widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Synced license protocol protos to g3 latests.

Browse Source 
[ Merge of http://go/wvgerrit/128023 ]

Several of the messages in license_protocol.proto have fallen out of
sync with their source-of-truth in Google3.  This change updates most
of the proto messages used by the CDM.  None of these changes
immediately affect the CDM.

Bug: 192286204
Test: Build service and unit tests
Change-Id: I83414167d51f2443fe39f02ab160341918e409c9
This commit is contained in:
Alex Dale
2021-10-01 16:51:59 -07:00
parent 9f2364cefd
commit c554b30716
1 changed files with 163 additions and 104 deletions
Download Patch File Download Diff File Expand all files Collapse all files

267
libwvdrmengine/cdm/core/src/license_protocol.proto
View File

@@ -1,6 +1,3 @@
// ----------------------------------------------------------------------------
// license_protocol.proto
// ----------------------------------------------------------------------------
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
@@ -71,6 +68,51 @@ message LicenseIdentification {
optional LicenseType type = 4;
optional int32 version = 5;
optional bytes provider_session_token = 6;
// Set by the SDK representing the rental duration from the initial license.
optional int64 original_rental_duration_seconds = 7;
// Set by the SDK representing the playback duration from the initial license.
optional int64 original_playback_duration_seconds = 8;
// Set by the SDK representing the start time of the initial license in
// seconds (UTC). This is from the original license's license_start_time,
// which is from the LicenseRequest.request_time when set, or set by the
// server to be the time that the original license was processed.
optional int64 original_start_time_seconds = 9;
}
// This message is used to indicate the license cateogry spec for a license as
// a part of initial license issuance.
message LicenseCategorySpec {
// Possible license categories.
enum LicenseCategory {
// By default, License is used for single content.
SINGLE_CONTENT_LICENSE_DEFAULT = 0;
// License is used for multiple contents (could be a combination of
// single contents and groups of contents).
MULTI_CONTENT_LICENSE = 1;
// License is used for contents logically grouped.
GROUP_LICENSE = 2;
}
// Optional. License category indicates if license is used for single
// content, multiple contents (could be a combination of
// single contents and groups of contents) or a group of contents.
optional LicenseCategory license_category = 1;
// Optional. Content or group ID covered by the license.
oneof content_or_group_id {
// Content_id would be present if it is a license for single content.
bytes content_id = 2;
// Group_id would be present if the license is a multi_content_license or
// group_license. Group Id could be the name of a group of contents,
// defined by licensor.
bytes group_id = 3;
}
}
message ProxyInfo {
// Indicates SDK type(Including UNKNOWN_SERVICE_TYPE, LICENSE_PROXY_SDK,
// CAS_PROXY_SDK).
optional DrmCertificate.ServiceType sdk_type = 1;
// Indicates the version of SDK.
optional string sdk_version = 2;
}
message License {
@@ -144,12 +186,16 @@ message License {
message KeyContainer {
enum KeyType {
SIGNING = 1; // Exactly one key of this type must appear.
SIGNING = 1; // No more than one signing key may appear.
CONTENT = 2; // Content key.
KEY_CONTROL = 3; // Key control block for license renewals. No key.
OPERATOR_SESSION = 4; // wrapped keys for auxiliary crypto operations.
ENTITLEMENT = 5; // Entitlement keys.
OEM_CONTENT = 6; // Partner-specific content key.
// Public signing key provided by content providers. Currently used by CAS
// for verifying the received ECM/EMM signature. Only EC key is supported
// for now.
PROVIDER_ECM_VERIFIER_PUBLIC_KEY = 7;
}
// The SecurityLevel enumeration allows the server to communicate the level
@@ -176,8 +222,6 @@ message License {
}
message KeyControl {
// |key_control| is documented in:
// Widevine Modular DRM Security Integration Guide for CENC
// If present, the key control must be communicated to the secure
// environment prior to any usage. This message is automatically generated
// by the Widevine License Server SDK.
@@ -223,6 +267,9 @@ message License {
optional bool disable_analog_output = 4 [default = false];
// Optional requirement to indicate digital output is not allowed.
optional bool disable_digital_output = 5 [default = false];
// Optional. If set, it indicates digital video recording (DVR) is
// allowed.
optional bool allow_record = 6 [default = false];
}
message VideoResolutionConstraint {
@@ -243,6 +290,28 @@ message License {
optional bool allow_signature_verify = 4 [default = false];
}
// KeyCategorySpec message is used to identify if current key is generated
// for a single content or a group of contents. Currently it is only used in
// CAS request.
message KeyCategorySpec {
// Represents what kind of content a key is used for.
enum KeyCategory {
// By default, key is created for single content.
SINGLE_CONTENT_KEY_DEFAULT = 0;
// Key is created for a group of contents.
GROUP_KEY = 1;
}
// Indicate if the current key is created for single content or for group
// use.
optional KeyCategory key_category = 1;
// Id for key category. If it is a key for single content, this id
// represents the content_id. Otherwise, it represents a group_id.
oneof content_or_group_id {
bytes content_id = 2;
bytes group_id = 3;
}
}
optional bytes id = 1;
optional bytes iv = 2;
optional bytes key = 3;
@@ -268,6 +337,10 @@ message License {
// Optional not limited to commonly known track types such as SD, HD.
// It can be some provider defined label to identify the track.
optional string track_label = 12;
// Optional. It is used to identify if current key is generated for a
// single content or a group of contents. Currently it is only used in CAS
// request.
optional KeyCategorySpec key_category_spec = 13;
}
optional LicenseIdentification id = 1;
@@ -288,8 +361,6 @@ message License {
// 8 byte verification field "HDCPDATA" followed by unsigned 32 bit minimum
// HDCP SRM version (whether the version is for HDCP1 SRM or HDCP2 SRM
// depends on client max_hdcp_version).
// Additional details can be found in Widevine Modular DRM Security
// Integration Guide for CENC.
optional bytes srm_requirement = 8;
// If present this contains a signed SRM file (either HDCP1 SRM or HDCP2 SRM
// depending on client max_hdcp_version) that should be installed on the
@@ -301,6 +372,10 @@ message License {
[default = PLATFORM_NO_VERIFICATION];
// IDs of the groups for which keys are delivered in this license, if any.
repeated bytes group_ids = 11;
// Optional. LicenseCategorySpec is used to indicate the license cateogry for
// a license. It could be used as a part of initial license issuance or shown
// as a part of license in license response.
optional LicenseCategorySpec license_category_spec = 12;
}
enum ProtocolVersion {
@@ -386,6 +461,8 @@ message LicenseError {
// The service is currently unavailable due to the backend being down
// or similar circumstances.
SERVICE_UNAVAILABLE = 3;
// The device credentials are expired. The device must re-provision.
EXPIRED_DRM_DEVICE_CERTIFICATE = 4;
}
optional Error error_code = 1;
}
@@ -438,8 +515,9 @@ message SignedMessage {
enum SessionKeyType {
UNDEFINED = 0;
WRAPPED_AES_KEY = 1;
EPHERMERAL_ECC_PUBLIC_KEY = 2;
EPHEMERAL_ECC_PUBLIC_KEY = 2;
}
optional MessageType type = 1;
optional bytes msg = 2;
// Required field that contains the signature of the bytes of msg.
@@ -469,6 +547,11 @@ message SignedMessage {
// The core message is the simple serialization of fields used by OEMCrypto.
// This field was introduced in OEMCrypto API v16.
optional bytes oemcrypto_core_message = 9;
// Optional field that indicates the hash algorithm used in signature scheme.
optional HashAlgorithmProto hash_algorithm = 10;
// If true it indicates that a LICENSE message session key was based on an
// alternate key provided by the client credentials.
optional bool using_secondary_key = 11;
}
// ----------------------------------------------------------------------------
@@ -493,20 +576,44 @@ enum HashAlgorithmProto {
// Public protocol buffer definitions for Widevine Device Certificate
// Provisioning protocol.
// A KeyToCertify contains a client generated public key to be incorporated into
// a signed certificate.
message PublicKeyToCertify {
// A KeyType indicates a high level key type.
enum KeyType {
KEY_TYPE_UNSPECIFIED = 0;
RSA = 1;
ECC = 2;
}
// |public_key| contains the bytes of a PKCS#1 ASN.1 DER-encoded public key.
optional bytes public_key = 1;
// KeyType contains a highlevel hint to use in parsing the serialized key
// contained in |public_key|. If the key is an EC key, curve parameters can be
// extracted from the deserialized key.
// Keys are expected to match the certificate key type in the device
// record.
optional KeyType key_type = 2;
// The signature of |public_key|.
// Keys that are signed using ECDSA or RSA should hash the message using
// SHA-256.
optional bytes signature = 3;
}
// ProvisioningOptions specifies the type of certificate to specify and
// in the case of X509 certificates, the certificate authority to use.
message ProvisioningOptions {
enum CertificateType {
WIDEVINE_DRM = 0; // Default. The original certificate type.
X509 = 1; // X.509 certificate.
WIDEVINE_DRM = 0; // Default. The original certificate type.
X509 = 1; // X.509 certificate.
WIDEVINE_KEYBOX = 2;
}
optional CertificateType certificate_type = 1 [default = WIDEVINE_DRM];
// Contains the application-specific name used to identify the certificate
// authority for signing the generated certificate. This is required if the
// certificate type is X509.
// authority for signing the generated certificate. This is required if and
// only if the certificate type is X509.
optional string certificate_authority = 2;
// System ID for OTA keybox provisioning. Requires device secure boot.
optional uint32 system_id = 3;
@@ -565,6 +672,10 @@ message ProvisioningRequest {
optional EncryptedSessionKeys encrypted_session_keys = 8;
// The custom request for Android Attestation OTA.
optional AndroidAttestationOtaKeyboxRequest android_ota_keybox_request = 9;
// Specifies the public key that should be certified by the provisioning
// server. The client holds the private key. If specified, the response no
// longer needs to contain server generated |device_rsa_key|.
optional PublicKeyToCertify certificate_public_key = 10;
}
// Provisioning response sent by the provisioning server to client devices.
@@ -627,8 +738,7 @@ message ProvisioningResponse {
}
// Protocol-specific context data used to hold the state of the server in
// stateful provisioning protocols. For more information, please refer to
// "Widevine DRM Provisioning using Third-Part and Stateful Protocols".
// stateful provisioning protocols.
message ProvisioningContext {
// Serialized ProvisioningContextKeyData. Required.
optional bytes key_data = 1;
@@ -643,6 +753,8 @@ message SignedProvisioningContext {
// RSASSA-PSS signature of provisioning_context. Signed with service private
// key.
optional bytes signature = 2;
// Optional field that indicates the hash algorithm used in signature scheme.
optional HashAlgorithmProto hash_algorithm = 3;
}
// Cryptographic tokens to be used for ProvisioningContext.
@@ -664,25 +776,27 @@ message SignedProvisioningMessage {
// implementation. E.g. embedded in the ProvisioningResponse rather than
// returning a 400 error to the caller.
VERSION_1_1 = 2;
// Version 2 will implement a larger change of the protocol definition
// in protobufs. This will provide a cleaner separation between protocols.
VERSION_2 = 3;
}
enum ProvisioningType { // This enum was renamed to avoid confusion
PROVISIONING_TYPE_UNSPECIFIED = 0;
SERVICE_CERTIFICATE_REQUEST = 1; // Service certificate request.
PROVISIONING_20 = 2; // Keybox factory-provisioned devices.
PROVISIONING_30 = 3; // OEM certificate factory-provisioned devices.
PROVISIONING_30 = 3; // OEM certificate factory-provisioned devices.
// Devices use Boot Certificate Chain (BCC) to provision an OEM certificate.
PROVISIONING_40 = 5;
// These are provisioning methods that are only supported by internal
// Widevine services. They should not be exposed in the SDK.
ARCPP_PROVISIONING = 4; // ChromeOS/Arc++ devices.
// Android-Attestation-based OTA keyboxes.
ANDROID_ATTESTATION_KEYBOX_OTA = 6;
INTEL_SIGMA_101 = 101; // Intel Sigma 1.0.1 protocol.
INTEL_SIGMA_101 = 101; // Intel Sigma 1.0.1 protocol.
INTEL_SIGMA_210 = 210; // Intel Sigma 2.1.0 protocol.
}
// Serialized protobuf message for the corresponding protocol and stage of
// the provisioning exchange. ProvisioningRequest or ProvisioningResponse
// in the case of Provisioning 2.0, 3.0 and ARCPP_PROVISIONING. Required.
// in the case of Provisioning 2.0, 3.0, 4.0 and ARCPP_PROVISIONING. Required.
optional bytes message = 1;
// HMAC-SHA256 (Keybox) or RSASSA-PSS (OEM) signature of message. Required
// for provisioning 2.0 and 3.0. For ARCPP_PROVISIONING, only used in
@@ -721,6 +835,7 @@ message ClientIdentification {
DRM_DEVICE_CERTIFICATE = 1;
REMOTE_ATTESTATION_CERTIFICATE = 2;
OEM_DEVICE_CERTIFICATE = 3;
BOOT_CERTIFICATE_CHAIN = 4;
}
message NameValue {
@@ -738,6 +853,13 @@ message ClientIdentification {
HDCP_V2_1 = 3;
HDCP_V2_2 = 4;
HDCP_V2_3 = 5;
// The existing HDCP_V1 will be used for backwards compatibility with pre
// OEM crypto v17.
HDCP_V1_0 = 6;
HDCP_V1_1 = 7;
HDCP_V1_2 = 8;
HDCP_V1_3 = 9;
HDCP_V1_4 = 10;
HDCP_NO_DIGITAL_OUTPUT = 0xff;
}
@@ -762,8 +884,7 @@ message ClientIdentification {
optional HdcpVersion max_hdcp_version = 4 [default = HDCP_NONE];
optional uint32 oem_crypto_api_version = 5;
// Client has hardware support for protecting the usage table, such as
// storing the generation number in secure memory. For Details, see:
// Widevine Modular DRM Security Integration Guide for CENC
// storing the generation number in secure memory.
optional bool anti_rollback_usage_table = 6 [default = false];
// The client shall report |srm_version| if available.
optional uint32 srm_version = 7;
@@ -779,8 +900,7 @@ message ClientIdentification {
// quality of content to serve. Currently defined tiers are
// 1 (low), 2 (medium) and 3 (high). Any other value indicates that
// the resource rating is unavailable or reporting erroneous values
// for that device. For details see,
// Widevine Modular DRM Security Integration Guide for CENC
// for that device.
optional uint32 resource_rating_tier = 12 [default = 0];
}
@@ -805,7 +925,7 @@ message ClientIdentification {
// Serialized VmpData message. Optional.
optional bytes vmp_data = 7;
// Optional field that may contain additional provisioning credentials.
repeated ClientCredentials device_credentials = 8;
optional ClientCredentials device_credentials = 8;
}
// EncryptedClientIdentification message used to hold ClientIdentification
@@ -953,6 +1073,8 @@ message DrmCertificate {
// signed_drm_certificate.proto
// ----------------------------------------------------------------------------
// Description of section:
// Signed device certificate definition.
// DrmCertificate signed by a higher (CA) DRM certificate.
message SignedDrmCertificate {
// Serialized certificate. Required.
@@ -966,80 +1088,6 @@ message SignedDrmCertificate {
optional HashAlgorithmProto hash_algorithm = 4;
}
// ----------------------------------------------------------------------------
// provisioned_device_info.proto
// ----------------------------------------------------------------------------
// Description of section:
// Provisioned device info format definitions.
// Contains device model information for a provisioned device.
message ProvisionedDeviceInfo {
enum WvSecurityLevel {
// Defined in "Widevine Security Integration Guide for DASH on Android"
LEVEL_UNSPECIFIED = 0;
LEVEL_1 = 1;
LEVEL_2 = 2;
LEVEL_3 = 3;
}
// Widevine initial provisioning / bootstrapping method. DRM certificates are
// required for retrieving licenses, so if a DRM certificate is not initially
// provisioned, then the provisioned credentials will be used to provision
// a DRM certificate via the Widevine Provisioning Service.
enum ProvisioningMethod {
// Don't use this.
PROVISIONING_METHOD_UNSPECIFIED = 0;
// Factory-provisioned device-unique keybox.
FACTORY_KEYBOX = 1;
// Factory-provisioned device-unique OEM certificate.
FACTORY_OEM_DEVICE_CERTIFICATE = 2;
// Factory-provisioned model-group OEM certificate.
FACTORY_OEM_GROUP_CERTIFICATE = 3;
// Factory-provisioned model-group DRM certificate (Level-3 "baked in").
FACTORY_DRM_GROUP_CERTIFICATE = 4;
// OTA-provisioned keybox (Level-1 ARC++).
OTA_KEYBOX = 5;
// OTA-provisioned device-unique OEM certificate.
OTA_OEM_DEVICE_CERTIFICATE = 6;
// OTA-provisioned model-group OEM certificate.
OTA_OEM_GROUP_CERTIFICATE = 7;
// OTA-provisioned device-unique DRM certificate (Bedrock).
OTA_DRM_DEVICE_CERTIFICATE = 8;
}
// Represents additional devices that are associated with the device. These
// are devices that have the systemID, but a different 'manufacturer'/'model'
// etc.
message ModelInfo {
// Represents the device manufacturer. Typically, this will be Philips, LG,
// Sharp, etc.
optional string manufacturer = 1;
// Model of the device.
optional string model = 2;
}
// Widevine system ID for the device. Mandatory.
optional uint32 system_id = 1;
// Name of system-on-a-chip. Optional.
optional string soc = 2;
// First registered manufacturer. Optional.
optional string manufacturer = 3;
// First registered manufacturer's model name. Matches "brand" in device
// metadata. Optional.
optional string model = 4;
// First registered type of device (Phone, Tablet, TV, etc).
optional string device_type = 5;
// First registered device model year. Optional.
optional uint32 model_year = 6;
// Widevine-defined security level. Optional.
optional WvSecurityLevel security_level = 7 [default = LEVEL_UNSPECIFIED];
// True if the certificate corresponds to a test (non production) device.
// Optional.
optional bool test_device = 8 [default = false];
// Indicates the type of device root of trust which was factory provisioned.
optional ProvisioningMethod provisioning_method = 9;
// A list of ModelInfo using the same system_id.
repeated ModelInfo model_info = 10;
}
// ----------------------------------------------------------------------------
// widevine_pssh.proto
// ----------------------------------------------------------------------------
@@ -1067,7 +1115,7 @@ message WidevinePsshData {
optional uint32 entitlement_key_size_bytes = 5 [default = 32];
}
// Entitlement or content key IDs. Can onnly present in SINGLE or ENTITLEMENT
// Entitlement or content key IDs. Can only present in SINGLE or ENTITLEMENT
// PSSHs. May be repeated to facilitate delivery of multiple keys in a
// single license. Cannot be used in conjunction with content_id or
// group_ids, which are the preferred mechanism.
@@ -1108,8 +1156,8 @@ message WidevinePsshData {
// Group identifiers for all groups to which the content belongs. This can
// be used to deliver licenses to unlock multiple titles / channels.
// Optional, and may only be present in ENTITLEMENT and ENTITLED_KEY PSSHs, and
// not in conjunction with key_ids.
// Optional, and may only be present in ENTITLEMENT and ENTITLED_KEY PSSHs,
// and not in conjunction with key_ids.
repeated bytes group_ids = 13;
// Copy/copies of the content key used to decrypt the media stream in which
@@ -1125,11 +1173,22 @@ message WidevinePsshData {
// Current values are "HDR".
optional string video_feature = 15;
// Audiofeature identifier, which is used in conjunction with |content_id|
// to determine the set of keys to be returned in the license. Cannot be
// present in conjunction with |key_ids|.
// Current values are "commentary".
optional string audio_feature = 16;
// Entitlement period index for media using entitlement key rotation. Can only
// present in ENTITLEMENT PSSHs. It always corresponds to the entitlement key
// period.
optional uint32 entitlement_period_index = 17;
//////////////////////////// Deprecated Fields ////////////////////////////
enum Algorithm {
UNENCRYPTED = 0;
AESCTR = 1;
};
}
optional Algorithm algorithm = 1 [deprecated = true];
optional string provider = 3 [deprecated = true];
optional string track_type = 5 [deprecated = true];