widevine-partner/provisioning_sdk_source
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor and cleanup codes. No functional changes.

Browse Source
This commit is contained in:
KongQun Yang
2019-01-23 15:16:31 -08:00
parent 84f66d2320
commit 93265ab9d1
207 changed files with 14893 additions and 3332 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
provisioning_sdk/public/BUILD
View File

@@ -1,5 +1,5 @@
################################################################################
# Copyright 2016 Google Inc.
# Copyright 2016 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
@@ -33,7 +33,11 @@ cc_library(
name = "libprovisioning_sdk",
srcs = [":libprovisioning_sdk.so"],
hdrs = glob(["*.h"]),
deps = ["//base"],
deps = [
"//base",
"//common:certificate_type",
"//protos/public:certificate_provisioning_proto",
],
)
cc_library(
@@ -42,13 +46,17 @@ cc_library(
hdrs = ["provisioning_engine.h"],
copts = PUBLIC_COPTS,
deps = [
":certificate_type",
":provisioning_session",
":provisioning_status",
"//base",
"@abseil_repo//absl/memory",
"//common:certificate_type",
"//common:drm_service_certificate",
"//common:rsa_key",
"//provisioning_sdk/internal:provisioning30_session_impl",
"//provisioning_sdk/internal:provisioning_engine_impl",
"//provisioning_sdk/internal:provisioning_session_impl",
"//protos/public:certificate_provisioning_proto",
],
)
@@ -58,7 +66,7 @@ cc_test(
srcs = ["provisioning_engine_test.cc"],
deps = [
":provisioning_engine",
"//external:gtest_main",
"//testing:gunit_main",
],
)
@@ -71,7 +79,7 @@ cc_library(
":provisioning_status",
"//base",
"//provisioning_sdk/internal:provisioning_session_impl",
"//protos/public:device_certificate_proto",
"//protos/public:drm_certificate_proto",
],
)
@@ -82,9 +90,3 @@ cc_library(
copts = PUBLIC_COPTS,
deps = ["//base"],
)
cc_library(
name = "certificate_type",
hdrs = ["certificate_type.h"],
copts = PUBLIC_COPTS,
)

22
provisioning_sdk/public/certificate_type.h
View File

@@ -1,22 +0,0 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google Inc.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
#ifndef PROVISIONING_SDK_PUBLIC_CERTIFICATE_TYPE_H_
#define PROVISIONING_SDK_PUBLIC_CERTIFICATE_TYPE_H_
namespace widevine {
enum CertificateType {
kCertTesting = 0,
kCertDevelopment,
kCertProduction,
};
} // namespace widevine
#endif // PROVISIONING_SDK_PUBLIC_CERTIFICATE_TYPE_H_

92
provisioning_sdk/public/provisioning_engine.cc
View File

@@ -1,5 +1,5 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google Inc.
// Copyright 2016 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
@@ -11,7 +11,11 @@
#include <utility>
#include "glog/logging.h"
#include "absl/memory/memory.h"
#include "common/certificate_type.h"
#include "common/drm_service_certificate.h"
#include "common/rsa_key.h"
#include "provisioning_sdk/internal/provisioning30_session_impl.h"
#include "provisioning_sdk/internal/provisioning_engine_impl.h"
#include "provisioning_sdk/internal/provisioning_session_impl.h"
#include "provisioning_sdk/public/provisioning_session.h"
@@ -36,16 +40,35 @@ ProvisioningStatus ProvisioningEngine::Initialize(
}
std::unique_ptr<ProvisioningEngineImpl> impl(new ProvisioningEngineImpl);
ProvisioningStatus status = impl->Initialize(
certificate_type, service_drm_certificate, service_private_key,
service_private_key_passphrase, provisioning_drm_certificate,
provisioning_private_key, provisioning_private_key_passphrase,
secret_spoid_sauce);
ProvisioningStatus status =
impl->Initialize(certificate_type, service_drm_certificate,
service_private_key, service_private_key_passphrase,
provisioning_drm_certificate, provisioning_private_key,
provisioning_private_key_passphrase, secret_spoid_sauce);
if (status != OK) return status;
impl_ = std::move(impl);
// Register Provisioning 3.0 session factory.
RegisterProtocol(
SignedProvisioningMessage::PROVISIONING_30,
[](const ProvisioningEngineImpl& engine,
std::unique_ptr<ProvisioningSessionImpl>* new_session) {
*new_session = absl::make_unique<Provisioning30SessionImpl>(
engine, engine.oem_device_cert(),
*DrmServiceCertificate::GetDefaultDrmServiceCertificateOrDie()
->private_key());
return OK;
});
return OK;
}
void ProvisioningEngine::RegisterProtocol(
SignedProvisioningMessage::ProtocolVersion protocol,
SessionFactory session_factory) {
protocol_registry_[protocol] = std::move(session_factory);
}
ProvisioningStatus ProvisioningEngine::SetCertificateStatusList(
const std::string& certificate_status_list, uint32_t expiration_period_seconds) {
if (!impl_) return PROVISIONING_ENGINE_UNINITIALIZED;
@@ -74,6 +97,7 @@ ProvisioningStatus ProvisioningEngine::AddDrmIntermediateCertificate(
}
ProvisioningStatus ProvisioningEngine::NewProvisioningSession(
SignedProvisioningMessage::ProtocolVersion protocol,
const std::string& device_public_key, const std::string& device_private_key,
std::unique_ptr<ProvisioningSession>* new_session) const {
if (!impl_) return PROVISIONING_ENGINE_UNINITIALIZED;
@@ -82,12 +106,56 @@ ProvisioningStatus ProvisioningEngine::NewProvisioningSession(
return INTERNAL_ERROR;
}
std::unique_ptr<ProvisioningSessionImpl> session_impl(
new ProvisioningSessionImpl(*impl_, impl_->oem_device_cert(),
*impl_->service_private_key()));
ProvisioningStatus status =
session_impl->Initialize(device_public_key, device_private_key);
auto factory = protocol_registry_.find(protocol);
if (factory == protocol_registry_.end()) {
LOG(WARNING) << "Provisioning protocol not supported (" << protocol << ")";
return INVALID_PROTOCOL;
}
std::unique_ptr<ProvisioningSessionImpl> session_impl;
ProvisioningStatus status = (factory->second)(*impl_, &session_impl);
if (status != OK) return status;
status = session_impl->Initialize(device_public_key, device_private_key);
if (status != OK) return status;
*new_session = std::unique_ptr<ProvisioningSession>(
new ProvisioningSession(std::move(session_impl)));
return OK;
}
std::unique_ptr<ProvisioningSession> ProvisioningEngine::NewProvisioningSession(
SignedProvisioningMessage::ProtocolVersion protocol,
const std::string& device_public_key, const std::string& device_private_key,
ProvisioningStatus* status) const {
std::unique_ptr<ProvisioningSession> new_session;
*status = NewProvisioningSession(protocol, device_public_key,
device_private_key, &new_session);
return new_session;
}
ProvisioningStatus ProvisioningEngine::NewKeyboxProvisioningSession(
const std::string& keybox_device_key,
std::unique_ptr<ProvisioningSession>* new_session) const {
if (!impl_) return PROVISIONING_ENGINE_UNINITIALIZED;
if (!new_session) {
LOG(WARNING) << "|new_session| should not be a nullptr.";
return INTERNAL_ERROR;
}
SignedProvisioningMessage::ProtocolVersion protocol =
SignedProvisioningMessage::ARCPP_PROVISIONING;
auto factory = protocol_registry_.find(protocol);
if (factory == protocol_registry_.end()) {
LOG(WARNING) << "Provisioning protocol not supported (" << protocol << ")";
return INVALID_PROTOCOL;
}
std::unique_ptr<ProvisioningSessionImpl> session_impl;
ProvisioningStatus status = (factory->second)(*impl_, &session_impl);
if (status != OK) return status;
status = session_impl->Initialize(keybox_device_key);
if (status != OK) return status;
new_session->reset(new ProvisioningSession(std::move(session_impl)));
return OK;
}
@@ -106,7 +174,7 @@ ProvisioningStatus ProvisioningEngine::GenerateDeviceDrmCertificate(
// function which expect the input to be already validated.
std::unique_ptr<RsaPublicKey> rsa_public_key(
RsaPublicKey::Create(public_key));
if (!rsa_public_key) return INVALID_DEVICE_PUBLIC_KEY;
if (!rsa_public_key) return INVALID_DRM_DEVICE_PUBLIC_KEY;
if (serial_number.empty()) return INVALID_SERIAL_NUMBER;
const std::string empty_oem_ca_serial_number;

82
provisioning_sdk/public/provisioning_engine.h
View File

@@ -1,5 +1,5 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google Inc.
// Copyright 2016 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
@@ -10,16 +10,31 @@
#define PROVISIONING_SDK_PUBLIC_PROVISIONING_ENGINE_H_
#include <cstdint>
#include <functional>
#include <map>
#include <memory>
#include <string>
#include "provisioning_sdk/public/certificate_type.h"
#include "common/certificate_type.h"
#include "provisioning_sdk/public/provisioning_status.h"
#include "protos/public/certificate_provisioning.pb.h"
namespace widevine {
class ProvisioningEngineImpl;
class ProvisioningSession;
class ProvisioningSessionImpl;
// Session factory function used to implement third-party provisioning
// protocols.
// * |engine| is the ProvisioningEngineImpl which invokes the function.
// * |new_session| will point, on successful return, to the newly created
// ProvisioningSessionImpl.
// * Returns OK if successful, or an appropriate error status code otherwise.
typedef std::function<ProvisioningStatus(
const ProvisioningEngineImpl& engine,
std::unique_ptr<ProvisioningSessionImpl>* new_session)>
SessionFactory;
// Class which is used to implement a Widevine DRM device provisioning engine.
// There should be only one instance of ProvisioningEngine. The engine should
@@ -50,8 +65,7 @@ class ProvisioningEngine {
// derivation of Stable Per-Origin IDentifiers.
// * Returns OK on success, or an appropriate error status code otherwise.
ProvisioningStatus Initialize(
CertificateType certificate_type,
const std::string& service_drm_certificate,
CertificateType certificate_type, const std::string& service_drm_certificate,
const std::string& service_private_key,
const std::string& service_private_key_passphrase,
const std::string& provisioning_drm_certificate,
@@ -59,6 +73,14 @@ class ProvisioningEngine {
const std::string& provisioning_private_key_passphrase,
const std::string& secret_spoid_sauce);
// Third-party protocol registration method.
// * |protocol| is the provisioning protocol, as defined in the
// SignedProvisioningMessage message.
// * |session_factory| is the function which instantiates the appropriate
// ProvisioningSessionImpl object for the specified protocol.
void RegisterProtocol(SignedProvisioningMessage::ProtocolVersion protocol,
SessionFactory session_factory);
// Set the certificate status list for this engine.
// * |certificate_status_list| is a certificate status list generated by the
// Widevine Provisioning Service.
@@ -67,8 +89,7 @@ class ProvisioningEngine {
// (creation_time_seconds). Zero means it will never expire.
// * Returns OK on success, or an appropriate error status code otherwise.
virtual ProvisioningStatus SetCertificateStatusList(
const std::string& certificate_status_list,
uint32_t expiration_period_seconds);
const std::string& certificate_status_list, uint32_t expiration_period_seconds);
// Generate an intermediate DRM certificate.
// * |system_id| is the Widevine system ID for the type of device.
@@ -82,9 +103,7 @@ class ProvisioningEngine {
// engines, including this one, by invoking
// |AddIntermediatedrmcertificate| on all active ProvisioningEngine(s).
ProvisioningStatus GenerateDrmIntermediateCertificate(
uint32_t system_id,
const std::string& public_key,
std::string* certificate) const;
uint32_t system_id, const std::string& public_key, std::string* certificate) const;
// Add an intermediate DRM certificate to the provisioning engine. This is
// usually done once for each supported device type.
@@ -95,12 +114,13 @@ class ProvisioningEngine {
// if any.
// * Returns OK on success, or an appropriate error status code otherwise.
virtual ProvisioningStatus AddDrmIntermediateCertificate(
const std::string& intermediate_cert,
const std::string& cert_private_key,
const std::string& intermediate_cert, const std::string& cert_private_key,
const std::string& cert_private_key_passphrase);
// Create a session to handle a provisioning exchange between a client device
// and the provisioning server.
// Create a session to handle a certificate provisioning exchange between
// a client device and the provisioning server.
// * |protocol| is the protocol version for the session. If not sure, it
// probably ought to be |PROVISIONING_30|.
// * |device_public_key| is a DER-encoded PKCS#1.5 RSAPublicKey message which
// will used to create the DRM certificate to be provisioned onto the
// device.
@@ -114,8 +134,28 @@ class ProvisioningEngine {
// NOTE: All ProvisioningSession objects must be deleted before the
// ProvisioningEngine which created them.
virtual ProvisioningStatus NewProvisioningSession(
const std::string& device_public_key,
const std::string& device_private_key,
SignedProvisioningMessage::ProtocolVersion protocol,
const std::string& device_public_key, const std::string& device_private_key,
std::unique_ptr<ProvisioningSession>* new_session) const;
// This is the same as NewProvisioningSession above, but with outputs reversed
// To get around CLIF bug https://github.com/google/clif/issues/30.
std::unique_ptr<ProvisioningSession> NewProvisioningSession(
SignedProvisioningMessage::ProtocolVersion protocol,
const std::string& device_public_key, const std::string& device_private_key,
ProvisioningStatus* status) const;
// Create a session to handle a keybox provisioning exchange between
// a client device (e.g., ChromeOS) and the provisioning server.
// It would use ARCPP_PROVISIONING protocol.
// * |keybox_device_key| is the secret device key in the keybox.
// * |new_session| will point, on successful return, to the newly created
// ProvisioningSession.
// * Returns OK if successful, or an appropriate error status code otherwise.
// NOTE: All ProvisioningSession objects must be deleted before the
// ProvisioningEngine which created them.
virtual ProvisioningStatus NewKeyboxProvisioningSession(
const std::string& keybox_device_key,
std::unique_ptr<ProvisioningSession>* new_session) const;
// Generate a new device DRM certificate to be provisioned by means other than
@@ -133,13 +173,15 @@ class ProvisioningEngine {
// * |certificate| will contain, upon successful return the generated
// certificate.
// * Returns OK on success, or an appropriate error status code otherwise.
ProvisioningStatus GenerateDeviceDrmCertificate(
uint32_t system_id,
const std::string& public_key,
const std::string& serial_number,
std::string* certificate) const;
ProvisioningStatus GenerateDeviceDrmCertificate(uint32_t system_id,
const std::string& public_key,
const std::string& serial_number,
std::string* certificate) const;
private:
std::map<SignedProvisioningMessage::ProtocolVersion, SessionFactory>
protocol_registry_;
#ifndef SWIGPYTHON
ProvisioningEngine(const ProvisioningEngine&) = delete;
ProvisioningEngine& operator=(const ProvisioningEngine&) = delete;

4
provisioning_sdk/public/provisioning_engine_test.cc
View File

@@ -1,5 +1,5 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google Inc.
// Copyright 2016 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
@@ -8,7 +8,7 @@
#include "provisioning_sdk/public/provisioning_engine.h"
#include "gtest/gtest.h"
#include "testing/gunit.h"
namespace {
const int kSystemId = 100;

19
provisioning_sdk/public/provisioning_session.cc
View File

@@ -1,5 +1,5 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google Inc.
// Copyright 2016 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
@@ -12,10 +12,16 @@
#include "glog/logging.h"
#include "provisioning_sdk/internal/provisioning_session_impl.h"
#include "protos/public/device_certificate.pb.h"
#include "protos/public/drm_certificate.pb.h"
namespace widevine {
ProvisioningSession::ProvisioningSession(
std::unique_ptr<ProvisioningSessionImpl> impl)
: impl_(std::move(impl)) {
DCHECK(impl_);
}
ProvisioningSession::ProvisioningSession() {}
ProvisioningSession::~ProvisioningSession() {}
@@ -32,8 +38,7 @@ ProvisioningStatus ProvisioningSession::ProcessMessage(const std::string& messag
return INTERNAL_ERROR;
}
ProvisioningStatus status = impl_->ProcessMessage(message, response);
*done = true;
ProvisioningStatus status = impl_->ProcessMessage(message, response, done);
return status;
}
@@ -41,10 +46,4 @@ const ProvisionedDeviceInfo* ProvisioningSession::GetDeviceInfo() const {
return impl_->GetDeviceInfo();
}
ProvisioningSession::ProvisioningSession(
std::unique_ptr<ProvisioningSessionImpl> impl)
: impl_(std::move(impl)) {
DCHECK(impl_);
}
} // namespace widevine

5
provisioning_sdk/public/provisioning_session.h
View File

@@ -1,5 +1,5 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google Inc.
// Copyright 2016 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
@@ -29,7 +29,7 @@ class ProvisioningSession {
// * |response| will contain, upon successful return, a message to be sent
// back to the client device as a response to |message|.
// * |done| will indicate, upon successful return, whether the provisioning
// exchange is complete, and the ProvisioningSession can be deleted.
// exchange is complete.
// Returns OK if successful, or an appropriate error status code otherwise.
virtual ProvisioningStatus ProcessMessage(const std::string& message,
std::string* response,
@@ -49,6 +49,7 @@ class ProvisioningSession {
ProvisioningSession(const ProvisioningSession&) = delete;
ProvisioningSession& operator=(const ProvisioningSession&) = delete;
#endif
explicit ProvisioningSession(std::unique_ptr<ProvisioningSessionImpl> impl);
std::unique_ptr<ProvisioningSessionImpl> impl_;

19
provisioning_sdk/public/provisioning_status.cc
View File

@@ -1,5 +1,5 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google Inc.
// Copyright 2016 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
@@ -26,8 +26,8 @@ static const char* kProvisioningStatusMessage[] = {
"Invalid status list",
"Status list expired",
"Unknown system id",
"Invalid device public key",
"Invalid device private key",
"Invalid DRM device public key",
"Invalid DRM device private key",
"Invalid request message",
"Invalid MAC",
"Missing DRM intermediate certificate",
@@ -35,10 +35,19 @@ static const char* kProvisioningStatusMessage[] = {
"Device revoked",
"Invalid serial number",
"Internal error",
"Invalid SPOID secret sauce"
"Invalid SPOID secret sauce",
"Unsupported provisioning protocol",
"Invalid context key data",
"Provisioning context verification failed",
"Protocol error",
"Invalid keybox device key",
"Invalid session keys",
"Invalid pre-provisioning key",
"Missing pre-provisioning key",
"Remote attestation verification failure",
};
const char* GetProvisioningStatusMessage(ProvisioningStatus status) {
std::string GetProvisioningStatusMessage(ProvisioningStatus status) {
static_assert(
arraysize(kProvisioningStatusMessage) == NUM_PROVISIONING_STATUS,
"mismatching provisioning status message and provisioning status.");

23
provisioning_sdk/public/provisioning_status.h
View File

@@ -1,5 +1,5 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google Inc.
// Copyright 2016 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
@@ -9,6 +9,8 @@
#ifndef PROVISIONING_SDK_PUBLIC_PROVISIONING_STATUS_H_
#define PROVISIONING_SDK_PUBLIC_PROVISIONING_STATUS_H_
#include <string>
namespace widevine {
enum ProvisioningStatus {
@@ -16,8 +18,6 @@ enum ProvisioningStatus {
INVALID_CERTIFICATE_TYPE = 1,
PROVISIONING_ENGINE_UNINITIALIZED = 2,
INVALID_SERVICE_DRM_CERTIFICATE = 3,
// Invalid service private key or private key passphrase.
INVALID_SERVICE_PRIVATE_KEY = 4,
INVALID_PROVISIONER_DRM_CERTIFICATE = 5,
// Invalid provisioner private key or private key passphrase.
INVALID_PROVISIONER_PRIVATE_KEY = 6,
@@ -28,21 +28,30 @@ enum ProvisioningStatus {
INVALID_STATUS_LIST = 10,
STATUS_LIST_EXPIRED = 11,
UNKNOWN_SYSTEM_ID = 12,
INVALID_DEVICE_PUBLIC_KEY = 13,
INVALID_DEVICE_PRIVATE_KEY = 14,
INVALID_DRM_DEVICE_PUBLIC_KEY = 13,
INVALID_DRM_DEVICE_PRIVATE_KEY = 14,
INVALID_REQUEST_MESSAGE = 15,
INVALID_MAC = 16,
MISSING_DRM_INTERMEDIATE_CERT = 17,
MISSING_DEVICE_MODEL_CERT = 17,
DRM_DEVICE_CERTIFICATE_NOT_SET = 18,
DEVICE_REVOKED = 19,
INVALID_SERIAL_NUMBER = 20,
INTERNAL_ERROR = 21,
INVALID_SPOID_SAUCE = 22,
INVALID_PROTOCOL = 23,
INVALID_CONTEXT_KEY_DATA = 24,
INVALID_CONTEXT = 25,
PROTOCOL_ERROR = 26,
INVALID_KEYBOX_DEVICE_KEY = 27,
INVALID_SESSION_KEYS = 28,
INVALID_PREPROV_KEY = 29,
MISSING_PREPROV_KEY = 30,
REMOTE_ATTESTATION_VERIFICATION_FAILURE = 31,
NUM_PROVISIONING_STATUS,
};
// Returns the message std::string for the given ProvisioningStatus.
const char* GetProvisioningStatusMessage(ProvisioningStatus status);
std::string GetProvisioningStatusMessage(ProvisioningStatus status);
} // namespace widevine

6
provisioning_sdk/public/python/BUILD
View File

@@ -1,5 +1,5 @@
################################################################################
# Copyright 2016 Google Inc.
# Copyright 2016 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
@@ -69,7 +69,7 @@ py_test(
deps = [
":crypto_utility",
":test_data_utility",
"//protos/public:signed_device_certificate_py_pb2",
"//protos/public:signed_drm_certificate_py_pb2",
],
)
@@ -81,6 +81,6 @@ py_test(
":crypto_utility",
":test_data_utility",
"//protos/public:certificate_provisioning_py_pb2",
"//protos/public:signed_device_certificate_py_pb2",
"//protos/public:signed_drm_certificate_py_pb2",
],
)

27
provisioning_sdk/public/python/base.i
View File

@@ -1,27 +0,0 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google Inc.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
%include "std_string.i"
%include "typemaps.i"
%define %ignoreall %ignore ""; %enddef
%define %unignore %rename("%s") %enddef
%define %unignoreall %rename("%s") ""; %enddef
%define COPY_TYPEMAPS(oldtype, newtype)
typedef oldtype newtype;
%apply oldtype * OUTPUT { newtype * OUTPUT };
%apply oldtype & OUTPUT { newtype & OUTPUT };
%apply oldtype * INPUT { newtype * INPUT };
%apply oldtype & INPUT { newtype & INPUT };
%apply oldtype * INOUT { newtype * INOUT };
%apply oldtype & INOUT { newtype & INOUT };
%enddef
COPY_TYPEMAPS(int, int32_t);
COPY_TYPEMAPS(unsigned int, uint32_t);

28
provisioning_sdk/public/python/certificate_type.i
View File

@@ -1,28 +0,0 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google Inc.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
// Swig file to generate a Python library for:
// provisioning_sdk/public/certificate_type.h
%module pywrapcertificate_type
%include "base.i"
%{
#include "provisioning_sdk/public/certificate_type.h"
%}
%ignoreall
%unignore widevine;
%unignore widevine::CertificateType;
%unignore widevine::kCertTesting;
%unignore widevine::kCertDevelopment;
%include "provisioning_sdk/public/certificate_type.h"
%unignoreall

36
provisioning_sdk/public/python/certificate_type_setup.py Normal file
View File

@@ -0,0 +1,36 @@
################################################################################
# Copyright 2018 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
# widevine-licensing@google.com.
################################################################################
"""Installation file for the certificate_type module."""
import setup_common as common
import setuptools
if __name__ == '__main__':
setuptools.setup(
name='certificate_type',
ext_modules=[
setuptools.Extension(
name='certificate_type',
sources=[
'%s/certificate_type.cc' % common.WVCOMMON_SRC_DIR,
'%s/initcertificate_type.cc' % common.WVCOMMON_SRC_DIR,
'%s/clif/python/runtime.cc' % common.CLIF_PREFIX,
'%s/clif/python/slots.cc' % common.CLIF_PREFIX,
'%s/clif/python/types.cc' % common.CLIF_PREFIX,
],
include_dirs=[
common.SDK_ROOT_DIR, common.GEN_DIR, common.CLIF_PREFIX, '/'
],
extra_compile_args=['-std=c++11'],
library_dirs=[common.SDK_LIBRARY_DIR],
libraries=['provisioning_sdk'],
runtime_library_dirs=[common.SDK_LIBRARY_DIR],
install_requires=['enum34;python_version<"3.4"'],
),
],
)

3
provisioning_sdk/public/python/crypto_utility.py
View File

@@ -1,11 +1,10 @@
################################################################################
# Copyright 2016 Google Inc.
# Copyright 2016 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
# widevine-licensing@google.com.
################################################################################
"""Utility functions for cryptography."""
import logging

14
provisioning_sdk/public/python/drm_intermediate_certificate_test.py
View File

@@ -1,5 +1,5 @@
################################################################################
# Copyright 2016 Google Inc.
# Copyright 2016 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
@@ -8,15 +8,15 @@
import unittest
import pywrapprovisioning_engine
import pywrapprovisioning_status
import test_data_utility
from provisioning_engine import ProvisioningEngine
from provisioning_status import ProvisioningStatus
class AddDrmIntermediateTest(unittest.TestCase):
def setUp(self):
self._engine = pywrapprovisioning_engine.ProvisioningEngine()
self._engine = ProvisioningEngine()
test_data_utility.InitProvisionEngineWithTestData(
self._engine, verify_success=True)
@@ -30,7 +30,7 @@ class AddDrmIntermediateTest(unittest.TestCase):
def testSetCertificateStatusListInvalid(self):
set_cert_status_list = self._engine.SetCertificateStatusList(
'INVALID_STATUS_LIST', 0)
self.assertEqual(pywrapprovisioning_status.INVALID_STATUS_LIST,
self.assertEqual(ProvisioningStatus.INVALID_STATUS_LIST,
set_cert_status_list)
def testAddDrmIntermediateCertificateWithoutCertificateStatusList(self):
@@ -38,7 +38,7 @@ class AddDrmIntermediateTest(unittest.TestCase):
# certificate status list.
status = test_data_utility.AddDrmIntermediateCertificateWithTestData(
self._engine, 2001)
self.assertEqual(pywrapprovisioning_status.STATUS_LIST_EXPIRED, status)
self.assertEqual(ProvisioningStatus.STATUS_LIST_EXPIRED, status)
def testAddDrmIntermediateCertificateSystemIdInvalid(self):
test_data_utility.SetCertificateStatusListWithTestData(
@@ -47,7 +47,7 @@ class AddDrmIntermediateTest(unittest.TestCase):
# system_id 9999 is not in the sample certificate status list
add_ca_status = test_data_utility.AddDrmIntermediateCertificateWithTestData(
self._engine, 9999)
self.assertEqual(pywrapprovisioning_status.UNKNOWN_SYSTEM_ID, add_ca_status)
self.assertEqual(ProvisioningStatus.UNKNOWN_SYSTEM_ID, add_ca_status)
if __name__ == '__main__':

29
provisioning_sdk/public/python/engine_generate_certificate_test.py
View File

@@ -1,5 +1,5 @@
################################################################################
# Copyright 2016 Google Inc.
# Copyright 2016 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
@@ -8,19 +8,19 @@
import unittest
from certificate_type import CertificateType
import crypto_utility
import pywrapcertificate_type
import pywrapprovisioning_engine
import pywrapprovisioning_status
import test_data_provider
import test_data_utility
from protos.public import signed_device_certificate_pb2
from provisioning_engine import ProvisioningEngine
from provisioning_status import ProvisioningStatus
from protos.public import signed_drm_certificate_pb2
class EngineGenerateCertificateTest(unittest.TestCase):
def setUp(self):
self._engine = pywrapprovisioning_engine.ProvisioningEngine()
self._engine = ProvisioningEngine()
test_data_utility.InitProvisionEngineWithTestData(
self._engine, verify_success=True)
test_data_utility.SetCertificateStatusListWithTestData(
@@ -28,14 +28,14 @@ class EngineGenerateCertificateTest(unittest.TestCase):
test_data_utility.AddDrmIntermediateCertificateWithTestData(
self._engine, 2001, verify_success=True)
self._data_provider = test_data_provider.TestDataProvider(
pywrapcertificate_type.kCertTesting)
CertificateType.kCertificateTypeTesting)
def testSuccess(self):
status, signed_cert_string = self._engine.GenerateDeviceDrmCertificate(
2001, self._data_provider.device_public_key, 'DEVICE_SERIAL_NUMBER')
self.assertEqual(pywrapprovisioning_status.OK, status)
self.assertEqual(ProvisioningStatus.OK, status)
signed_cert = signed_device_certificate_pb2.SignedDrmDeviceCertificate()
signed_cert = signed_drm_certificate_pb2.SignedDrmCertificate()
signed_cert.ParseFromString(signed_cert_string)
crypto_utility.VerifySignature(self._data_provider.ca_public_key,
signed_cert.signature,
@@ -44,25 +44,24 @@ class EngineGenerateCertificateTest(unittest.TestCase):
def testEmptySerialNumber(self):
status, _ = self._engine.GenerateDeviceDrmCertificate(
2001, self._data_provider.device_public_key, '')
self.assertEqual(pywrapprovisioning_status.INVALID_SERIAL_NUMBER, status)
self.assertEqual(ProvisioningStatus.INVALID_SERIAL_NUMBER, status)
def testEmptyPublicKey(self):
status, _ = self._engine.GenerateDeviceDrmCertificate(
2001, '', 'DEVICE_SERIAL_NUMBER')
self.assertEqual(pywrapprovisioning_status.INVALID_DEVICE_PUBLIC_KEY,
status)
self.assertEqual(ProvisioningStatus.INVALID_DRM_DEVICE_PUBLIC_KEY, status)
def testInvalidPublicKey(self):
status, _ = self._engine.GenerateDeviceDrmCertificate(
2001, 'PUBLIC_KEY_MUST_BE_IN_DER_ENCODED_PKCS1_FORMAT',
'DEVICE_SERIAL_NUMBER')
self.assertEqual(pywrapprovisioning_status.INVALID_DEVICE_PUBLIC_KEY,
status)
self.assertEqual(ProvisioningStatus.INVALID_DRM_DEVICE_PUBLIC_KEY, status)
def testMissingIntermediateCertificate(self):
status, _ = self._engine.GenerateDeviceDrmCertificate(
2002, self._data_provider.device_public_key, 'DEVICE_SERIAL_NUMBER')
self.assertEqual(pywrapprovisioning_status.DEVICE_REVOKED, status)
self.assertEqual(ProvisioningStatus.UNKNOWN_SYSTEM_ID, status)
if __name__ == '__main__':
unittest.main()

91
provisioning_sdk/public/python/init_engine_test.py
View File

@@ -1,5 +1,5 @@
################################################################################
# Copyright 2016 Google Inc.
# Copyright 2016 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
@@ -8,83 +8,85 @@
import unittest
import pywrapcertificate_type
import pywrapprovisioning_engine
import pywrapprovisioning_status
from certificate_type import CertificateType
import test_data_provider
import test_data_utility
from provisioning_engine import ProvisioningEngine
from provisioning_status import ProvisioningStatus
from protos.public import certificate_provisioning_pb2
class InitEngineTest(unittest.TestCase):
def setUp(self):
self._engine = pywrapprovisioning_engine.ProvisioningEngine()
self._engine = ProvisioningEngine()
self._data_provider = test_data_provider.TestDataProvider(
pywrapcertificate_type.kCertTesting)
CertificateType.kCertificateTypeTesting)
self._prov30 = (
certificate_provisioning_pb2.SignedProvisioningMessage.PROVISIONING_30)
def testInitEngineSucceed(self):
test_data_utility.InitProvisionEngineWithTestData(
status = test_data_utility.InitProvisionEngineWithTestData(
self._engine, verify_success=True)
self.assertEqual(ProvisioningStatus.OK, status)
def testSetCertificateStatusListWithoutInit(self):
status = self._engine.SetCertificateStatusList('CERTIFICATE_STATUS_LIST',
3600)
self.assertEqual(
pywrapprovisioning_status.PROVISIONING_ENGINE_UNINITIALIZED, status)
self.assertEqual(ProvisioningStatus.PROVISIONING_ENGINE_UNINITIALIZED,
status)
def testGenerateDrmIntermediateCertificateWithoutInit(self):
status, _ = self._engine.GenerateDrmIntermediateCertificate(
100, 'INTERMEDIATE_PUBLIC_KEY')
self.assertEqual(
pywrapprovisioning_status.PROVISIONING_ENGINE_UNINITIALIZED, status)
self.assertEqual(ProvisioningStatus.PROVISIONING_ENGINE_UNINITIALIZED,
status)
def testAddDrmIntermediateCertificateWithoutInit(self):
status = self._engine.AddDrmIntermediateCertificate(
'INTERMEDIATE_CERTIFICATE', 'INTERMEDIATE_PRIVATE_KEY',
'INTERMEDIATE_PRIVATE_KEY_PASSPHRASE')
self.assertEqual(
pywrapprovisioning_status.PROVISIONING_ENGINE_UNINITIALIZED, status)
self.assertEqual(ProvisioningStatus.PROVISIONING_ENGINE_UNINITIALIZED,
status)
def testGenerateDeviceDrmCertificateWithoutInit(self):
status, _ = self._engine.GenerateDeviceDrmCertificate(
100, 'DEVICE_PUBLIC_KEY', 'DEVICE_SERIAL_NUMBER')
self.assertEqual(
pywrapprovisioning_status.PROVISIONING_ENGINE_UNINITIALIZED, status)
self.assertEqual(ProvisioningStatus.PROVISIONING_ENGINE_UNINITIALIZED,
status)
def testNewProvisioningSessionWithoutInit(self):
status, session = self._engine.NewProvisioningSession('DEVICE_PUBLIC_KEY',
'DEVICE_PRIVATE_KEY')
self.assertEqual(
pywrapprovisioning_status.PROVISIONING_ENGINE_UNINITIALIZED, status)
session, status = self._engine.NewProvisioningSession(
self._prov30, 'DEVICE_PUBLIC_KEY', 'DEVICE_PRIVATE_KEY')
self.assertEqual(ProvisioningStatus.PROVISIONING_ENGINE_UNINITIALIZED,
status)
self.assertIsNone(session)
def testInitEngineInvalidServiceDrmCert(self):
status = self._engine.Initialize(
pywrapcertificate_type.kCertTesting, 'INVALID_CERT',
CertificateType.kCertificateTypeTesting, 'INVALID_CERT',
self._data_provider.service_private_key,
self._data_provider.service_private_key_passphrase,
self._data_provider.provisioner_drm_cert,
self._data_provider.provisioner_private_key,
self._data_provider.provisioner_private_key_passphrase,
self._data_provider.provisioner_spoid_secret)
self.assertEqual(pywrapprovisioning_status.INVALID_SERVICE_DRM_CERTIFICATE,
status)
self.assertEqual(ProvisioningStatus.INVALID_SERVICE_DRM_CERTIFICATE, status)
def testInitEngineInvalidServicePrivateKey(self):
status = self._engine.Initialize(
pywrapcertificate_type.kCertTesting,
CertificateType.kCertificateTypeTesting,
self._data_provider.service_drm_cert, 'INVALID_KEY',
self._data_provider.service_private_key_passphrase,
self._data_provider.provisioner_drm_cert,
self._data_provider.provisioner_private_key,
self._data_provider.provisioner_private_key_passphrase,
self._data_provider.provisioner_spoid_secret)
self.assertEqual(pywrapprovisioning_status.INVALID_SERVICE_PRIVATE_KEY,
status)
self.assertEqual(ProvisioningStatus.INVALID_SERVICE_DRM_CERTIFICATE, status)
def testInitEngineWrongServicePrivateKey(self):
status = self._engine.Initialize(
pywrapcertificate_type.kCertTesting,
CertificateType.kCertificateTypeTesting,
self._data_provider.service_drm_cert,
self._data_provider.provisioner_private_key,
self._data_provider.service_private_key_passphrase,
@@ -92,48 +94,45 @@ class InitEngineTest(unittest.TestCase):
self._data_provider.provisioner_private_key,
self._data_provider.provisioner_private_key_passphrase,
self._data_provider.provisioner_spoid_secret)
self.assertEqual(pywrapprovisioning_status.INVALID_SERVICE_PRIVATE_KEY,
status)
self.assertEqual(ProvisioningStatus.INVALID_SERVICE_DRM_CERTIFICATE, status)
def testInitEngineInvalidServicePrivateKeyPassphrase(self):
status = self._engine.Initialize(
pywrapcertificate_type.kCertTesting,
CertificateType.kCertificateTypeTesting,
self._data_provider.service_drm_cert,
self._data_provider.service_private_key, 'INVALID_PASSPHRASE',
self._data_provider.provisioner_drm_cert,
self._data_provider.provisioner_private_key,
self._data_provider.provisioner_private_key_passphrase,
self._data_provider.provisioner_spoid_secret)
self.assertEqual(pywrapprovisioning_status.INVALID_SERVICE_PRIVATE_KEY,
status)
self.assertEqual(ProvisioningStatus.INVALID_SERVICE_DRM_CERTIFICATE, status)
def testInitEngineInvalidDrmCert(self):
status = self._engine.Initialize(
pywrapcertificate_type.kCertTesting,
CertificateType.kCertificateTypeTesting,
self._data_provider.service_drm_cert,
self._data_provider.service_private_key,
self._data_provider.service_private_key_passphrase, 'INVALID_CERT',
self._data_provider.provisioner_private_key,
self._data_provider.provisioner_private_key_passphrase,
self._data_provider.provisioner_spoid_secret)
self.assertEqual(
pywrapprovisioning_status.INVALID_PROVISIONER_DRM_CERTIFICATE, status)
self.assertEqual(ProvisioningStatus.INVALID_PROVISIONER_DRM_CERTIFICATE,
status)
def testInitEngineInvalidDrmPrivateKey(self):
status = self._engine.Initialize(
pywrapcertificate_type.kCertTesting,
CertificateType.kCertificateTypeTesting,
self._data_provider.service_drm_cert,
self._data_provider.service_private_key,
self._data_provider.service_private_key_passphrase,
self._data_provider.provisioner_drm_cert, 'INVALID_KEY',
self._data_provider.provisioner_private_key_passphrase,
self._data_provider.provisioner_spoid_secret)
self.assertEqual(pywrapprovisioning_status.INVALID_PROVISIONER_PRIVATE_KEY,
status)
self.assertEqual(ProvisioningStatus.INVALID_PROVISIONER_PRIVATE_KEY, status)
def testInitEngineWrongDrmPrivateKey(self):
status = self._engine.Initialize(
pywrapcertificate_type.kCertTesting,
CertificateType.kCertificateTypeTesting,
self._data_provider.service_drm_cert,
self._data_provider.service_private_key,
self._data_provider.service_private_key_passphrase,
@@ -141,32 +140,30 @@ class InitEngineTest(unittest.TestCase):
self._data_provider.service_private_key,
self._data_provider.provisioner_private_key_passphrase,
self._data_provider.provisioner_spoid_secret)
self.assertEqual(pywrapprovisioning_status.INVALID_PROVISIONER_PRIVATE_KEY,
status)
self.assertEqual(ProvisioningStatus.INVALID_PROVISIONER_PRIVATE_KEY, status)
def testInitEngineInvalidDrmPrivateKeyPassphrase(self):
status = self._engine.Initialize(
pywrapcertificate_type.kCertTesting,
CertificateType.kCertificateTypeTesting,
self._data_provider.service_drm_cert,
self._data_provider.service_private_key,
self._data_provider.service_private_key_passphrase,
self._data_provider.provisioner_drm_cert,
self._data_provider.provisioner_private_key_passphrase,
'INVALID_PASSPHRASE',
self._data_provider.provisioner_spoid_secret)
self.assertEqual(pywrapprovisioning_status.INVALID_PROVISIONER_PRIVATE_KEY,
status)
'INVALID_PASSPHRASE', self._data_provider.provisioner_spoid_secret)
self.assertEqual(ProvisioningStatus.INVALID_PROVISIONER_PRIVATE_KEY, status)
def testInitEngineInvalidSpoidSecret(self):
status = self._engine.Initialize(
pywrapcertificate_type.kCertTesting,
CertificateType.kCertificateTypeTesting,
self._data_provider.service_drm_cert,
self._data_provider.service_private_key,
self._data_provider.service_private_key_passphrase,
self._data_provider.provisioner_drm_cert,
self._data_provider.provisioner_private_key,
self._data_provider.provisioner_private_key_passphrase, '')
self.assertEqual(pywrapprovisioning_status.INVALID_SPOID_SAUCE, status)
self.assertEqual(ProvisioningStatus.INVALID_SPOID_SAUCE, status)
if __name__ == '__main__':
unittest.main()

65
provisioning_sdk/public/python/new_session_test.py
View File

@@ -1,5 +1,5 @@
################################################################################
# Copyright 2016 Google Inc.
# Copyright 2016 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
@@ -8,36 +8,38 @@
import unittest
from certificate_type import CertificateType
import crypto_utility
import pywrapcertificate_type
import pywrapprovisioning_engine
import pywrapprovisioning_status
import test_data_provider
import test_data_utility
from provisioning_engine import ProvisioningEngine
from provisioning_status import ProvisioningStatus
from protos.public import certificate_provisioning_pb2
from protos.public import signed_device_certificate_pb2
from protos.public import signed_drm_certificate_pb2
class NewSessionTest(unittest.TestCase):
def setUp(self):
self._engine = pywrapprovisioning_engine.ProvisioningEngine()
self._engine = ProvisioningEngine()
test_data_utility.InitProvisionEngineWithTestData(
self._engine, verify_success=True)
test_data_utility.SetCertificateStatusListWithTestData(
self._engine, 0, verify_success=True)
self._data_provider = test_data_provider.TestDataProvider(
pywrapcertificate_type.kCertTesting)
CertificateType.kCertificateTypeTesting)
self._prov30 = (
certificate_provisioning_pb2.SignedProvisioningMessage.PROVISIONING_30)
def testNewSessionSuccess(self):
test_data_utility.AddDrmIntermediateCertificateWithTestData(
self._engine, 2001, verify_success=True)
(_, new_session) = test_data_utility.NewProvisioningSessionWithTestData(
(new_session, _) = test_data_utility.NewProvisioningSessionWithTestData(
self._engine, verify_success=True)
(status, raw_response,
_) = new_session.ProcessMessage(self._data_provider.message)
test_data_utility.AssertSuccess(status, 'Failed to create session.')
(status, raw_response, _) = new_session.ProcessMessage(
self._data_provider.message)
assert ProvisioningStatus.OK == status
signed_request = test_data_utility.ConvertToSignedProvisioningMessage(
self._data_provider.message)
@@ -59,35 +61,44 @@ class NewSessionTest(unittest.TestCase):
def testProcessInvalidMessage(self):
test_data_utility.AddDrmIntermediateCertificateWithTestData(
self._engine, 2001, verify_success=True)
(_, new_session
) = test_data_utility.NewProvisioningSessionWithTestData(self._engine)
(new_session, _) = test_data_utility.NewProvisioningSessionWithTestData(
self._engine)
(status, _, _) = new_session.ProcessMessage('INVALID_MESSAGE')
self.assertEqual(pywrapprovisioning_status.INVALID_REQUEST_MESSAGE, status)
self.assertEqual(ProvisioningStatus.INVALID_REQUEST_MESSAGE, status)
def testNewSessionWithoutIntermediateCert(self):
(_, new_session) = test_data_utility.NewProvisioningSessionWithTestData(
(new_session, _) = test_data_utility.NewProvisioningSessionWithTestData(
self._engine, verify_success=True)
(status, _, _) = new_session.ProcessMessage(
self._data_provider.message)
self.assertEqual(pywrapprovisioning_status.MISSING_DRM_INTERMEDIATE_CERT,
(status, _, _) = new_session.ProcessMessage(self._data_provider.message)
self.assertEqual(ProvisioningStatus.MISSING_DEVICE_MODEL_CERT,
status)
def testNewSessionInvalidDevicePublicKey(self):
test_data_utility.AddDrmIntermediateCertificateWithTestData(
self._engine, 2001, verify_success=True)
(session_status, _) = self._engine.NewProvisioningSession(
'INVALID_PUBLIC_KEY', self._data_provider.device_private_key)
self.assertEqual(pywrapprovisioning_status.INVALID_DEVICE_PUBLIC_KEY,
(_, session_status) = self._engine.NewProvisioningSession(
self._prov30, 'INVALID_PUBLIC_KEY',
self._data_provider.device_private_key)
self.assertEqual(ProvisioningStatus.INVALID_DRM_DEVICE_PUBLIC_KEY,
session_status)
def testNewSessionInvalidDevicePrivateKey(self):
test_data_utility.AddDrmIntermediateCertificateWithTestData(
self._engine, 2001, verify_success=True)
(session_status, _) = self._engine.NewProvisioningSession(
self._data_provider.device_public_key, 'INVALID_PRIVATE_KEY')
self.assertEqual(pywrapprovisioning_status.INVALID_DEVICE_PRIVATE_KEY,
(_, session_status) = self._engine.NewProvisioningSession(
self._prov30, self._data_provider.device_public_key,
'INVALID_PRIVATE_KEY')
self.assertEqual(ProvisioningStatus.INVALID_DRM_DEVICE_PRIVATE_KEY,
session_status)
def testNewSessionInvalidProtocol(self):
test_data_utility.AddDrmIntermediateCertificateWithTestData(
self._engine, 2001, verify_success=True)
(_, session_status) = self._engine.NewProvisioningSession(
1234, self._data_provider.device_public_key,
self._data_provider.device_private_key)
self.assertEqual(ProvisioningStatus.INVALID_PROTOCOL, session_status)
def _VerifyMessageSignature(self, public_key, signed_response):
crypto_utility.VerifySignature(public_key, signed_response.signature,
signed_response.message)
@@ -99,11 +110,11 @@ class NewSessionTest(unittest.TestCase):
def _VerifyProvisioningResponse(self, request, response):
self.assertEqual(request.nonce, response.nonce)
signed_cert = signed_device_certificate_pb2.SignedDrmDeviceCertificate()
signed_cert = signed_drm_certificate_pb2.SignedDrmCertificate()
signed_cert.ParseFromString(response.device_certificate)
self._VerifyCertSignature(self._data_provider.ca_public_key,
signed_cert)
self._VerifyCertSignature(self._data_provider.ca_public_key, signed_cert)
if __name__ == '__main__':
unittest.main()

46
provisioning_sdk/public/python/provisioning_engine.clif Normal file
View File

@@ -0,0 +1,46 @@
################################################################################
# Copyright 2018 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
# widevine-licensing@google.com.
################################################################################
from "common/python/certificate_type.h" import *
from "provisioning_sdk/public/python/provisioning_status.h" import *
from "provisioning_sdk/public/python/provisioning_session.h" import *
from "protos/public/certificate_provisioning_pyclif.h" import *
from "provisioning_sdk/public/provisioning_engine.h":
namespace `widevine`:
class ProvisioningEngine:
def Initialize(self,
certificate_type: CertificateType,
service_certificate: bytes,
service_private_key: bytes,
service_private_key_passhprase: bytes,
provisioning_drm_certificate: bytes,
provisioning_private_key: bytes,
provisioning_private_key_passhprase: bytes,
secret_spoid_sauce: bytes) -> ProvisioningStatus
def SetCertificateStatusList(self,
certificate_status_list: bytes,
expiration_period_seconds: int) -> ProvisioningStatus
def GenerateDrmIntermediateCertificate(self,
system_id: int,
public_key: bytes) -> (status: ProvisioningStatus,
certificate: bytes)
def AddDrmIntermediateCertificate(self,
intermediate_cert: bytes,
cert_private_key: bytes,
cert_private_key_passhprase: bytes) -> ProvisioningStatus
def NewProvisioningSession(self,
protocol: SignedProvisioningMessage.ProtocolVersion,
device_public_key: bytes,
device_private_key: bytes) -> (new_session: ProvisioningSession,
status: ProvisioningStatus)
def GenerateDeviceDrmCertificate(self,
system_id: int,
public_key: bytes,
serial_number: bytes) -> (status: ProvisioningStatus,
certificate: bytes)

46
provisioning_sdk/public/python/provisioning_engine.i
View File

@@ -1,46 +0,0 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google Inc.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
// Swig file to generate a Python library for:
// provisioning_sdk/public/provisioning_engine.h
%module pywrapprovisioning_engine
%include "base.i"
%include "unique_ptr.i"
%import(module="pywrapprovisioning_session") "provisioning_sdk/public/python/provisioning_session.i"
UNIQUE_PTR_ARGOUT(widevine::ProvisioningSession, new_session);
%apply int { CertificateType, ProvisioningStatus };
%apply std::string* OUTPUT { std::string* certificate };
%{
#include "provisioning_sdk/public/provisioning_engine.h"
#include "provisioning_sdk/public/provisioning_session.h"
using namespace widevine;
%}
%ignoreall
%unignore widevine;
%unignore widevine::ProvisioningSession;
%unignore widevine::ProvisioningEngine;
%unignore widevine::ProvisioningEngine::ProvisioningEngine;
%unignore widevine::ProvisioningEngine::~ProvisioningEngine;
%unignore widevine::ProvisioningEngine::SetCertificateStatusList;
%unignore widevine::ProvisioningEngine::Initialize;
%unignore widevine::ProvisioningEngine::GenerateDrmIntermediateCertificate;
%unignore widevine::ProvisioningEngine::AddDrmIntermediateCertificate;
%unignore widevine::ProvisioningEngine::NewProvisioningSession;
%unignore widevine::ProvisioningEngine::GenerateDeviceDrmCertificate;
%include "provisioning_sdk/public/provisioning_engine.h"
%unignoreall

47
provisioning_sdk/public/python/provisioning_engine_setup.py Normal file
View File

@@ -0,0 +1,47 @@
################################################################################
# Copyright 2018 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
# widevine-licensing@google.com.
################################################################################
"""Installation file for the provisioning_engine module."""
import certificate_type
import provisioning_session
import provisioning_status
import setup_common as common
import setuptools
if __name__ == '__main__':
setuptools.setup(
name='provisioning_engine',
ext_modules=[
setuptools.Extension(
name='provisioning_engine',
sources=[
'%s/provisioning_engine.cc' % common.SDK_SRC_DIR,
'%s/initprovisioning_engine.cc' % common.SDK_SRC_DIR,
'%s/clif/python/pyproto.cc' % common.CLIF_PREFIX,
'%s/clif/python/runtime.cc' % common.CLIF_PREFIX,
'%s/clif/python/slots.cc' % common.CLIF_PREFIX,
'%s/clif/python/types.cc' % common.CLIF_PREFIX,
'%s/certificate_provisioning_pyclif.cc' %
common.WVPROTO_SRC_DIR,
],
include_dirs=[
common.SDK_ROOT_DIR, common.GEN_DIR, common.CLIF_PREFIX, '/'
],
extra_compile_args=['-std=c++11'],
library_dirs=[common.SDK_LIBRARY_DIR],
libraries=['provisioning_sdk', 'protobuf'],
runtime_library_dirs=[common.SDK_LIBRARY_DIR],
install_requires=['enum34;python_version<"3.4"'],
extra_objects=[
certificate_type.__file__,
provisioning_status.__file__,
provisioning_session.__file__,
],
),
],
)

16
provisioning_sdk/public/python/provisioning_session.clif Normal file
View File

@@ -0,0 +1,16 @@
################################################################################
# Copyright 2018 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
# widevine-licensing@google.com.
################################################################################
from "provisioning_sdk/public/python/provisioning_status.h" import *
from "provisioning_sdk/public/provisioning_session.h":
namespace `widevine`:
class ProvisioningSession:
def ProcessMessage(self, message: bytes) -> (status: ProvisioningStatus,
response: bytes,
done: bool)

37
provisioning_sdk/public/python/provisioning_session.i
View File

@@ -1,37 +0,0 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google Inc.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
// Swig file to generate a Python library for:
// provisioning_sdk/public/provisioning_session.h
%module pywrapprovisioning_session
%include "base.i"
%apply bool* OUTPUT { bool* done };
%apply int { ProvisioningStatus };
%apply std::string* OUTPUT { std::string* response };
%{
#include "provisioning_sdk/public/provisioning_session.h"
using namespace widevine;
%}
%ignoreall
%unignore widevine;
%unignore widevine::ProvisioningSession;
%unignore widevine::ProvisioningSession::~ProvisioningSession;
%unignore widevine::ProvisioningSession::ProcessMessage;
%include "provisioning_sdk/public/provisioning_session.h"
%unignoreall

38
provisioning_sdk/public/python/provisioning_session_setup.py Normal file
View File

@@ -0,0 +1,38 @@
################################################################################
# Copyright 2018 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
# widevine-licensing@google.com.
################################################################################
"""Installation file for the provisioning_session module."""
import provisioning_status
import setup_common as common
import setuptools
if __name__ == '__main__':
setuptools.setup(
name='provisioning_session',
ext_modules=[
setuptools.Extension(
name='provisioning_session',
sources=[
'%s/provisioning_session.cc' % common.SDK_SRC_DIR,
'%s/initprovisioning_session.cc' % common.SDK_SRC_DIR,
'%s/clif/python/runtime.cc' % common.CLIF_PREFIX,
'%s/clif/python/slots.cc' % common.CLIF_PREFIX,
'%s/clif/python/types.cc' % common.CLIF_PREFIX,
],
include_dirs=[
common.SDK_ROOT_DIR, common.GEN_DIR, common.CLIF_PREFIX, '/'
],
extra_compile_args=['-std=c++11'],
library_dirs=[common.SDK_LIBRARY_DIR],
libraries=['provisioning_sdk'],
runtime_library_dirs=[common.SDK_LIBRARY_DIR],
install_requires=['enum34;python_version<"3.4"'],
extra_objects=[provisioning_status.__file__],
),
],
)

12
provisioning_sdk/public/python/provisioning_status.clif Normal file
View File

@@ -0,0 +1,12 @@
################################################################################
# Copyright 2018 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
# widevine-licensing@google.com.
################################################################################
from "provisioning_sdk/public/provisioning_status.h":
namespace `widevine`:
enum ProvisioningStatus
def GetProvisioningStatusMessage(status: ProvisioningStatus) -> str

44
provisioning_sdk/public/python/provisioning_status.i
View File

@@ -1,44 +0,0 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google Inc.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
// Swig file to generate a Python library for:
// provisioning_sdk/public/provisioning_status.h
%module pywrapprovisioning_status
%include "base.i"
%{
#include "provisioning_sdk/public/provisioning_status.h"
%}
%ignoreall
%unignore widevine;
%unignore widevine::ProvisioningStatus;
%unignore widevine::OK;
%unignore widevine::PROVISIONING_ENGINE_UNINITIALIZED;
%unignore widevine::INVALID_SERVICE_DRM_CERTIFICATE;
%unignore widevine::INVALID_SERVICE_PRIVATE_KEY;
%unignore widevine::INVALID_PROVISIONER_DRM_CERTIFICATE;
%unignore widevine::INVALID_PROVISIONER_PRIVATE_KEY;
%unignore widevine::INVALID_STATUS_LIST;
%unignore widevine::STATUS_LIST_EXPIRED;
%unignore widevine::UNKNOWN_SYSTEM_ID;
%unignore widevine::INVALID_DEVICE_PUBLIC_KEY;
%unignore widevine::INVALID_DEVICE_PRIVATE_KEY;
%unignore widevine::INVALID_REQUEST_MESSAGE;
%unignore widevine::MISSING_DRM_INTERMEDIATE_CERT;
%unignore widevine::DEVICE_REVOKED;
%unignore widevine::INVALID_SERIAL_NUMBER;
%unignore widevine::INVALID_SPOID_SAUCE;
%unignore widevine::GetProvisioningStatusMessage;
%include "provisioning_sdk/public/provisioning_status.h"
%unignoreall

36
provisioning_sdk/public/python/provisioning_status_setup.py Normal file
View File

@@ -0,0 +1,36 @@
################################################################################
# Copyright 2018 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
# widevine-licensing@google.com.
################################################################################
"""Installation file for the provisioning_status module."""
import setup_common as common
import setuptools
if __name__ == '__main__':
setuptools.setup(
name='provisioning_status',
ext_modules=[
setuptools.Extension(
name='provisioning_status',
sources=[
'%s/provisioning_status.cc' % common.SDK_SRC_DIR,
'%s/initprovisioning_status.cc' % common.SDK_SRC_DIR,
'%s/clif/python/runtime.cc' % common.CLIF_PREFIX,
'%s/clif/python/slots.cc' % common.CLIF_PREFIX,
'%s/clif/python/types.cc' % common.CLIF_PREFIX,
],
include_dirs=[
common.SDK_ROOT_DIR, common.GEN_DIR, common.CLIF_PREFIX, '/'
],
extra_compile_args=['-std=c++11'],
library_dirs=[common.SDK_LIBRARY_DIR],
libraries=['provisioning_sdk'],
runtime_library_dirs=[common.SDK_LIBRARY_DIR],
install_requires=['enum34;python_version<"3.4"'],
),
],
)

10
provisioning_sdk/public/python/set_certificate_status_list_test.py
View File

@@ -1,5 +1,5 @@
################################################################################
# Copyright 2016 Google Inc.
# Copyright 2016 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
@@ -8,15 +8,15 @@
import unittest
import pywrapprovisioning_engine
import pywrapprovisioning_status
import test_data_utility
from provisioning_engine import ProvisioningEngine
from provisioning_status import ProvisioningStatus
class SetCertificateStatusListTest(unittest.TestCase):
def setUp(self):
self._engine = pywrapprovisioning_engine.ProvisioningEngine()
self._engine = ProvisioningEngine()
test_data_utility.InitProvisionEngineWithTestData(
self._engine, verify_success=True)
@@ -27,7 +27,7 @@ class SetCertificateStatusListTest(unittest.TestCase):
def testSetCertificateStatusListInvalid(self):
set_cert_status_list = self._engine.SetCertificateStatusList(
'INVALID_STATUS_LIST', 0)
self.assertEqual(pywrapprovisioning_status.INVALID_STATUS_LIST,
self.assertEqual(ProvisioningStatus.INVALID_STATUS_LIST,
set_cert_status_list)

62
provisioning_sdk/public/python/setup.py
View File

@@ -1,62 +0,0 @@
################################################################################
# Copyright 2016 Google Inc.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
# widevine-licensing@google.com.
################################################################################
"""setup script to build Python wrappers using swig configurations."""
import os
from distutils import core
OUT_DIRNAME = 'test_genfiles'
def GetSdkRootDir():
"""Obtains folder containing |OUT_DIRNAME| that is considered as root dir."""
current_dir = os.path.realpath(os.path.dirname(__file__))
while not os.path.isdir(os.path.join(current_dir, OUT_DIRNAME)):
current_dir = os.path.dirname(current_dir)
return current_dir
SDK_ROOT_DIR = GetSdkRootDir()
SWIG_CONFIG_FILE = os.path.join(SDK_ROOT_DIR, OUT_DIRNAME, '%s.i')
SWIG_CONFIG_MODULE_PATH = OUT_DIRNAME + '.%s'
SDK_LIBRARY_DIR = os.path.join(SDK_ROOT_DIR, 'bazel-bin', 'provisioning_sdk',
'public')
def ProvisioningSwigExtension(extension_name):
return core.Extension(
name=SWIG_CONFIG_MODULE_PATH % ('_pywrap' + extension_name),
sources=[SWIG_CONFIG_FILE % extension_name],
include_dirs=[SDK_ROOT_DIR],
swig_opts=['-c++'],
library_dirs=[SDK_ROOT_DIR, SDK_LIBRARY_DIR],
runtime_library_dirs=[SDK_ROOT_DIR, SDK_LIBRARY_DIR],
libraries=['provisioning_sdk'],
extra_compile_args=['-std=c++11'])
if __name__ == '__main__':
os.chdir(SDK_ROOT_DIR)
core.setup(
name='provisioning_sdk',
ext_modules=[
ProvisioningSwigExtension('certificate_type'),
ProvisioningSwigExtension('provisioning_status'),
ProvisioningSwigExtension('provisioning_session'),
ProvisioningSwigExtension('provisioning_engine')
],
py_modules=[
SWIG_CONFIG_MODULE_PATH % 'pywrapcertificate_type',
SWIG_CONFIG_MODULE_PATH % 'pywarpprovisioning_status',
SWIG_CONFIG_MODULE_PATH % 'pywrapprovisioning_session',
SWIG_CONFIG_MODULE_PATH % 'pywrapprovisioning_engine'
])

34
provisioning_sdk/public/python/setup_common.py Normal file
View File

@@ -0,0 +1,34 @@
################################################################################
# Copyright 2018 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
# widevine-licensing@google.com.
################################################################################
"""Common definitions for Provisioning SDK python setup files."""
import os
GEN_DIRNAME = 'test_genfiles'
def _GetSdkRootDir():
"""Obtains folder containing |GEN_DIRNAME| that is considered as root dir."""
current_dir = os.path.realpath(os.path.dirname(__file__))
while not os.path.isdir(os.path.join(current_dir, GEN_DIRNAME)):
current_dir = os.path.dirname(current_dir)
os.chdir(current_dir)
return current_dir
SDK_ROOT_DIR = _GetSdkRootDir()
GEN_DIR = '%s/%s' % (SDK_ROOT_DIR, GEN_DIRNAME)
SDK_LIBRARY_DIR = os.path.join(SDK_ROOT_DIR, 'bazel-bin', 'provisioning_sdk',
'public')
CLIF_PREFIX = os.environ['CLIF_PREFIX']
BUILD_DIR = os.environ['PYEXT_BUILD_DIR']
WVCOMMON_SRC_DIR = '%s/common/python' % GEN_DIR
WVPROTO_SRC_DIR = '%s/protos/public' % GEN_DIR
SDK_SRC_DIR = '%s/provisioning_sdk/public/python' % GEN_DIR

29
provisioning_sdk/public/python/test_data_provider.py
View File

@@ -1,16 +1,14 @@
################################################################################
# Copyright 2017 Google Inc.
# Copyright 2017 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
# widevine-licensing@google.com.
################################################################################
"""Class that provides test data for Provisioning SDK testing."""
import os
import pywrapcertificate_type
from certificate_type import CertificateType
_TEST_CERT_DATA_FOLDER = os.path.join('example', 'example_data')
_DEV_CERT_DATA_FOLDER = os.path.join('example', 'dev_cert_example_data')
@@ -21,24 +19,27 @@ class TestDataProvider(object):
def __init__(self, cert_type):
"""Initializes the TestData for Provisioning SDK tests."""
assert (cert_type in (
pywrapcertificate_type.kCertDevelopment,
pywrapcertificate_type.kCertTesting))
assert (cert_type in (CertificateType.kCertificateTypeDevelopment,
CertificateType.kCertificateTypeTesting))
self._cert_type = cert_type
def _GetTestData(self, filename):
"""Helps read test data files such as certs and keys for SDK testing."""
current_dir = os.path.realpath(os.path.dirname(__file__))
if self._cert_type == pywrapcertificate_type.kCertDevelopment:
if self._cert_type == CertificateType.kCertificateTypeDevelopment:
subfolder_path = _DEV_CERT_DATA_FOLDER
elif self._cert_type == pywrapcertificate_type.kCertTesting:
elif self._cert_type == CertificateType.kCertificateTypeTesting:
subfolder_path = _TEST_CERT_DATA_FOLDER
while not os.path.isdir(os.path.join(current_dir, subfolder_path)):
current_dir = os.path.dirname(current_dir)
filename = os.path.join(current_dir, subfolder_path, filename)
with open(filename, 'rb') as data_file:
data = data_file.read()
return data
try:
with open(filename, 'r') as data_file:
data = data_file.read()
return data
except IOError:
print 'TestDataProvider: Failed to read \'%s\'' % filename
return None
@property
def service_drm_cert(self):
@@ -86,11 +87,11 @@ class TestDataProvider(object):
@property
def device_public_key(self):
return self._GetTestData('user.public')
return self._GetTestData('device.public')
@property
def device_private_key(self):
return self._GetTestData('user.private')
return self._GetTestData('device.private')
@property
def message(self):

95
provisioning_sdk/public/python/test_data_utility.py
View File

@@ -1,64 +1,69 @@
################################################################################
# Copyright 2016 Google Inc.
# Copyright 2016 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
# widevine-licensing@google.com.
################################################################################
"""Utility class for Provisioning SDK testing."""
import logging
import pywrapcertificate_type
import pywrapprovisioning_status
from certificate_type import CertificateType
import test_data_provider
from provisioning_status import ProvisioningStatus
from protos.public import certificate_provisioning_pb2
logging.basicConfig(level=logging.DEBUG)
def InitProvisionEngineWithTestData(
engine, verify_success=False,
cert_type=pywrapcertificate_type.kCertTesting):
engine,
verify_success=False,
cert_type=CertificateType.kCertificateTypeTesting):
"""Initialize the provisioning engine with sample credentials.
Args:
engine: a pywrapprovisioning_engine.ProvisioningEngine instance
engine: a ProvisioningEngine instance
verify_success: whether to verify that resulting status code equals OK
cert_type: The type of certificate to use for initializing SDK -
{kCertTesting/kCertDevelopment}
{kCertificateTypeTesting/kCertificateTypeDevelopment}
Returns:
OK on success, or an appropriate error status code otherwise.
"""
logging.info('Initializing provisioning engine with test data.')
data_provider = test_data_provider.TestDataProvider(cert_type)
status = engine.Initialize(cert_type,
data_provider.service_drm_cert,
logging.info('Adding service certificate.')
logging.info('Initializing provisioning engine with test data.')
status = engine.Initialize(cert_type, data_provider.service_drm_cert,
data_provider.service_private_key,
data_provider.service_private_key_passphrase,
data_provider.provisioner_drm_cert,
data_provider.provisioner_private_key,
data_provider.provisioner_private_key_passphrase,
data_provider.provisioner_spoid_secret)
if verify_success:
AssertSuccess(status, 'Failed to initialize.')
assert ProvisioningStatus.OK == status
return status
def SetCertificateStatusListWithTestData(
engine, expiration_period_seconds, verify_success=False,
cert_type=pywrapcertificate_type.kCertTesting):
engine,
expiration_period_seconds,
verify_success=False,
cert_type=CertificateType.kCertificateTypeTesting):
"""Set the certificate status list with sample certificate status list.
Args:
engine: a pywrapprovisioning_engine.ProvisioningEngine instance
engine: a ProvisioningEngine instance
expiration_period_seconds: number of seconds until certificate_status_list
expires after its creation time
verify_success: whether to verify that resulting status code equals OK
cert_type: The type of certificate to use for initializing SDK -
{kCertTesting/kCertDevelopment}
{kCertificateTypeTesting/kCertificateTypeDevelopment}
Returns:
OK on success, or an appropriate error status code otherwise.
@@ -71,14 +76,16 @@ def SetCertificateStatusListWithTestData(
expiration_period_seconds)
if verify_success:
AssertSuccess(status, 'Failed to set certificate status list.')
assert ProvisioningStatus.OK == status
return status
def AddDrmIntermediateCertificateWithTestData(
engine, system_id, verify_success=False,
cert_type=pywrapcertificate_type.kCertTesting):
engine,
system_id,
verify_success=False,
cert_type=CertificateType.kCertificateTypeTesting):
"""Generate an intermediate DRM cert and add it to provisioning engine.
The intermediate DRM certificate is generated with sample public key and
@@ -86,21 +93,21 @@ def AddDrmIntermediateCertificateWithTestData(
passphrase.
Args:
engine: a pywrapprovisioning_engine.ProvisioningEngine instance
engine: a ProvisioningEngine instance
system_id: Widevine system ID for the type of device
verify_success: whether to verify that resulting status code equals OK
cert_type: The type of certificate to use for initializing SDK -
{kCertTesting/kCertDevelopment}
{kCertificateTypeTesting/kCertificateTypeDevelopment}
Returns:
OK on success, or an appropriate error status code otherwise.
"""
logging.info(
'Generating DRM intermediate certificate for system_id <%d>.', system_id)
logging.info('Generating DRM intermediate certificate for system_id <%d>.',
system_id)
data_provider = test_data_provider.TestDataProvider(cert_type)
gen_status, ca_certificate = engine.GenerateDrmIntermediateCertificate(
system_id, data_provider.ca_public_key)
AssertSuccess(gen_status, 'Failed to generate intermediate certificate.')
assert ProvisioningStatus.OK == gen_status
logging.info('Adding DRM intermediate certificate.')
add_ca_status = engine.AddDrmIntermediateCertificate(
@@ -108,23 +115,26 @@ def AddDrmIntermediateCertificateWithTestData(
data_provider.ca_private_key_passphrase)
if verify_success:
AssertSuccess(add_ca_status, 'Failed to add intermediate certificate.')
assert ProvisioningStatus.OK == add_ca_status
return add_ca_status
def GenerateDeviceDrmCertificate(engine, system_id, serial_number,
verify_success=False,
cert_type=pywrapcertificate_type.kCertTesting):
def GenerateDeviceDrmCertificate(
engine,
system_id,
serial_number,
verify_success=False,
cert_type=CertificateType.kCertificateTypeTesting):
"""Generate a device DRM certificate.
Args:
engine: a pywrapprovisioning_engine.ProvisioningEngine instance
engine: a ProvisioningEngine instance
system_id: Widevine system ID for the type of device
serial_number: The serial number for the device DRM certificate.
verify_success: whether to verify that resulting status code equals OK
cert_type: The type of certificate to use for initializing SDK -
{kCertTesting/kCertDevelopment}
{kCertificateTypeTesting/kCertificateTypeDevelopment}
Returns:
OK on success, or an appropriate error status code otherwise.
@@ -136,39 +146,36 @@ def GenerateDeviceDrmCertificate(engine, system_id, serial_number,
gen_status, ca_certificate = engine.GenerateDeviceDrmCertificate(
system_id, data_provider.device_public_key, serial_number)
if verify_success:
AssertSuccess(gen_status, 'Failed to generate device DRM certificate.')
assert ProvisioningStatus.OK == gen_status
return ca_certificate
def NewProvisioningSessionWithTestData(
engine, verify_success=False,
cert_type=pywrapcertificate_type.kCertTesting):
engine,
verify_success=False,
cert_type=CertificateType.kCertificateTypeTesting):
"""Create a provisioning session with sample device public and private keys.
Args:
engine: a pywrapprovisioning_engine.ProvisioningEngine instance
engine: a ProvisioningEngine instance
verify_success: whether to verify that resulting status code equals OK
cert_type: The type of certificate to use for initializing SDK -
{kCertTesting/kCertDevelopment}
{kCertificateTypeTesting/kCertificateTypeDevelopment}
Returns:
status: OK on success, or an appropriate error status code otherwise.
new_session: A new provisioning_session.
status: OK on success, or an appropriate error status code otherwise.
"""
logging.info('Starting a new provisioning session with'
'sample device public and private keys.')
data_provider = test_data_provider.TestDataProvider(cert_type)
status, new_session = engine.NewProvisioningSession(
new_session, status = engine.NewProvisioningSession(
certificate_provisioning_pb2.SignedProvisioningMessage.PROVISIONING_30,
data_provider.device_public_key, data_provider.device_private_key)
if verify_success:
AssertSuccess(status, 'Failed to create session.')
assert (ProvisioningStatus.OK == status), 'status = %r' % status
return status, new_session
def AssertSuccess(status, message=None):
"""Assert status equals OK."""
assert pywrapprovisioning_status.OK == status, message
return new_session, status
def ConvertToSignedProvisioningMessage(serialized_message):

51
provisioning_sdk/public/python/unique_ptr.i
View File

@@ -1,51 +0,0 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google Inc.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
namespace std {
template <class T> class unique_ptr {};
}
%define _UNIQUE_PTR_TEMPLATE(type)
template <> class std::unique_ptr <type> {};
%enddef
%define UNIQUE_PTR(type)
_UNIQUE_PTR_TEMPLATE(type);
%typemap(out) std::unique_ptr<type> %{
$result = SWIG_NewPointerObj(
SWIG_as_voidptr($1.release()), $descriptor(type*), SWIG_POINTER_OWN);
%}
%enddef
%define UNIQUE_PTR_WITH_ERROR(type, err_str)
_UNIQUE_PTR_TEMPLATE(type);
%typemap(out) std::unique_ptr<type> %{
if ($1) {
$result = SWIG_NewPointerObj(
SWIG_as_voidptr($1.release()), $descriptor(type*), SWIG_POINTER_OWN);
} else {
SWIG_exception(SWIG_ValueError, err_str);
}
%}
%enddef
%define UNIQUE_PTR_ARGOUT(type, arg_name)
_UNIQUE_PTR_TEMPLATE(type)
%typemap(in, numinputs=0) std::unique_ptr<type>* arg_name
(std::unique_ptr<type> temp) %{
$1 = &temp;
%}
%typemap(argout) std::unique_ptr<type>* arg_name %{
%append_output(SWIG_NewPointerObj(SWIG_as_voidptr($1->release()),
$descriptor(type*), SWIG_POINTER_OWN));
%}
%enddef