - PROVISIONING_PRIVATE_KEY_PASS) + SERVICE_PRIVATE_KEY_PASS, PROVISIONER_DRM_CERT, + PROVISIONER_PRIVATE_KEY, + PROVISIONER_PRIVATE_KEY_PASS, + PROVISIONER_SPOID_SECRET) if verify_success: AssertSuccess(status, 'Failed to initialize.') return status diff --git a/provisioning_sdk/public/python/unique_ptr.i b/provisioning_sdk/public/python/unique_ptr.i index 624ea1a..e37afe6 100644 --- a/provisioning_sdk/public/python/unique_ptr.i +++ b/provisioning_sdk/public/python/unique_ptr.i @@ -1,3 +1,11 @@ +//////////////////////////////////////////////////////////////////////////////// +// Copyright 2016 Google Inc. +// +// This software is licensed under the terms defined in the Widevine Master +// License Agreement. For a copy of this agreement, please contact +// widevine-licensing@google.com. +//////////////////////////////////////////////////////////////////////////////// + namespace std { template class unique_ptr {}; } diff --git a/run_tests.sh b/run_tests.sh index 34003ec..650098a 100755 --- a/run_tests.sh +++ b/run_tests.sh @@ -1,4 +1,11 @@ #!/bin/bash +################################################################################ +# Copyright 2016 Google Inc. +# +# This software is licensed under the terms defined in the Widevine Master +# License Agreement. For a copy of this agreement, please contact +# widevine-licensing@google.com. +################################################################################ # # This script generates a directory that stores the intermediate artifacts # needed for testing.