Refactor and cleanup codes. No functional changes.
This commit is contained in:
KongQun Yang
@@ -1,5 +1,5 @@
|
||||
////////////////////////////////////////////////////////////////////////////////
|
||||
// Copyright 2016 Google Inc.
|
||||
// Copyright 2016 Google LLC.
|
||||
//
|
||||
// This software is licensed under the terms defined in the Widevine Master
|
||||
// License Agreement. For a copy of this agreement, please contact
|
||||
@@ -10,16 +10,31 @@
|
||||
#define PROVISIONING_SDK_PUBLIC_PROVISIONING_ENGINE_H_
|
||||
|
||||
#include <cstdint>
|
||||
#include <functional>
|
||||
#include <map>
|
||||
#include <memory>
|
||||
#include <string>
|
||||
|
||||
#include "provisioning_sdk/public/certificate_type.h"
|
||||
#include "common/certificate_type.h"
|
||||
#include "provisioning_sdk/public/provisioning_status.h"
|
||||
#include "protos/public/certificate_provisioning.pb.h"
|
||||
|
||||
namespace widevine {
|
||||
|
||||
class ProvisioningEngineImpl;
|
||||
class ProvisioningSession;
|
||||
class ProvisioningSessionImpl;
|
||||
|
||||
// Session factory function used to implement third-party provisioning
|
||||
// protocols.
|
||||
// * |engine| is the ProvisioningEngineImpl which invokes the function.
|
||||
// * |new_session| will point, on successful return, to the newly created
|
||||
// ProvisioningSessionImpl.
|
||||
// * Returns OK if successful, or an appropriate error status code otherwise.
|
||||
typedef std::function<ProvisioningStatus(
|
||||
const ProvisioningEngineImpl& engine,
|
||||
std::unique_ptr<ProvisioningSessionImpl>* new_session)>
|
||||
SessionFactory;
|
||||
|
||||
// Class which is used to implement a Widevine DRM device provisioning engine.
|
||||
// There should be only one instance of ProvisioningEngine. The engine should
|
||||
@@ -50,8 +65,7 @@ class ProvisioningEngine {
|
||||
// derivation of Stable Per-Origin IDentifiers.
|
||||
// * Returns OK on success, or an appropriate error status code otherwise.
|
||||
ProvisioningStatus Initialize(
|
||||
CertificateType certificate_type,
|
||||
const std::string& service_drm_certificate,
|
||||
CertificateType certificate_type, const std::string& service_drm_certificate,
|
||||
const std::string& service_private_key,
|
||||
const std::string& service_private_key_passphrase,
|
||||
const std::string& provisioning_drm_certificate,
|
||||
@@ -59,6 +73,14 @@ class ProvisioningEngine {
|
||||
const std::string& provisioning_private_key_passphrase,
|
||||
const std::string& secret_spoid_sauce);
|
||||
|
||||
// Third-party protocol registration method.
|
||||
// * |protocol| is the provisioning protocol, as defined in the
|
||||
// SignedProvisioningMessage message.
|
||||
// * |session_factory| is the function which instantiates the appropriate
|
||||
// ProvisioningSessionImpl object for the specified protocol.
|
||||
void RegisterProtocol(SignedProvisioningMessage::ProtocolVersion protocol,
|
||||
SessionFactory session_factory);
|
||||
|
||||
// Set the certificate status list for this engine.
|
||||
// * |certificate_status_list| is a certificate status list generated by the
|
||||
// Widevine Provisioning Service.
|
||||
@@ -67,8 +89,7 @@ class ProvisioningEngine {
|
||||
// (creation_time_seconds). Zero means it will never expire.
|
||||
// * Returns OK on success, or an appropriate error status code otherwise.
|
||||
virtual ProvisioningStatus SetCertificateStatusList(
|
||||
const std::string& certificate_status_list,
|
||||
uint32_t expiration_period_seconds);
|
||||
const std::string& certificate_status_list, uint32_t expiration_period_seconds);
|
||||
|
||||
// Generate an intermediate DRM certificate.
|
||||
// * |system_id| is the Widevine system ID for the type of device.
|
||||
@@ -82,9 +103,7 @@ class ProvisioningEngine {
|
||||
// engines, including this one, by invoking
|
||||
// |AddIntermediatedrmcertificate| on all active ProvisioningEngine(s).
|
||||
ProvisioningStatus GenerateDrmIntermediateCertificate(
|
||||
uint32_t system_id,
|
||||
const std::string& public_key,
|
||||
std::string* certificate) const;
|
||||
uint32_t system_id, const std::string& public_key, std::string* certificate) const;
|
||||
|
||||
// Add an intermediate DRM certificate to the provisioning engine. This is
|
||||
// usually done once for each supported device type.
|
||||
@@ -95,12 +114,13 @@ class ProvisioningEngine {
|
||||
// if any.
|
||||
// * Returns OK on success, or an appropriate error status code otherwise.
|
||||
virtual ProvisioningStatus AddDrmIntermediateCertificate(
|
||||
const std::string& intermediate_cert,
|
||||
const std::string& cert_private_key,
|
||||
const std::string& intermediate_cert, const std::string& cert_private_key,
|
||||
const std::string& cert_private_key_passphrase);
|
||||
|
||||
// Create a session to handle a provisioning exchange between a client device
|
||||
// and the provisioning server.
|
||||
// Create a session to handle a certificate provisioning exchange between
|
||||
// a client device and the provisioning server.
|
||||
// * |protocol| is the protocol version for the session. If not sure, it
|
||||
// probably ought to be |PROVISIONING_30|.
|
||||
// * |device_public_key| is a DER-encoded PKCS#1.5 RSAPublicKey message which
|
||||
// will used to create the DRM certificate to be provisioned onto the
|
||||
// device.
|
||||
@@ -114,8 +134,28 @@ class ProvisioningEngine {
|
||||
// NOTE: All ProvisioningSession objects must be deleted before the
|
||||
// ProvisioningEngine which created them.
|
||||
virtual ProvisioningStatus NewProvisioningSession(
|
||||
const std::string& device_public_key,
|
||||
const std::string& device_private_key,
|
||||
SignedProvisioningMessage::ProtocolVersion protocol,
|
||||
const std::string& device_public_key, const std::string& device_private_key,
|
||||
std::unique_ptr<ProvisioningSession>* new_session) const;
|
||||
|
||||
// This is the same as NewProvisioningSession above, but with outputs reversed
|
||||
// To get around CLIF bug https://github.com/google/clif/issues/30.
|
||||
std::unique_ptr<ProvisioningSession> NewProvisioningSession(
|
||||
SignedProvisioningMessage::ProtocolVersion protocol,
|
||||
const std::string& device_public_key, const std::string& device_private_key,
|
||||
ProvisioningStatus* status) const;
|
||||
|
||||
// Create a session to handle a keybox provisioning exchange between
|
||||
// a client device (e.g., ChromeOS) and the provisioning server.
|
||||
// It would use ARCPP_PROVISIONING protocol.
|
||||
// * |keybox_device_key| is the secret device key in the keybox.
|
||||
// * |new_session| will point, on successful return, to the newly created
|
||||
// ProvisioningSession.
|
||||
// * Returns OK if successful, or an appropriate error status code otherwise.
|
||||
// NOTE: All ProvisioningSession objects must be deleted before the
|
||||
// ProvisioningEngine which created them.
|
||||
virtual ProvisioningStatus NewKeyboxProvisioningSession(
|
||||
const std::string& keybox_device_key,
|
||||
std::unique_ptr<ProvisioningSession>* new_session) const;
|
||||
|
||||
// Generate a new device DRM certificate to be provisioned by means other than
|
||||
@@ -133,13 +173,15 @@ class ProvisioningEngine {
|
||||
// * |certificate| will contain, upon successful return the generated
|
||||
// certificate.
|
||||
// * Returns OK on success, or an appropriate error status code otherwise.
|
||||
ProvisioningStatus GenerateDeviceDrmCertificate(
|
||||
uint32_t system_id,
|
||||
const std::string& public_key,
|
||||
const std::string& serial_number,
|
||||
std::string* certificate) const;
|
||||
ProvisioningStatus GenerateDeviceDrmCertificate(uint32_t system_id,
|
||||
const std::string& public_key,
|
||||
const std::string& serial_number,
|
||||
std::string* certificate) const;
|
||||
|
||||
private:
|
||||
std::map<SignedProvisioningMessage::ProtocolVersion, SessionFactory>
|
||||
protocol_registry_;
|
||||
|
||||
#ifndef SWIGPYTHON
|
||||
ProvisioningEngine(const ProvisioningEngine&) = delete;
|
||||
ProvisioningEngine& operator=(const ProvisioningEngine&) = delete;
|
||||
|
||||
Reference in New Issue
Block a user