Export provisioning sdk
Change-Id: I4d47d80444c9507f84896767dc676112ca11e901
This commit is contained in:
Kongqun Yang
56
provisioning_sdk/internal/oem_device_cert.h
Normal file
56
provisioning_sdk/internal/oem_device_cert.h
Normal file
@@ -0,0 +1,56 @@
|
||||
////////////////////////////////////////////////////////////////////////////////
|
||||
// Copyright 2016 Google Inc.
|
||||
//
|
||||
// This software is licensed under the terms defined in the Widevine Master
|
||||
// License Agreement. For a copy of this agreement, please contact
|
||||
// widevine-licensing@google.com.
|
||||
////////////////////////////////////////////////////////////////////////////////
|
||||
|
||||
#ifndef PROVISIONING_SDK_INTERNAL_OEM_DEVICE_CERT_H_
|
||||
#define PROVISIONING_SDK_INTERNAL_OEM_DEVICE_CERT_H_
|
||||
|
||||
#include <stdint.h>
|
||||
|
||||
#include <memory>
|
||||
#include <string>
|
||||
|
||||
#include "common/openssl_util.h"
|
||||
#include "common/rsa_key.h"
|
||||
#include "provisioning_sdk/public/certificate_type.h"
|
||||
|
||||
namespace widevine {
|
||||
|
||||
// Implements a class to handle OEM certificate: verifies the validity of the
|
||||
// certificate and extracts leaf public key and system id.
|
||||
class OemDeviceCert {
|
||||
public:
|
||||
OemDeviceCert();
|
||||
virtual ~OemDeviceCert();
|
||||
|
||||
// Initialize with root certificate.
|
||||
bool Initialize(CertificateType certificate_type);
|
||||
|
||||
// Verify the given certificate chain (in DER encoded pkcs7 format), which
|
||||
// includes the leaf certificate (a device unique certificate containing the
|
||||
// device public OEM key) and the intermediate certificate (OEM model
|
||||
// intermediate CA certificate for a specific device make + model), and
|
||||
// extract public key from the leaf certificate and system id extension and
|
||||
// oem ca serial number from the intermediate certificate.
|
||||
virtual bool VerifyCertificateChain(
|
||||
const std::string& certificate_chain,
|
||||
std::unique_ptr<RsaPublicKey>* leaf_public_key, uint32_t* system_id,
|
||||
std::string* oem_ca_serial_number) const;
|
||||
|
||||
private:
|
||||
OemDeviceCert(const OemDeviceCert&) = delete;
|
||||
OemDeviceCert& operator=(const OemDeviceCert&) = delete;
|
||||
|
||||
// Internal implementation of Initialize function.
|
||||
bool Initialize(const std::string& serialized_root_certificate);
|
||||
|
||||
ScopedX509Store store_;
|
||||
};
|
||||
|
||||
} // namespace widevine
|
||||
|
||||
#endif // PROVISIONING_SDK_INTERNAL_OEM_DEVICE_CERT_H_
|
||||
Reference in New Issue
Block a user