// Copyright 2018 Google LLC. All rights reserved. // // Description: // Definitions of the protocol buffer messages used in the Widevine license // exchange protocol for Media CAS. syntax = "proto2"; option java_package = "com.google.video.widevine.mediacaslicense"; import "protos/public/hash_algorithm.proto"; import "protos/public/license_protocol.proto"; import "protos/public/license_server_sdk.proto"; import "protos/public/media_cas_encryption.proto"; package video_widevine; // TODO(b/169278959): move ProxyInfo into media_drm_license.proto. message CasDrmLicenseRequest { // The request payload. This is usually the HTTP Post body of a request. // Required. optional bytes payload = 1; // The content provider whose proxy is sending this license request onto the // Widevine license service. Required. optional string provider_id = 2; // An identifier supplied by a content provider, used to identify a piece of // content and derive key IDs and content keys. optional bytes content_id = 3; // A ContentKeySpec identifies a content key by track type name. It also // specifies the policy that should be used for this key. // TODO(hali): Consolidate this ContentKeySpec with // ModularDrmLicenseRequest_ContentKeySpec. Both should include a common // ContentKeySpec. message ContentKeySpec { optional License.KeyContainer.SecurityLevel security_level = 1; optional License.KeyContainer.OutputProtection required_output_protection = 2; optional License.KeyContainer.OutputProtection requested_output_protection = 3; // Optionally specify even, odd or single slot for key rotation. repeated CasEncryptionResponse.KeyInfo entitlement_keys = 4; optional License.KeyContainer.KeyType key_type = 5; // A track type is used to represent a set of tracks that share the same // content key and security level. Common values are SD, HD, UHD1, UHD2 // and AUDIO. Content providers may use arbitrary strings for track type // as long as they are consistent with the track types used at packaging // time. optional string track_type = 6; // A Key Category Spec is used to identify if current key is generated for a // single content or a group of contents. optional License.KeyContainer.KeyCategorySpec key_category_spec = 7; } repeated ContentKeySpec content_key_specs = 4; // Policy for the entire license such as playback duration. optional License.Policy policy = 5; // Pass optional data to initial license. optional SessionInit session_init = 6; // This field is used when proxy sdk generates CasDrmLicenseRequest.It // combines the DrmCertificate::ServiceType and SDK version. optional ProxyInfo proxy_info = 7; // Indicates all key values in ContentKeySpec are encrypted with this // sesion key. This session key is encrypted with the providers AES key. If // session_key is used, session_iv must also be specified. optional bytes session_key = 8; // Indicates all key values in ContentKeySpec are encrypted with this // session IV. This session IV is encrypted with the provider's AES key. optional bytes session_iv = 9; // Public signing key provided by content providers, used to verify the // received ECM/EMM signature. The key must be an elliptic-curve key. optional bytes provider_ecm_verifier_public_key = 10; } message CasDrmLicenseResponse { enum Status { UNKNOWN = 0; OK = 1; SIGNATURE_FAILED = 2; INVALID_LICENSE_CHALLENGE = 3; PROVIDER_ID_MISSING = 4; INVALID_CONTENT_INFO = 5; EMPTY_CONTENT_INFO = 6; CONTENT_ID_MISMATCH = 7; DEPRECATED_MISSING_CONTENT_ID = 8; MALFORMED_REQUEST = 9; INTERNAL_ERROR = 10; SIGNING_KEY_EXPIRED = 11; } optional Status status = 1; optional string status_message = 2; // Serialzed bytes for a CAS license. // TODO(hali): Until a CAS license protocol is defined, this field is a // serialized License message defined in license_protocol.proto. optional bytes license = 3; // Actual SDK license status as defined in widevine/protos/public/errors.proto optional uint32 internal_status = 4; // Indicates the type of message in the license response. optional SignedMessage.MessageType message_type = 5; // A subset of data from the Widevine PSSH. message PsshData { repeated bytes key_id = 1; optional bytes content_id = 2; // If this is a group key license, this is the group identifier. optional bytes group_id = 3; } message LicenseMetadata { optional bytes content_id = 1; repeated bytes key_id = 2; } optional PsshData pssh_data = 6; optional SessionState session_state = 7; optional string content_owner = 8; optional string content_provider = 9; optional LicenseMetadata license_metadata = 10; message DeviceInfo { // Make as identified from the provisioned device info. If that is not // available, the device make will be retrieved from the license request. optional string make = 1; // Model as identified from the provisioned device info. If that is not // available, the device model will be retrieved from the license request. optional string model = 2; // Widevine-defined device security level. optional uint32 security_level = 3; // Globally unique serial number of certificate associated with this // device. optional bytes drm_cert_serial_number = 4; // Platform specifies the OS or device type and perhaps other software // information for the device receving this license response. // Example: Android, iOS, Chrome, PC. optional string platform = 5; // SystemID of the requesting device. optional uint32 system_id = 6; } // Device information for the device making the CAS license request. optional DeviceInfo device_info = 11; } message SignedCasDrmRequest { optional bytes request = 1; optional bytes signature = 2; // Identifies the entity sending / signing the request. Required if signature // is present. optional string signer = 3; // The IP Address of the portal that is forwarding the request from the // original sender. optional string client_ip_address = 4; // The client software identifier, as used by HTTP. optional string user_agent = 5; optional string provider = 6; // Optional field that indicates the hash algorithm used in signature scheme. optional HashAlgorithmProto hash_algorithm = 7; }