//////////////////////////////////////////////////////////////////////////////// // Copyright 2018 Google LLC. // // This software is licensed under the terms defined in the Widevine Master // License Agreement. For a copy of this agreement, please contact // widevine-licensing@google.com. //////////////////////////////////////////////////////////////////////////////// syntax = "proto2"; package widevine.cas; // Widevine private data in the CA descriptor. message CaDescriptorPrivateData { // Provider name. optional string provider = 1; // Content ID. optional bytes content_id = 2; // Entitlement key IDs for current content per track. Each track will allow up // to 2 entitlement key ids (odd and even entitlement keys). repeated bytes entitlement_key_ids = 3; } // Widevine fingerprinting. message Fingerprinting { // Channels that will be applied with the controls. repeated bytes channels = 1; // Fingerprinting controls are opaque to Widevine. optional bytes control = 2; } // Widevine service blocking. message ServiceBlocking { // Channels that will be blocked. repeated bytes channels = 1; // Device groups that will be blocked. Group definition is opaque to Widevine. repeated bytes device_groups = 2; // Blocking start time in seconds since epoch. Start time is "immediate" if // this field is not set. optional int64 start_time_sec = 3; // Required. Blocking end time in seconds since epoch. optional int64 end_time_sec = 4; } // The payload field for an EMM. message EmmPayload { repeated Fingerprinting fingerprinting = 1; repeated ServiceBlocking service_blocking = 2; } message EcmMetaData { enum CipherMode { UNSPECIFIED = 0; AES_CBC = 1; AES_CTR = 2; DVB_CSA2 = 3; DVB_CSA3 = 4; AES_OFB = 5; AES_SCTE52 = 6; } // Required. The cipher mode used to encrypt/decrypt the content. optional CipherMode cipher_mode = 1; // Optional. The minimum age required to watch the content. The value // represents actual age, with 0 means no restriction. optional uint32 age_restriction = 2 [default = 0]; } message EcmKeyData { // The wrapped content key data (aka control word). // Required. optional bytes wrapped_key_data = 1; // The ID of the entitlement key used to wrap the content key. The secure key // data associated with this ID is held by the license server. The client gets // the key from the license server through a license request. // Required for the even key data, optional for the odd key data if it is the // same as the even key data. optional bytes entitlement_key_id = 2; // IV for decrypting the wrapped_key_data. // Required for the even key data, optional for the odd key data if it is the // same as the even key data. optional bytes wrapped_key_iv = 3; // IV for decrypting the content stream. // Optional. If not specified in the even key data, 8 bytes 0x00 will be used; // If not specified in the odd key data, the same content iv in the even key // data will be used. optional bytes content_iv = 4; } message EcmPayload { // Required. Meta info carried by the ECM. optional EcmMetaData meta_data = 1; // Required. The key data for the even slot. optional EcmKeyData even_key_data = 2; // Optional. The key data for the odd slot if key rotation is enabled. optional EcmKeyData odd_key_data = 3; // Optional. Widevine fingerprinting information. optional Fingerprinting fingerprinting = 4; // Optional. Widevine service blocking information. optional ServiceBlocking service_blocking = 5; } // The payload field for an ECM with signature. message SignedEcmPayload { // Serialized EcmPayload. optional bytes serialized_payload = 1; // ECC (Elliptic Curve Cryptography) signature of |serialized_payload|. optional bytes signature = 2; }