789377fed2
In this code drop we introduce the ODK dependency. The reference implementation has been updated to make use of the ODK and the related tests have been included. In addition, we have included an example of how a shared libraries can be created. This will allow make it easier to test and verify different implementations of the API. Most other changes introduce by this code drop were made to clean-up the reference implementation and limit dependencies.
94 lines
2.8 KiB
C++
94 lines
2.8 KiB
C++
// Copyright 2020 Google LLC. All Rights Reserved.
|
|
|
|
#ifndef WHITEBOX_API_LICENSE_BUILDER_H_
|
|
#define WHITEBOX_API_LICENSE_BUILDER_H_
|
|
|
|
#include <stdint.h>
|
|
#include <string>
|
|
#include <vector>
|
|
|
|
#include "cdm/protos/license_protocol.pb.h"
|
|
#include "crypto_utils/rsa_key.h"
|
|
|
|
namespace widevine {
|
|
|
|
struct License {
|
|
std::vector<uint8_t> request;
|
|
|
|
std::vector<uint8_t> core_message;
|
|
std::vector<uint8_t> message;
|
|
std::vector<uint8_t> signature;
|
|
|
|
// |session_key_| encrypted using the public key. The white-box expects the
|
|
// session key to be encrypted, so we use the name "session_key_" (even if it
|
|
// is encrypted), we omit the term "encrypted" to match the naming in the API.
|
|
std::vector<uint8_t> session_key;
|
|
};
|
|
|
|
class TestLicenseBuilder {
|
|
public:
|
|
enum class RemoteAttestation {
|
|
kUnavailable,
|
|
kVerified,
|
|
kUnverified,
|
|
};
|
|
|
|
enum class VerificationStatus {
|
|
kUnavailable,
|
|
kHardwareVerified,
|
|
kOther,
|
|
};
|
|
|
|
// Returns padding data the can be used as |padding| when calling
|
|
// AddSigningKey() or AddContentKey().
|
|
static std::vector<uint8_t> NoPadding();
|
|
static std::vector<uint8_t> PKSC8Padding();
|
|
|
|
// Returns a default signing key that can be used with AddSigningKey().
|
|
static std::vector<uint8_t> DefaultSigningKey();
|
|
|
|
TestLicenseBuilder();
|
|
|
|
void AddSigningKey(const std::vector<uint8_t>& key,
|
|
const std::vector<uint8_t>& padding = NoPadding());
|
|
|
|
// Add a content key so that there is some key in the license. This should not
|
|
// be used with AddContentKey().
|
|
void AddStubbedContentKey();
|
|
|
|
void AddContentKey(video_widevine::License_KeyContainer_SecurityLevel level,
|
|
const std::vector<uint8_t>& key_id,
|
|
const std::vector<uint8_t>& key,
|
|
const std::vector<uint8_t>& padding = NoPadding());
|
|
|
|
// The key id will matter as we will need to reference it, but the key won't
|
|
// matter since we are only using it as a means to verify that a non-content
|
|
// key can't be used as a content key.
|
|
void AddOperatorSessionKey(const std::vector<uint8_t>& key_id);
|
|
|
|
void SetRemoteAttestation(RemoteAttestation setting);
|
|
|
|
void SetVerificationStatus(VerificationStatus setting);
|
|
|
|
// If set, then Build() will populate |core_message| in License with the
|
|
// matching ODK core message. If not set, then |core_message| will be empty.
|
|
void SetUseODK(bool setting);
|
|
|
|
// Gets the serialized license request and response (in components) that would
|
|
// have been used in the license exchange.
|
|
void Build(const RsaPublicKey& public_key, License* license) const;
|
|
|
|
private:
|
|
const std::string session_key_ = "0123456789ABCDEF";
|
|
|
|
video_widevine::LicenseRequest request_;
|
|
video_widevine::License response_;
|
|
std::string serialized_request_;
|
|
std::string container_key_;
|
|
bool use_odk_ = false;
|
|
};
|
|
|
|
} // namespace widevine
|
|
|
|
#endif // WHITEBOX_API_LICENSE_BUILDER_H_
|