// Copyright 2017 Google LLC. All rights reserved. #ifndef VIDEO_WIDEVINE_EXPORT_LICENSE_SERVER_SDK_PUBLIC_SESSION_H__ #define VIDEO_WIDEVINE_EXPORT_LICENSE_SERVER_SDK_PUBLIC_SESSION_H__ #include #include #include #include #include #include "absl/strings/string_view.h" #include "absl/synchronization/mutex.h" #include "common/status.h" #include "protos/public/client_identification.pb.h" #include "protos/public/device_certificate_status.pb.h" #include "protos/public/drm_certificate.pb.h" #include "protos/public/external_license.pb.h" #include "protos/public/license_protocol.pb.h" #include "protos/public/license_server_sdk.pb.h" #include "protos/public/oem_key_container.pb.h" #include "protos/public/security_profile.pb.h" namespace video_widevine { class ClientIdentification; class ContentInfo; class DrmRootCertificate; class ExternalPlayReadySessionImpl; class License; class LicenseRequest; class ProvisionedDeviceInfo; class SecurityProfile; class SecurityProfileList; class SessionImpl; class EnvironmentImpl; class SessionInit; class SessionState; class SessionUsage; // TODO(tinskip): Rename this to LicenseSession and add LicenseEngine to hold // global settings and create new sessions. class Session { public: // Specify a comma separated list of system Ids that can support having // OEMCrypto version, as specified in the license request, reflected back in // the Key Control Block which is used by partner. Otherwise, only 'kctl' or // 'kc09' is returned in KCB. // TODO(tinskip): What is this, and can we do it better? Seems like something // that would be better in the ClientCapabilities or device metadata. static void SetDevicesToHandleOEMCryptoVersionInKCB( const std::string& system_id_list); // Set pre-provisioning keys system-wide. Map key is system_id, value. // Value should be human-readable hex digits encoded bytes. // Must be called before any other calls to this class. Calls are // thread-safe, so the keys can be updated at any time. static void SetPreProvisioningKeys( const std::map& keys); static void SetPreProvisioningKeys( const std::multimap& keys); // Set the certificate status list system-wide. |root_cert| is the root // certificate which signed the DCSL. // |expiration_period| is the number of seconds until the // certificate_status_list expires after its creation time // (creation_time_seconds). If |allow_unknown_devices| is false, an error is // returned if the device does not appear in the certificate_status_list. static Status SetCertificateStatusList( const DrmRootCertificate* root_cert, const std::string& certificate_status_list, uint32_t expiration_period_seconds, bool allow_unknown_devices); // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // Add a service certificate system-wide. |root_cert| is the root certificate // which signed the service certificate; |service_certificate| is a // Google-generated certificate used to authenticate the service provider for // purposes of device privacy; |service_private_key| is the encrypted PKCS#8 // private RSA key corresponding to the service certificate; and // |service_private_key_passphrase| is the password required to decrypt // |service_private_key|. static Status AddDrmServiceCertificate( const DrmRootCertificate* root_cert, const std::string& service_certificate, const std::string& service_private_key, const std::string& service_private_key_passphrase); // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // Enable delivery of licenses to client devices. This includes devices with // TEST_ONLY status, and development platform verification certificates. // Defaults to false. static void AllowDevelopmentClients(bool enable); // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // Enable delivery of licenses to TEST_ONLY client devices. // |device_list_make| is a comma separated list of devices to allow even // if the device is in a TEST_ONLY state. This list wil be used only if // AllowDevelopmentClient(false) is in use. static void AllowTestOnlyDevices(const std::string& device_list_make) { AllowTestOnlyDevicesByMake(device_list_make); } // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. static void AllowTestOnlyDevicesByMake(const std::string& device_list_make); // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // Enable delivery of licenses to TEST_ONLY client devices. // |device_list_provider| is a comma separated list of provider to allow // even if the device is in a TEST_ONLY state. This list wil be used only if // AllowDevelopmentClient(false) is in use. static void AllowTestOnlyDevicesByProvider( const std::string& device_list_provider); // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // Enable delivery of licenses to revoked client devices. |system_id_list| is // a comma separated list of systems Ids to allow even if revoked. static void AllowRevokedDevices(const std::string& system_id_list); // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // A comma separated list of DRM Certificate Serial Numbers that are revoked. static void RevokedDrmCertificateSerialNumbers( const std::string& drm_certificate_serial_numbers); // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // Restriction on core message features. If this is an empty string, the // default feature set is used. If it is an integer, that is the ODK version // supported. static void SetCoreMessageFeatures(const std::string& core_message_features); // Creates a Session object. // |root_cert| is the root certificate to be used to validate client // credentials. // |signed_license_request| is the serialized SignedMessage received from the // client. |session| points to a Session*, which must be initialized to NULL // on entry, but |session| itself may not be NULL. The new Session object will // be owned by the caller. This method returns Status::OK if successful, // or an appropriate error status, in which case // Session::GenerateErrorResponse should be invoked. // Example usage: // Session* session = NULL; // Status status = Session::Create(root_cert, request_from_client, // &session); // if (!status.ok()) { // std::string error_license; // if (Session::GenerateErrorResponse(status, &error_license)) { // // Send error_license to the client. // } else { // // Handle error // } // return ... // } // // Create license, invoke GenerateSignedLicense, etc. static Status Create(const DrmRootCertificate* root_cert, const std::string& signed_license_request, Session** session); // Create a session for generating a license. This variation of Create takes // options to allow for the creation of the session to succeed even if the // device is revoked. static Status CreateWithOptions(const DrmRootCertificate* root_cert, const std::string& signed_license_request, const SessionCreateOptions& options, Session** session); // Variation of Session::Create which also fills in the parsed LicenseRequest, // for use in logging or debugging. static Status Create(const DrmRootCertificate* root_cert, const std::string& signed_license_request, const SessionCreateOptions& options, Session** session, LicenseRequest* parsed_request_out); // Same as Create(), but caller can specify the ClientIdentification // message and/or PlatformVerificationStatus. If ClientIdentification is // specified, this variation of Create() will use the specified |client_id| // instead of what is specified in |signed_license_request|. If // PlatformVerificationStatus is specified, this method will use the specified // |platform_verification_status| instead of attempting to determine it. // Background for this function is to support cases where the client // identification is encrypted with the provider's service certificate in // which case we won't be able to decrypt OR when the provider determines // platform verification. The provider will specify the // clear client identification in |client_id| and the platform verification // in |platform_verification_status|. static Status CreateForProxy( const DrmRootCertificate* root_cert, const std::string& signed_license_request, const PlatformVerificationStatus platform_verification_status, const ClientIdentification* client_id, const SessionCreateOptions& options, Session** session, LicenseRequest* parsed_request_out); // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // Generates a SignedMessage containing a message generated in response to // an error condition. |status| is a previous error status returned by the // Session or Status(error::UNAVAILABLE, ...) to indicate that the // backend is unavailable, |signed_message| points to a std::string to contain the // serialized SignedMessage, and may not be NULL. This method returns true if // there is an error license to be sent to the client, or false otherwise. // Example usage in the Session::Create comments above. static bool GenerateErrorResponse(const Status& status, std::string* signed_message_bytes); // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // Generates a SignedMessage containing a service certificate for the // specified |provider_id|. This method returns true if a service certificate // exist for the provider. static bool GenerateServiceCertificateResponse( const std::string& provider_id, std::string* signed_message_bytes); // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // DeriveKey uses the NIST 800-108 KDF recommendation, using AES-CMAC PRF. // NIST 800-108: // http://csrc.nist.gov/publications/nistpubs/800-108/sp800-108.pdf // AES-CMAC: // http://tools.ietf.org/html/rfc4493 static std::string DeriveKey(const std::string& key, const std::string& label, const std::string& context, const uint32_t size_bits); // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // Returns a std::string containing the Widevine License Server SDK version in the // form .. . static std::string GetSdkVersionString(); // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // If set to true, adds SDK and server version information to the license // response. static void SetIncludeVersionInfoInLicense(bool include_version_info); // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // Sets the service version information which can be included with the license // response. If SetIncludeVersionInfoInLicense() is set to true and the server // version is not empty, then the server version will be included in the // license response. The host_version must be <= 32 characters and limited to // alphanumeric and '_', '-', ':', ';', ' ', '/' and '.'. static void SetHostServerVersion(const std::string& host_version); // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // Generate a signed request to be sent to Widevine Certificate Provisioning // Server to retrieve 'DeviceCertificateStatusList'. static Status GenerateDeviceStatusListRequest( std::string* signed_device_certificate_status_list_request); // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // Set the custom device security profile list which is returned, from a call // to Widevine PublishedDevicesService. static Status SetCustomDeviceSecurityProfiles( const DrmRootCertificate* root_cert, absl::string_view serialized_signed_device_security_profiles); virtual ~Session(); virtual const LicenseRequest& request() const; virtual const std::string& GetSessionId(); // Return list of Widevine profiles meeting the DRM requirements for this // session. virtual Status GetQualifiedDefaultDeviceSecurityProfiles( std::vector* qualified_profiles) const; // Retrieves qualifying Custom Security Profiles names given the owner name. virtual Status GetQualifiedCustomDeviceSecurityProfiles( absl::string_view owner_name, std::vector* custom_qualified_profile_names) const; // Returns true if a provisioned device info exists. Caller // owns |provisioned_device_info| and it must not be null. virtual bool GetProvisionedDeviceInfo( video_widevine::ProvisionedDeviceInfo* device_info); // Accessor for request_id field which may be encoded in one of multiple // places in the liciense request protcol buffer. Use this method instead // of accessing directly. |request_id| is a pointer to a std::string to contain // the request ID upon successful return. virtual Status GetRequestId(std::string* request_id) const; // Accessor for license_type field which may be encoded in one of multiple // places in the license request protocol buffer. Use this method instead // of accessing directly. |license_type| is a pointer to a value to contain // the license type upon successful return. virtual Status GetLicenseType(LicenseType* license_type) const; // Method used to get ContentIdentification in a consistent message regardless // of the type or version of initialization data contained in the content_id // field of the license request. Use this method instead of accessing the // fields of ContentIdentification directly. |content_info| is a pointer to a // message to contain the parsed values from content_id upon successful // return. virtual Status GetContentInfo(ContentInfo* content_info) const; // Returns the serial number of certificate associated with this device and // content provider. virtual std::string GetDrmDeviceId() const; // Copies the session usage table from license request to |usage_report|. // Returns true if session usage exist in the license request, otherwise // returns false. bool GetSessionUsage(SessionUsage* usage_report) const; // Returns true if client info exists, otherwise returns false. Populate the // specified |client_info| structure. virtual bool GetClientInfo(ClientIdentification* client_info) const; // Generates a serialized signed License response, emptying |policy| and // |key_container|, encrypting the keys therein. |session_init| and // |session_state| are returned to be cached and provided in subsequent // calls to the function. If no additional PolicyItem or KeyContainer objects // are necessary to fulfill the request (such as the case with license // renewal), |policy| and/or |key_container| may be NULL. // The response is expected to be sent to the Widevine CDM. virtual Status GenerateSignedLicense( /*IN*/ const License::Policy* policy, /*IN*/ const std::list* key_container, /*IN*/ const SessionInit* session_init, /*INOUT*/ SessionState* session_state, /*OUT*/ std::string* signed_message_bytes); virtual PlatformVerificationStatus GetPlatformVerificationStatus() const; // Returns the service id of the provider that owns the device certificate. virtual std::string GetDrmDeviceServiceId() const; // Returns true, if the license request for this session included a key // control nonce, else false. virtual bool HasKeyControlNonce() const; // If set to 'true', allow licenses to be generated even if VMP data was // determined to be video_widevine::PLATFORM_UNVERIFIED. virtual void set_allow_unverified_platform(bool allow_unverified_platform); // Return the setting of whether licenses are allowed to be generated even // when VMP data was determined to be video_widevine::PLATFORM_UNVERIFIED. virtual bool allow_unverified_platform() const; // If set to 'true', allow licenses to be generated even if VMP data was // determined to be video_widevine::PLATFORM_TAMPERED. virtual void set_allow_tampered_platform(bool allow_tampered_platform); /** * If set to true, reject WvDrm SDK to reject licensing behaviors to unknown * make model. Default value is false. */ virtual void set_reject_unknown_make_model(bool reject_unknown_make_model); /** * Retrieves the setting of whether unknown make model is rejected. */ virtual bool reject_unknown_make_model() const; // Return the setting of whether licenses are allowed to be generated even // when VMP data was determined to be video_widevine::PLATFORM_TAMPERED. virtual bool allow_tampered_platform() const; virtual void SetKeys(std::list* oem_key_container); // 'Provider' making the request. virtual void set_provider(const std::string& provider); // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // Obtain the owner list for custom profiles. virtual Status GetCustomDeviceSecurityProfileOwners( std::vector* custom_profile_owners) const; // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // Return a list of custom profile names associated with |owner_name|. virtual Status GetCustomDeviceSecurityProfileNames( absl::string_view owner_name, std::vector* profile_names) const; // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // Return the custom profiles associated with |owner_name|. virtual Status GetCustomDeviceSecurityProfiles( absl::string_view owner_name, std::vector* custom_device_security_profiles) const; // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // Return a list of default profile names obtained from default profiles. // The input argument |profile_names| cannot be null and it will be replaced // by the results. // For any non-ok status, |profile_names| won't be modified. virtual Status GetDefaultDeviceSecurityProfileNames( std::vector* profile_names) const; // Deprecated. // TODO(b/187189998): This API is now available in environment.h. It will be // removed from this header file in the mid-Q3 2021 SDK release. // Return the default profile associated with |profile_name|. virtual Status GetDefaultDeviceSecurityProfile( absl::string_view profile_name, SecurityProfile* device_security_profile) const; // Return the device status such as as RELEASED or REVOKED. virtual DeviceCertificateStatus::Status GetDeviceStatus() const; // Returns message type such as LICENSE_REQUEST, SERVICE_CERTIFICATE_REQUEST // or EXTERNAL_LICENSE_REQUEST. virtual SignedMessage::MessageType message_type() const; // Retrieves Widevine Security Profile DrmInfo of the device. // Returns true if |drm_info| was successully populated, else false. virtual bool GetDrmInfo(SecurityProfile::DrmInfo* drm_info) const; // Retrieves the ContentIdentification from the request. Returns OK, if // successful, else failure. virtual Status GetContentId( LicenseRequest::ContentIdentification* content_id) const; // Retrieves the request type. virtual LicenseRequest::RequestType request_type() const; // Deprecated. // TODO(b/200839386): This API is now available in environment.h. It will be // removed from this header file in the Q4 2021 SDK release. // If |auto_set_provider_session_token| is 'true', the provider session token // will be automatically set, // * if the provider session token has not been specified. // * for OFFLINE requests // * if Policy.can_persist is set to 'true'. // * if Policy.can_renew is set to 'true'. // * if OEMCryptoVersion of the client making the request is at least 16. // // The default setting for |auto_set_provider_session_token| is 'true'. virtual void set_auto_set_provider_session_token( bool auto_set_provider_session_token); // Deprecated. // TODO(b/200839386): This API is now available in environment.h. It will be // removed from this header file in the Q4 2021 SDK release. // Returns the setting as to whether the provider session token will be // automatically set. virtual bool auto_set_provider_session_token() const; protected: Session(std::shared_ptr env_impl, std::unique_ptr impl); Session(std::shared_ptr env_impl, std::unique_ptr external_playready_session_impl); // For testing only. This allows unit tests to define a mock Session class. Session(); friend class Environment; private: #ifndef SWIG Session(const Session&) = delete; Session& operator=(const Session&) = delete; #endif // Session::Create which also fills in the parsed // ExternalLicenseRequest. Used to create a Session object. static Status Create(const DrmRootCertificate* root_cert, SignedMessage* signed_message, Session** session, ExternalLicenseRequest* parsed_request_out); explicit Session(std::unique_ptr impl); explicit Session(std::unique_ptr external_playready_session_impl); std::shared_ptr env_impl_; std::unique_ptr impl_; std::unique_ptr external_playready_session_impl_; static absl::Mutex profile_mutex_; static std::unique_ptr security_profile_list_ ABSL_GUARDED_BY(profile_mutex_); }; } // namespace video_widevine #endif // VIDEO_WIDEVINE_EXPORT_LICENSE_SERVER_SDK_PUBLIC_SESSION_H__