widevine-partner/wvpl_license_sdk
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Widevine SDK Release Branch: beta-19.10.1

Browse Source
This commit is contained in:
Buildbot
2025-05-29 12:21:32 -07:00
parent b31fb00c1a
commit 8349b5bc0f
219 changed files with 101122 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
centos/sdk/external/cpp/wvpl/common/BUILD vendored Normal file
View File

@@ -0,0 +1,20 @@
########################################
## Copyright 2022 Google LLC
##
## This software is licensed under the terms defined in the Widevine Master
## License Agreement. For a copy of this agreement, please contact
## widevine-licensing@google.com.
########################################
package(
default_visibility = ["//visibility:public"],
)
filegroup(
name = "exported_sdk_header_files",
srcs = [
"wvpl_sdk_environment.h",
"wvpl_sdk_session.h",
"wvpl_types.h",
],
)

235
centos/sdk/external/cpp/wvpl/common/wvpl_sdk_environment.h vendored Executable file
View File

@@ -0,0 +1,235 @@
////////////////////////////////////////////////////////////////////////////////
//// Copyright 2017 Google LLC
////
//// This software is licensed under the terms defined in the Widevine Master
//// License Agreement. For a copy of this agreement, please contact
//// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
#ifndef VIDEO_WIDEVINE_EXPORT_SDK_EXTERNAL_CPP_WVPL_COMMON_WVPL_SDK_ENVIRONMENT_H_
#define VIDEO_WIDEVINE_EXPORT_SDK_EXTERNAL_CPP_WVPL_COMMON_WVPL_SDK_ENVIRONMENT_H_
#include <cstdint>
#include <map>
#include <memory>
#include <string>
#include <vector>
#include "absl/base/attributes.h"
#include "absl/strings/string_view.h"
#include "sdk/external/cpp/wvpl/common/wvpl_types.h"
namespace video_widevine {
class DrmRootCertificate;
class Environment;
} // namespace video_widevine
namespace video_widevine_server {
namespace wv_pl_sdk {
// WvPLSdkEnvironment subclass is expected to have a constructor that accepts
// `const std::map<std::string, std::string>& config_values`.
// Below are constants of various keys in such `config_values` map.
extern const char kDeviceCertificateExpiration[];
extern const char kAllowUnknownDevice[];
extern const char kProvider[];
extern const char kProviderIv[];
extern const char kProviderKey[];
extern const char kApiVerInKcb[];
extern const char kLimitUsageStatsToErrorsOnly[];
// Valid values are 'test' and 'prod'.
extern const char kDrmCertificateType[];
// Valid values are 'log', 'soft', and 'hard'.
extern const char kHardenedVmpMode[];
extern const char kIndividualDeviceRevocationListExpirationSeconds[];
extern const char kSetDefaultValuesInLicenseForContentProviderSettings[];
// Base environment class of various WvPL SDKs.
// This class is not meant to be instantiated directly.
class WvPLSdkEnvironment {
public:
virtual ~WvPLSdkEnvironment();
// Generates a license response in response to an error condition.
// `create_session_status` is a previous error status
// returned by the CreateSession(). `license_response` points to a std::string to
// contain the license response and may not be NULL. This method returns true
// if there is an error license to be sent to the client, or false
// otherwise.
static bool GenerateErrorResponse(const WvPLStatus& create_session_status,
std::string* license_response);
// Adds a service certificate to the environment that is used across sessions.
// `service_certificate` is a Google-generated certificate used to
// authenticate the service provider.
// `service_private_key` is the encrypted PKCS#8 private RSA key corresponding
// to the service certificate.
// `service_private_key_passphrase` is the password required to decrypt
// `service_private_key`.
// This is a thread-safe call.
virtual WvPLStatus SetDrmServiceCertificate(
const std::string& service_certificate,
const std::string& service_private_key,
const std::string& service_private_key_passphrase);
// Returns the DRM root certificate configured for this environment.
// This is public because it is used by unit tests.
const video_widevine::DrmRootCertificate* drm_root_certificate() const {
return drm_root_certificate_.get();
}
virtual WvPLStatus SetDeviceCertificateStatusList(
const std::string& device_certificate_status_list);
virtual WvPLStatus SetIndividualDeviceRevocationList(
absl::string_view individual_revocation_list);
virtual WvPLStatus SetCustomDeviceSecurityProfiles(
const std::string& serialized_signed_device_security_profiles) const;
ABSL_DEPRECATED(
"Use GetCustomDeviceSecurityProfileNames() instead after loading the "
"custom DSPs in the Environment class.")
virtual WvPLStatus GetDefaultDeviceSecurityProfileNames(
std::vector<std::string>* profile_names) const;
// Returns the default device security profile associated with `profile_name`.
ABSL_DEPRECATED(
"Use GetCustomDeviceSecurityProfiles() instead after loading the "
"custom DSPs in the Environment class.")
virtual WvPLStatus GetDefaultDeviceSecurityProfile(
const std::string& profile_name,
WvPLSecurityProfile* device_security_profile) const;
virtual WvPLStatus GetCustomDeviceSecurityProfileOwners(
std::vector<std::string>* custom_profile_owners) const;
// Returns a list of custom device security profile names associated with
// `owner_name`.
virtual WvPLStatus GetCustomDeviceSecurityProfileNames(
const std::string& owner_name,
std::vector<std::string>* profile_names) const;
// Returns the custom device security profiles associated with `owner_name`.
virtual WvPLStatus GetCustomDeviceSecurityProfiles(
const std::string& owner_name,
std::vector<WvPLSecurityProfile>* custom_device_security_profiles) const;
// Enables delivery of licenses to revoked client devices. `system_id_list` is
// a comma separated list of systems Ids to allow even if revoked.
virtual void AllowRevokedDevices(const std::string& system_id_list);
// Returns true if the licensing to `system_id` is allowed even if it is
// revoked.
virtual bool IsRevokedDeviceAllowed(uint32_t system_id) const;
// Translates the license request from the CDM to a human-readable message,
// useful for debugging. This translated request is placed in `request_out`.
// Returns OK if parsing the `request` is successfully, else an error status.
virtual WvPLStatus GetRequestAsString(const std::string& request,
std::string* request_out) const;
// Generates a signed request to be sent to Widevine Certificate Provisioning
// Server to retrieve device certificate status list (DCSL).
virtual WvPLStatus GenerateDeviceStatusListRequest(
std::string* signed_device_certificate_status_list_request) const = 0;
// Sets the encrypted provider key config used for L3 CDM.
// `encrypted_provider_key_config_bytes` is a serialized
// EncryptedProviderKeyConfig proto message.
// Returns OK if decryption and parsing are successful, otherwise an error is
// returned.
// Note that this function has to be called after the service certificate is
// added to the SDK.
virtual WvPLStatus SetEncryptedProviderKeyConfig(
const std::string& encrypted_provider_key_config_bytes);
ABSL_DEPRECATED("Use SetEncryptedProviderKeyConfig() instead.")
virtual WvPLStatus SetProviderKeyConfig(
const std::string& encrypted_provider_key_config_bytes) {
return SetEncryptedProviderKeyConfig(encrypted_provider_key_config_bytes);
}
// Returns the hardened vmp mode used for L3 CDM.
HardenedVmpMode hardened_vmp_mode() const;
// Returns the value of config field
// set_default_values_in_license_for_content_provider_settings. If true,
// returns default values for fields from WvPLPlaybackPolicy,
// WvPLOutputProtection and WvPLKey(outputProtection,
// requestedOutputProtection, trackType fields) objects in generated license,
// even though they are not set in the license request.
virtual bool set_default_values_in_license_for_content_provider_settings()
const;
// Returns a std::string containing the Widevine SDK version in the
// form <major_version>.<minor_version>.<release> <build date> <build time>.
std::string GetSdkVersionString() const;
protected:
explicit WvPLSdkEnvironment(
const std::map<std::string, std::string>& config_values);
// Sets the variable environment_.
// This method is NOT thread safe. |environment_| is not mutex
// protected and changing it may be dangerous.
virtual void SetEnvironment(
std::unique_ptr<video_widevine::Environment> environment);
// Number of seconds until the device certificate status list (DCSL) expires
// after its creation time. Default value is 1 year.
uint32_t device_certificate_expiration_seconds_ = 365 * 24 * 60 * 60;
// Number of seconds until the individual device revocation list (IDRL)
// expires after its creation time. Default value is 1 year.
uint32_t idrl_expiration_seconds_ = 365 * 24 * 60 * 60;
// "config_values" settings.
// Value for kDrmCertificateType key in "config_values" map.
// Supported values are "test" and "prod". Default value is "prod".
std::string drm_certificate_type_ = "prod";
// Value for kProvider key in "config_values" map.
// This is the name of the provider hosting this service.
std::string provider_;
// Value for kProviderIv key in "config_values" map.
std::string provider_iv_;
// Value for kProviderKey key in "config_values" map.
std::string provider_key_;
// If true, allow issuing licenses to devices not in the device certificate
// status list.
bool allow_unknown_device_ = false;
// DRM root certificate used for verifying all other DRM certificates.
std::unique_ptr<video_widevine::DrmRootCertificate> drm_root_certificate_;
// Internal environment implementation.
std::unique_ptr<video_widevine::Environment> environment_;
// If true, return the default values of WvPLPlaybackPolicy,
// WvPLOutputProtection and WvPLKey(outputProtection,
// requestedOutputProtection, trackType) fields in the license, even when
// fields are not explicitly set in request.
bool set_default_values_in_license_for_content_provider_settings_ = false;
private:
// Define WvPLSdkSession as a friend class to access the
// drm_certificate_type_ field.
friend class WvPLSdkSession;
// Gets the expected service type for drm service certificate.
virtual int GetExpectedServiceCertificateType();
// Checks the type of `service_certificate`. Returns "OK" if the
// `service_certificate` can be used for the current SDK, else an error
// status.
virtual WvPLStatus CheckServiceCertificateType(
const std::string& service_certificate);
// Retrieves whether sdk use widevine certificate or not.
virtual bool is_widevine_certificate() { return is_widevine_certificate_; }
// Returns the DRM certificate type content provider set in the config_values.
virtual std::string GetDrmCertificateType() const {
return drm_certificate_type_;
}
// Only for Google-internal content providers.
bool is_widevine_certificate_ = false;
};
} // namespace wv_pl_sdk
} // namespace video_widevine_server
#endif // VIDEO_WIDEVINE_EXPORT_SDK_EXTERNAL_CPP_WVPL_COMMON_WVPL_SDK_ENVIRONMENT_H_

293
centos/sdk/external/cpp/wvpl/common/wvpl_sdk_session.h vendored Executable file
View File

@@ -0,0 +1,293 @@
////////////////////////////////////////////////////////////////////////////////
//// Copyright 2018 Google LLC
////
//// This software is licensed under the terms defined in the Widevine Master
//// License Agreement. For a copy of this agreement, please contact
//// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
#ifndef VIDEO_WIDEVINE_EXPORT_SDK_EXTERNAL_CPP_WVPL_COMMON_WVPL_SDK_SESSION_H_
#define VIDEO_WIDEVINE_EXPORT_SDK_EXTERNAL_CPP_WVPL_COMMON_WVPL_SDK_SESSION_H_
#include <cstdint>
#include <memory>
#include <string>
#include <vector>
#include "sdk/external/cpp/wvpl/common/wvpl_sdk_environment.h"
#include "sdk/external/cpp/wvpl/common/wvpl_types.h"
namespace video_widevine {
class ClientIdentification;
class DrmRootCertificate;
class LicenseRequest;
class ProvisionedDeviceInfo;
class Session;
class SessionInit;
class SessionState;
class SignedMessage;
const uint32_t WIDEVINE_PSSH_DATA_PROTECTION_SCHEME_UNKNOWN = 0;
const uint32_t WIDEVINE_PSSH_DATA_CENC = 0x63656E63;
const uint32_t WIDEVINE_PSSH_DATA_CBC1 = 0x63626331;
const uint32_t WIDEVINE_PSSH_DATA_CENS = 0x63656E73;
const uint32_t WIDEVINE_PSSH_DATA_CBCS = 0x63626373;
} // namespace video_widevine
namespace video_widevine_server {
namespace wv_pl_sdk {
class WvPLSdkSession {
public:
virtual ~WvPLSdkSession();
// Adds a WvPLKey `key` to the session. The key can be one of many supported
// KeyType (see wvpl_types.h).
virtual WvPLStatus AddKey(const WvPLKey& key);
// Filters a WvPLKey `key`. Specifically, it checks if the device can meet the
// requirements specified in `key`. If requirements are met, add the key and
// the returned WvPLCapabilityStatus.status() will be CAPABILITY_OK. If
// requirements are not met, the returned WvPLCapabilityStatus will indicate
// which requirement is not met.
virtual WvPLCapabilityStatus FilterKey(WvPLKey& key);
// Gets the list of WvPLKey that have been previously set in this session.
virtual const std::vector<WvPLKey>& keys() const { return keys_; }
virtual void set_policy(const WvPLPlaybackPolicy& policy) {
policy_ = policy;
has_policy_ = true;
}
virtual const WvPLPlaybackPolicy& policy() const { return policy_; }
virtual void set_session_init(const WvPLSessionInit& session_init) {
session_init_ = session_init;
}
virtual const WvPLSessionInit& session_init() const { return session_init_; }
// Returns true if the license request is from Chrome CDM, false otherwise.
virtual bool IsChromeCDM() const;
// Returns the Widevine PSSH data for the license request handled by this
// session.
virtual WvPLStatus GetPsshData(
WvPLWidevinePsshData* wvpl_widevine_pssh_data) const;
// Returns the WvPLClientInfo information for the license request
// handled by this session.
virtual WvPLStatus GetClientInfo(WvPLClientInfo* client_info) const;
// Returns the WvPLClientCapabilities information for the license request
// handled by this session.
virtual WvPLStatus GetClientCapabilities(
WvPLClientCapabilities* client_capabilities) const;
// Returns the WvPLDeviceInfo information for the license request handled by
// this session.
virtual WvPLStatus GetDeviceInfo(WvPLDeviceInfo* device_info) const;
virtual PlatformVerificationStatus VerifyPlatform() const;
virtual WvPLRequestType GetRequestType() const { return request_type_; }
// Returns true if the license type is offline, false otherwise.
virtual bool is_offline_license() const;
// Returns true if the license request contains client id, false otherwise.
virtual bool has_client_id() const { return has_client_id_; }
// Returns true if license request has encrypted_client_id, false otherwise.
virtual bool has_encrypted_client_id() { return has_encrypted_client_id_; }
// Sets to whether to allow license generation for device with
// PlatformVerificationStatus = PLATFORM_UNVERIFIED.
virtual void set_allow_unverified_platform(bool allow_unverified_platform);
// Retrieves the setting of whether license generation is allowed for device
// with PlatformVerificationStatus = PLATFORM_UNVERIFIED.
virtual bool allow_unverified_platform() const;
// Sets whether this session should reject licensing to device with unknown
// make and model. Default value for this setting is false, meaning request
// from unknown make and model is not rejected.
virtual void set_reject_unknown_make_model(bool reject_unknown_make_model);
// Retrieves the setting of whether license request from unknown make model is
// rejected.
virtual bool reject_unknown_make_model() const;
// Sets to whether to allow license generation for device with
// PlatformVerificationStatus = PLATFORM_TAMPERED.
virtual void set_allow_tampered_platform(bool allow_tampered_platform);
// Retrieves the setting of whether license generation is allowed for device
// with PlatformVerificationStatus = PLATFORM_TAMPERED.
virtual bool allow_tampered_platform() const;
// Retrieves Widevine Security Profile DrmInfo of the device and return it via
// `drm_info`. Returns true the retrieval was successful, false otherwise.
virtual bool GetDrmInfo(WvPLSecurityProfile::DrmInfo* drm_info) const;
ABSL_DEPRECATED(
"Use GetQualifiedCustomDeviceSecurityProfiles() instead after loading "
"the custom DSPs in the Environment class.")
virtual WvPLStatus GetQualifiedDefaultDeviceSecurityProfiles(
std::vector<std::string>* default_qualified_profile_names) const;
// Retrieves qualifying Custom Security Profiles names given the owner name.
virtual WvPLStatus GetQualifiedCustomDeviceSecurityProfiles(
const std::string& owner_name,
std::vector<std::string>* custom_qualified_profile_names) const;
// Gets content id and returned it in `content_id`.
// Return ok if the operation is successful, false otherwise.
WvPLStatus GetContentId(std::string* content_id) const;
bool remote_attestation_verified() const;
// Returns the serial number of certificate associated with this device and
// content provider.
virtual std::string GetDrmDeviceId() const;
// Returns the session usage in `wvpl_session_usage`.
// Returns true if session usage exists in the license request and returned in
// `wvpl_session_usage`, false otherwise.
bool GetSessionUsage(WvPLSessionUsage& wvpl_session_usage) const;
protected:
friend class WvPLSdkSessionTestPeer;
explicit WvPLSdkSession(
const video_widevine::DrmRootCertificate* drm_root_certificate);
WvPLSdkSession(std::unique_ptr<video_widevine::Session> session,
const video_widevine::DrmRootCertificate* drm_root_certificate,
const WvPLSdkEnvironment* wvpl_sdk_environment);
virtual const WvPLDeviceInfo& device_info() const { return device_info_; }
void set_license_request_from_cdm(const std::string& request_from_cdm) {
license_request_from_cdm_ = request_from_cdm;
}
// Returns the WvPL Client Capabilities information for the license request
// handled by this session.
WvPLStatus GetWvPLClientCapabilities(
const video_widevine::ClientIdentification& client_id,
WvPLClientCapabilities* client_capabilities) const;
// Copies `wvpl_session_init` into `session_init`.
virtual void CopySessionInit(const WvPLSessionInit& wvpl_session_init,
video_widevine::SessionInit* session_init) const;
// Copies `wvpl_device_info` into `device_info`.
virtual void CopyProvisionedDeviceInfo(
const WvPLDeviceInfo& wvpl_device_info,
video_widevine::ProvisionedDeviceInfo* device_info);
// Populates |device_info_|, |client_id_|, |pssh_data_| in this session based
// on the license request.
WvPLStatus ParseLicenseRequest();
// Copies `wvpl_session_state` into `session_state`.
void CopySessionState(const WvPLSessionState& wvpl_session_state,
video_widevine::SessionState* session_state);
// Only used for unit testing.
// Sets system_id_.
virtual void SetSystemId(uint32_t system_id);
// Returns |has_system_id_| value. True if session has system id.
virtual bool HasSystemId() const;
// Returns |system_id_| value.
virtual uint32_t system_id() const;
// Only used for unit testing.
// Sets drm serial number.
virtual void SetDrmSerialNumber(const std::string& drm_serial_number);
// Returns drm serial number.
virtual std::string GetDrmSerialNumber() const;
virtual bool has_policy() { return has_policy_; }
// Set the provider which hosts this service.
virtual void set_provider(const std::string& provider) {
provider_ = provider;
}
virtual void set_provider_iv(const std::string& provider_iv) {
provider_iv_ = provider_iv;
}
virtual void set_provider_key(const std::string& provider_key) {
provider_key_ = provider_key;
}
bool using_generated_content_id() const {
return using_generated_content_id_;
}
const WvPLSdkEnvironment* wvpl_sdk_environment() const {
return wvpl_sdk_environment_;
}
// Internal session implementation.
std::unique_ptr<video_widevine::Session> session_;
const video_widevine::DrmRootCertificate* drm_root_certificate_;
std::string user_agent_;
std::string client_ip_;
std::string device_id_;
std::string content_id_;
std::vector<WvPLKey> keys_;
WvPLPlaybackPolicy policy_;
WvPLSessionInit session_init_;
WvPLWidevinePsshData pssh_data_;
std::unique_ptr<video_widevine::ClientIdentification> client_id_;
WvPLDeviceInfo device_info_;
bool has_pssh_data_ = false;
bool has_client_id_ = false;
PlatformVerificationStatus platform_verification_status_ =
PLATFORM_NO_VERIFICATION;
std::unique_ptr<video_widevine::SignedMessage>
signed_message_request_from_cdm_;
std::string license_request_from_cdm_;
std::string remote_attestation_cert_serial_number_;
std::unique_ptr<video_widevine::LicenseRequest> sdk_license_request_;
WvPLRequestType request_type_;
bool has_session_state_ = false;
bool has_encrypted_client_id_ = false;
bool using_generated_content_id_ = false;
std::string provider_;
std::string provider_iv_;
std::string provider_key_;
const WvPLSdkEnvironment* wvpl_sdk_environment_ = nullptr;
private:
WvPLCapabilityStatus CheckDeviceCapabilityByProfile(
const std::string& content_owner, const std::string& required_profile);
WvPLCapabilityStatus CheckDeviceCapability(
const WvPLOutputProtection& required_output_protection);
// Called when Device Security Profiles are used. Output Protections per
// Key are updated based on the Security Profile's Output Requirements and
// the Key's Output Protections as set by the Content Provider. This API is
// implemented as per go/dsp-key-filtering-updated.
virtual void UpdateOutputProtection(
const WvPLSecurityProfile& security_profile, WvPLKey& wvpl_key) const;
std::unique_ptr<uint32_t> system_id_;
bool has_policy_ = false;
bool enable_key_filtering_ = false;
bool has_client_id_from_upstream_ = false;
};
} // namespace wv_pl_sdk
} // namespace video_widevine_server
#endif // VIDEO_WIDEVINE_EXPORT_SDK_EXTERNAL_CPP_WVPL_COMMON_WVPL_SDK_SESSION_H_

2644
centos/sdk/external/cpp/wvpl/common/wvpl_types.h vendored Executable file
View File

File diff suppressed because it is too large Load Diff

19
centos/sdk/external/cpp/wvpl/license_server_sdk/BUILD vendored Normal file
View File

@@ -0,0 +1,19 @@
########################################
## Copyright 2022 Google LLC
##
## This software is licensed under the terms defined in the Widevine Master
## License Agreement. For a copy of this agreement, please contact
## widevine-licensing@google.com.
########################################
package(
default_visibility = ["//visibility:public"],
)
filegroup(
name = "exported_sdk_header_files",
srcs = [
"wvpl_environment.h",
"wvpl_session.h",
],
)

194
centos/sdk/external/cpp/wvpl/license_server_sdk/wvpl_environment.h vendored Executable file
View File

@@ -0,0 +1,194 @@
////////////////////////////////////////////////////////////////////////////////
//// Copyright 2017 Google LLC
////
//// This software is licensed under the terms defined in the Widevine Master
//// License Agreement. For a copy of this agreement, please contact
//// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
#ifndef VIDEO_WIDEVINE_EXPORT_SDK_EXTERNAL_CPP_WVPL_LICENSE_SERVER_SDK_WVPL_ENVIRONMENT_H_
#define VIDEO_WIDEVINE_EXPORT_SDK_EXTERNAL_CPP_WVPL_LICENSE_SERVER_SDK_WVPL_ENVIRONMENT_H_
#include <cstdint>
#include <map>
#include <memory>
#include <string>
#include "absl/base/attributes.h"
#include "absl/strings/string_view.h"
#include "sdk/external/cpp/wvpl/common/wvpl_sdk_environment.h"
#include "sdk/external/cpp/wvpl/common/wvpl_types.h"
namespace video_widevine {
// go/keep-sorted start
class ClientIdentification;
class Environment;
class LicenseRequest;
class SessionCreateOptions;
// go/keep-sorted end
} // namespace video_widevine
namespace video_widevine_server {
namespace wv_pl_sdk {
class WvPLLicenseCounter;
class WvPLSession;
// WvPLEnvironment is used to create WvPLSessions.
// WvPLEnvironment holds data that spans the lifetime of multiple sessions.
// WvPLSession creation depends on a successful prior call to
// WvPLEnvironment::SetDeviceCertificateStatusList().
//
// Example:
// std::map<string, string> config_values;
// config_values.insert(std::make_pair(kAllowUnknownDevice, "true"));
// config_values.insert(std::make_pair(kProvider, "<Provider Name>"));
// config_values.insert(std::make_pair(kProviderIv, "<Provider IV>"));
// config_values.insert(std::make_pair(kProviderKey, "<Provider Key>"));
// WvPLEnvironment* wvpl_environment = new WvPLEnvironment(config_values);
// std::string cert_status_list;
// WvPLStatus status;
// status = wvpl_environment->Initialize();
// wvpl_environment->SetPreProvisioningKeys(prev_prov_keys);
// status = wvpl_environment->SetDrmServiceCertificate(
// "<Provider Service Cert>", "<Service Private Key>",
// "<Service Private Key Passphrase>");
// -- Fetch the intermediate certificates.
// SomeFunctionToFetchTheCertificates(&cert_status_list);
// status =
// wvpl_environment->SetDeviceCertificateStatusList(cert_status_list);
class WvPLEnvironment : public WvPLSdkEnvironment {
public:
// Copies the config_values and constructs a new WvPLEnvironment object.
explicit WvPLEnvironment(
const std::map<std::string, std::string>& config_values);
~WvPLEnvironment() override;
// One time initialization. Must be called once after construction.
virtual WvPLStatus Initialize();
// Creates a new WvPLSession object. Upon success, `session` points to a new
// object created on the heap. Caller retains ownership of the session.
// Example usage:
// WvPLSession* session;
// WvPLStatus status = wvpl_environment->CreateSession(request_from_client,
// &session);
// if (!status.ok()) {
// std::string error_license;
// if (wvpl_environment->GenerateErrorResponse(status, &error_license)) {
// // Send error_license to the client.
// } else {
// // Handle error
// }
// return ...
// }
// // Continue with license flow, invoke GenerateLicense(), etc.
virtual WvPLStatus CreateSession(const std::string& request,
WvPLSession** session) const;
virtual WvPLStatus CreateSessionWithOptions(
const std::string& request, const WvPLSessionCreateOptions& options,
WvPLSession** session) const;
// Deletes `session`. Should be called if CreateSession() was successful and
// the session is no longer needed.
virtual void DestroySession(WvPLSession* session) const;
// If |auto_set_provider_session_token_| is 'true', the provider session token
// may be automatically set.
// The default setting for |auto_set_provider_session_token_| is 'true'.
virtual void SetAutoSetProviderSessionToken(
bool auto_set_provider_session_token);
// Returns the setting as to whether the provider session token will be
// automatically set.
virtual bool GetAutoSetProviderSessionToken() const;
// Specifies a comma separated list of system Ids that can support having
// OEMCrypto version, as specified in the license request, reflected back in
// the Key Control Block which is used by partner. Otherwise, only 'kctl' or
// 'kc09' is returned in KCB.
void SetDevicesToHandleOEMCryptoVersionInKCB(
absl::string_view system_id_list);
// Thread-safe call to set the pre-provisioning keys. `key` is map of
// <system id, value>. Value should be human-readable hex digits.
virtual WvPLStatus SetPreProvisioningKeys(
const std::map<uint32_t, std::string>& keys);
// Returns the license counter data as bytes. The bytes in
// `signed_license_stats` are binary. The internal data is flushed
// if `flush_data` is true. If `flush_data` is false, license counters will
// accumulate. If this call returns "Status::OK", `signed_license_stats` is
// populated. `signed_license_stats` is owned by the caller.
virtual WvPLStatus GetStatsAsBytes(bool flush_data,
std::string* signed_license_stats);
// Returns the license counter data in a human-readable format. The
// internal data is flushed if `flush_data` is true. If `flush_data` is
// false, license counters will accumulate. If this call returns
// "Status::OK", `license_stats` is populated. `license_stats` is owned by
// the caller.
virtual WvPLStatus GetStatsAsString(bool flush_data,
std::string* license_stats);
// DEPRECATED.
// In order to stay up-to-date with new devices, it is recommended to fetch
// new certificates on a regular basis. The update interval should be once a
// day. If UpdateWithCerftificates() fails, the existing certificates are
// still valid, but are subject to expiration. The expiration is controlled
// by the content provider and configured as a parameter when creating
// WvPLEnvironment.
// `cert_list` is the response provided from the Widevine API
// that produces the certificate list. The method can handle either the new
// API format (the serialized PublishedDevices proto), or the legacy format (a
// JSON response containing the base64-encoded certificate list).
ABSL_DEPRECATED(
"Use WvPLSdkEnvironment::SetDeviceCertificateStatusList() instead.")
virtual WvPLStatus UpdateWithCertificates(const std::string& cert_list);
// Generates a signed request to be sent to Widevine Certificate Provisioning
// Server to retrieve 'DeviceCertificateStatusList'.
WvPLStatus GenerateDeviceStatusListRequest(
std::string* signed_device_certificate_status_list_request)
const override;
// Get the expected service type for drm service certificate.
// The expected return value is int value of enum LICENSE_SERVER_SDK
// which is of type DrmCertificate.ServiceType.
int GetExpectedServiceCertificateType() override;
// Enables delivery of licenses to revoked client devices. `system_id_list`
// is a comma separated list of systems Ids to allow even if revoked.
void AllowRevokedDevices(const std::string& system_id_list) override;
private:
// Returns the signature for the provider specified in the `config_values`
// parameter in the constructor. `signature` is owned by the caller.
virtual WvPLStatus GetSignature(const std::string& text_to_sign,
std::string* signature);
std::unique_ptr<WvPLLicenseCounter> license_counter_;
// List of system ids that support having the Crypto API version specified in
// the Key Control Block (KCB).
std::string system_ids_for_api_ver_in_kcb_;
// Comma separated list of system ids by make allowed to be TEST_ONLY.
std::string allow_test_only_by_make_;
// Comma separated list of system ids by provider allowed to be TEST_ONLY.
std::string allow_test_only_by_provider_;
// Whether all test devices should be allowed.
bool allow_development_clients_;
// Restriction on core message features. If this is an empty string, the
// default feature set is used. If it is an integer, that is the ODK version
// supported. This restricts the features that the server will support in an
// oemcrypto core message. For example, we may restrict the server to never
// send a v17 message by setting the std::string to "16".
std::string core_message_features_;
};
} // namespace wv_pl_sdk
} // namespace video_widevine_server
#endif // VIDEO_WIDEVINE_EXPORT_SDK_EXTERNAL_CPP_WVPL_LICENSE_SERVER_SDK_WVPL_ENVIRONMENT_H_

106
centos/sdk/external/cpp/wvpl/license_server_sdk/wvpl_session.h vendored Executable file
View File

@@ -0,0 +1,106 @@
////////////////////////////////////////////////////////////////////////////////
//// Copyright 2017 Google LLC
////
//// This software is licensed under the terms defined in the Widevine Master
//// License Agreement. For a copy of this agreement, please contact
//// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
#ifndef VIDEO_WIDEVINE_EXPORT_SDK_EXTERNAL_CPP_WVPL_LICENSE_SERVER_SDK_WVPL_SESSION_H_
#define VIDEO_WIDEVINE_EXPORT_SDK_EXTERNAL_CPP_WVPL_LICENSE_SERVER_SDK_WVPL_SESSION_H_
#include <list>
#include <string>
#include "absl/base/attributes.h"
#include "sdk/external/cpp/wvpl/common/wvpl_sdk_environment.h"
#include "sdk/external/cpp/wvpl/common/wvpl_sdk_session.h"
#include "sdk/external/cpp/wvpl/common/wvpl_types.h"
namespace video_widevine {
class ContentInfo;
class Session;
} // namespace video_widevine
namespace video_widevine_server {
namespace wv_pl_sdk {
class WvPLLicenseCounter;
// WvPL License SDK gets its release version from here.
// Major version to line up with latest released OEMCrypto API version.
// Minor version to line up with release timeframe, which generally changes
// quarterly within the same calendar year.
// Release version is to line up with the release number within the same
// quarter.
const uint32_t kMajorVersion = 19;
const uint32_t kMinorVersion = 10;
const uint32_t kRelease = 1;
// Once a WvPLEnvironment object is successfully initialized, it can be used
// to create a WvPLSession object for each license request.
// CreateSession() parses the request and validates the request by verifying
// the signature. If verification is successful, a session object is created
// and OK status is returned.
// Once a WvPLSession object is successfully created, setup the session
// object with the policy and keys, and call AddKey() for each key.
class WvPLSession : public WvPLSdkSession {
public:
WvPLSession();
~WvPLSession() override;
// Generates the license for sending back to the Widevine client. Caller owns
// `license`.
virtual WvPLStatus GenerateLicense(std::string* license);
virtual void set_session_state(const WvPLSessionState& wvpl_session_state) {
wvpl_session_state_ = wvpl_session_state;
has_session_state_ = true;
}
virtual const WvPLSessionState& session_state() const {
return wvpl_session_state_;
}
bool has_sdk_session() const { return session_ != nullptr; }
// Returns a std::string containing the WVPL version in the form:
// <major_version>.<minor_version>.<release>
static std::string GetVersionString();
// DEPRECATED.
// Returns true if a provisioned device info exists. Populates the specified
// `device_info` structure.
ABSL_DEPRECATED("Use GetDeviceInfo() instead.")
virtual bool GetProvisionedDeviceInfo(WvPLDeviceInfo* device_info) const;
// Returns the license request from the client. If the client id is encrypted,
// it will be decrypted and returned.
virtual std::string GetLicenseRequest() const;
protected:
// This class takes ownership of `session`. This class keeps a pointer
// to `license_counter` but the caller maintains ownership of
// `license_counter`. All arguments must not be NULL.
WvPLSession(
const video_widevine::DrmRootCertificate* drm_root_certificate,
video_widevine::Session* session, WvPLLicenseCounter* license_counter,
const WvPLSdkEnvironment* wvpl_sdk_environment);
// Sets the license counter to use. The caller maintains ownership of
// `license_counter` but this class keeps a pointer to `license_counter`.
void set_license_counter(WvPLLicenseCounter* license_counter) {
license_counter_ = license_counter;
}
private:
friend class WvPLEnvironment;
friend class WvPLSessionTestPeer;
WvPLLicenseCounter* license_counter_ = nullptr;
WvPLSessionState wvpl_session_state_;
};
} // namespace wv_pl_sdk
} // namespace video_widevine_server
#endif // VIDEO_WIDEVINE_EXPORT_SDK_EXTERNAL_CPP_WVPL_LICENSE_SERVER_SDK_WVPL_SESSION_H_