media_cas_packager_sdk_source/protos/public/media_cas.proto

////////////////////////////////////////////////////////////////////////////////
// Copyright 2018 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////


syntax = "proto2";

package widevine.cas;

// Widevine private data in the CA descriptor.
message CaDescriptorPrivateData {
  // Provider name.
  optional string provider = 1;

  // Content ID.
  optional bytes content_id = 2;

  // Entitlement key IDs for current content per track. Each track will allow up
  // to 2 entitlement key ids (odd and even entitlement keys).
  repeated bytes entitlement_key_ids = 3;
}

// Widevine fingerprinting.
message Fingerprinting {
  // Channels that will be applied with the controls.
  repeated bytes channels = 1;
  // Fingerprinting controls are opaque to Widevine.
  optional bytes control = 2;
}

// Widevine service blocking.
message ServiceBlocking {
  // Channels that will be blocked.
  repeated bytes channels = 1;
  // Device groups that will be blocked. Group definition is opaque to Widevine.
  repeated bytes device_groups = 2;
  // Blocking start time in seconds since epoch. Start time is "immediate" if
  // this field is not set.
  optional int64 start_time_sec = 3;
  // Required. Blocking end time in seconds since epoch.
  optional int64 end_time_sec = 4;
}

// The payload field for an EMM.
message EmmPayload {
  repeated Fingerprinting fingerprinting = 1;
  repeated ServiceBlocking service_blocking = 2;
}

message EcmMetaData {
  enum CipherMode {
    UNSPECIFIED = 0;
    AES_CBC = 1;
    AES_CTR = 2;
    DVB_CSA2 = 3;
    DVB_CSA3 = 4;
    AES_OFB = 5;
    AES_SCTE52 = 6;
  }
  // Required. The cipher mode used to encrypt/decrypt the content.
  optional CipherMode cipher_mode = 1;
  // Optional. The minimum age required to watch the content. The value
  // represents actual age, with 0 means no restriction.
  optional uint32 age_restriction = 2 [default = 0];
}

message EcmKeyData {
  // The wrapped content key data (aka control word).
  // Required.
  optional bytes wrapped_key_data = 1;
  // The ID of the entitlement key used to wrap the content key. The secure key
  // data associated with this ID is held by the license server. The client gets
  // the key from the license server through a license request.
  // Required for the even key data, optional for the odd key data if it is the
  // same as the even key data.
  optional bytes entitlement_key_id = 2;
  // IV for decrypting the wrapped_key_data.
  // Required for the even key data, optional for the odd key data if it is the
  // same as the even key data.
  optional bytes wrapped_key_iv = 3;
  // IV for decrypting the content stream.
  // Optional. If not specified in the even key data, 8 bytes 0x00 will be used;
  // If not specified in the odd key data, the same content iv in the even key
  // data will be used.
  optional bytes content_iv = 4;
}

message EcmPayload {
  // Required. Meta info carried by the ECM.
  optional EcmMetaData meta_data = 1;
  // Required. The key data for the even slot.
  optional EcmKeyData even_key_data = 2;
  // Optional. The key data for the odd slot if key rotation is enabled.
  optional EcmKeyData odd_key_data = 3;
  // Optional. Widevine fingerprinting information.
  optional Fingerprinting fingerprinting = 4;
  // Optional. Widevine service blocking information.
  optional ServiceBlocking service_blocking = 5;
}

// The payload field for an ECM with signature.
message SignedEcmPayload {
  // Serialized EcmPayload.
  optional bytes serialized_payload = 1;
  // ECC (Elliptic Curve Cryptography) signature of |serialized_payload|.
  optional bytes signature = 2;
}