////////////////////////////////////////////////////////////////////////////////
// Copyright 2019 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////

#include "common/keybox_client_cert.h"

#include "glog/logging.h"
#include "common/crypto_util.h"
#include "common/error_space.h"
#include "common/sha_util.h"
#include "common/signing_key_util.h"
#include "common/wvm_token_handler.h"
#include "protos/public/errors.pb.h"

namespace widevine {

Status KeyboxClientCert::Initialize(const std::string& keybox_token) {
  system_id_ = WvmTokenHandler::GetSystemId(keybox_token);
  serial_number_ = WvmTokenHandler::GetEncryptedUniqueId(keybox_token);
  bool insecure_keybox = false;
  Status status = WvmTokenHandler::DecryptDeviceKey(keybox_token, &device_key_,
                                                    nullptr, &insecure_keybox);
  if (!status.ok()) {
    Errors new_code = status.error_code() == error::NOT_FOUND
                          ? MISSING_PRE_PROV_KEY
                          : KEYBOX_DECRYPT_ERROR;
    return Status(error_space, new_code, status.error_message());
  }
  return OkStatus();
}

// |hash_algorithm| is needed for function inheritance.
// For KeyBoxClientCert, we always use HMAC-SHA256 in signature verification.
Status KeyboxClientCert::VerifySignature(
    const std::string& message, HashAlgorithm hash_algorithm,
    const std::string& signature, ProtocolVersion protocol_version) const {
  DCHECK(!signing_key_.empty());
  using crypto_util::VerifySignatureHmacSha256;
  if (!VerifySignatureHmacSha256(
          GetClientSigningKey(signing_key_, protocol_version), signature,
          message)) {
    return Status(error_space, INVALID_SIGNATURE, "invalid-keybox-mac");
  }
  return OkStatus();
}

void KeyboxClientCert::GenerateSigningKey(const std::string& message,
                                          ProtocolVersion protocol_version) {
  signing_key_ = crypto_util::DeriveKey(
      key(), crypto_util::kSigningKeyLabel,
      protocol_version < VERSION_2_2 ? message : Sha512_Hash(message),
      SigningKeyMaterialSizeBits(protocol_version));
}
}  // namespace widevine