widevine-partner/media_cas_proxy_sdk_source
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Export media_cas_proxy_sdk

Browse Source
This commit is contained in:
Fang Yu
2018-11-14 09:05:33 -08:00
parent 6d0d9d825c
commit 5031d1bc6f
146 changed files with 24654 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

243
protos/public/BUILD Normal file
View File

@@ -0,0 +1,243 @@
################################################################################
# Copyright 2018 Google LLC.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
# widevine-licensing@google.com.
################################################################################
# Protocol buffer definitions for Widevine Services Proxy SDK.
package(default_visibility = ["//visibility:public"])
filegroup(
name = "binary_release_files",
srcs = glob(["**"]),
)
# TODO(user): Remove unnecessary proto targets in this file
# once cl/216707967 is submitted.
proto_library(
name = "exported_proxy_sdk_proto",
srcs = [
"client_identification.proto",
"device_certificate_status.proto",
"drm_certificate.proto",
"errors.proto",
"sdk_stats.proto",
"license_protocol.proto",
"license_server_sdk.proto",
"provisioned_device_info.proto",
"remote_attestation.proto",
"signed_drm_certificate.proto",
"verified_media_pipeline.proto",
"widevine_pssh.proto",
"license_services.proto",
],
)
java_proto_library(
name = "exported_proxy_sdk_java_proto",
deps = [":exported_proxy_sdk_proto"],
)
proto_library(
name = "license_services_proto_base",
srcs = ["license_services.proto"],
deps = [
":client_identification_proto_base",
":license_protocol_proto_base",
":license_server_sdk_proto_base",
":errors_proto_base",
],
)
cc_proto_library(
name = "license_services_proto",
deps = [":license_services_proto_base"],
)
java_proto_library(
name = "license_services_java_proto",
deps = [":license_services_proto_base"],
)
proto_library(
name = "client_identification_proto_base",
srcs = ["client_identification.proto"],
)
cc_proto_library(
name = "client_identification_proto",
deps = [":client_identification_proto_base"],
)
java_proto_library(
name = "client_identification_java_proto",
deps = [":client_identification_proto_base"],
)
proto_library(
name = "device_certificate_status_proto_base",
srcs = ["device_certificate_status.proto"],
deps = [":provisioned_device_info_proto_base"],
)
cc_proto_library(
name = "device_certificate_status_proto",
deps = [":device_certificate_status_proto_base"],
)
java_proto_library(
name = "device_certificate_status_java_proto",
deps = [":device_certificate_status_proto_base"],
)
proto_library(
name = "sdk_stats_proto_base",
srcs = ["sdk_stats.proto"],
)
cc_proto_library(
name = "sdk_stats_proto",
deps = [":sdk_stats_proto_base"],
)
java_proto_library(
name = "sdk_stats_java_proto",
deps = [":sdk_stats_proto_base"],
)
proto_library(
name = "drm_certificate_proto_base",
srcs = ["drm_certificate.proto"],
)
cc_proto_library(
name = "drm_certificate_proto",
deps = [":drm_certificate_proto_base"],
)
java_proto_library(
name = "drm_certificate_java_proto",
deps = [":drm_certificate_proto_base"],
)
proto_library(
name = "errors_proto_base",
srcs = ["errors.proto"],
)
cc_proto_library(
name = "errors_proto",
deps = [":errors_proto_base"],
)
java_proto_library(
name = "errors_java_proto",
deps = [":errors_proto_base"],
)
proto_library(
name = "license_protocol_proto_base",
srcs = ["license_protocol.proto"],
deps = [
":client_identification_proto_base",
":remote_attestation_proto_base",
],
)
cc_proto_library(
name = "license_protocol_proto",
deps = [":license_protocol_proto_base"],
)
java_proto_library(
name = "license_protocol_java_proto",
deps = [":license_protocol_proto_base"],
)
proto_library(
name = "license_server_sdk_proto_base",
srcs = ["license_server_sdk.proto"],
deps = [":license_protocol_proto_base",
":widevine_pssh_proto_base"],
)
cc_proto_library(
name = "license_server_sdk_proto",
deps = [":license_server_sdk_proto_base"],
)
java_proto_library(
name = "license_server_sdk_java_proto",
deps = [":license_server_sdk_proto_base"],
)
proto_library(
name = "provisioned_device_info_proto_base",
srcs = ["provisioned_device_info.proto"],
)
cc_proto_library(
name = "provisioned_device_info_proto",
deps = [":provisioned_device_info_proto_base"],
)
java_proto_library(
name = "provisioned_device_info_java_proto",
deps = [":provisioned_device_info_proto_base"],
)
proto_library(
name = "remote_attestation_proto_base",
srcs = ["remote_attestation.proto"],
deps = [":client_identification_proto_base"],
)
cc_proto_library(
name = "remote_attestation_proto",
deps = [":remote_attestation_proto_base"],
)
java_proto_library(
name = "remote_attestation_java_proto",
deps = [":remote_attestation_proto_base"],
)
proto_library(
name = "signed_drm_certificate_proto_base",
srcs = ["signed_drm_certificate.proto"],
)
cc_proto_library(
name = "signed_drm_certificate_proto",
deps = [":signed_drm_certificate_proto_base"],
)
proto_library(
name = "verified_media_pipeline_proto_base",
srcs = ["verified_media_pipeline.proto"],
)
cc_proto_library(
name = "verified_media_pipeline_proto",
deps = [":verified_media_pipeline_proto_base"],
)
proto_library(
name = "widevine_pssh_proto_base",
srcs = ["widevine_pssh.proto"],
)
cc_proto_library(
name = "widevine_pssh_proto",
deps = [":widevine_pssh_proto_base"],
)
java_proto_library(
name = "widevine_pssh_java_proto",
deps = [":widevine_pssh_proto_base"],
)

112
protos/public/client_identification.proto Normal file
View File

@@ -0,0 +1,112 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
//
// Description:
// ClientIdentification messages used by provisioning and license protocols.
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
option java_outer_classname = "ClientIdentificationProtos";
// ClientIdentification message used to authenticate the client device.
message ClientIdentification {
enum TokenType {
KEYBOX = 0;
DRM_DEVICE_CERTIFICATE = 1;
REMOTE_ATTESTATION_CERTIFICATE = 2;
OEM_DEVICE_CERTIFICATE = 3;
}
message NameValue {
optional string name = 1;
optional string value = 2;
}
// Capabilities which not all clients may support. Used for the license
// exchange protocol only.
message ClientCapabilities {
enum HdcpVersion {
HDCP_NONE = 0;
HDCP_V1 = 1;
HDCP_V2 = 2;
HDCP_V2_1 = 3;
HDCP_V2_2 = 4;
HDCP_V2_3 = 5;
HDCP_NO_DIGITAL_OUTPUT = 0xff;
}
enum CertificateKeyType {
RSA_2048 = 0;
RSA_3072 = 1;
}
enum AnalogOutputCapabilities {
ANALOG_OUTPUT_UNKNOWN = 0;
ANALOG_OUTPUT_NONE = 1;
ANALOG_OUTPUT_SUPPORTED = 2;
ANALOG_OUTPUT_SUPPORTS_CGMS_A = 3;
}
optional bool client_token = 1 [default = false];
optional bool session_token = 2 [default = false];
optional bool video_resolution_constraints = 3 [default = false];
optional HdcpVersion max_hdcp_version = 4 [default = HDCP_NONE];
optional uint32 oem_crypto_api_version = 5;
// Client has hardware support for protecting the usage table, such as
// storing the generation number in secure memory. For Details, see:
// https://docs.google.com/document/d/1Mm8oB51SYAgry62mEuh_2OEkabikBiS61kN7HsDnh9Y/edit#heading=h.xgjl2srtytjt
optional bool anti_rollback_usage_table = 6 [default = false];
// The client shall report |srm_version| if available.
optional uint32 srm_version = 7;
// A device may have SRM data, and report a version, but may not be capable
// of updating SRM data.
optional bool can_update_srm = 8 [default = false];
repeated CertificateKeyType supported_certificate_key_type = 9;
optional AnalogOutputCapabilities analog_output_capabilities = 10
[default = ANALOG_OUTPUT_UNKNOWN];
optional bool can_disable_analog_output = 11 [default = false];
}
// Type of factory-provisioned device root of trust. Optional.
optional TokenType type = 1 [default = KEYBOX];
// Factory-provisioned device root of trust. Required.
optional bytes token = 2;
// Optional client information name/value pairs.
repeated NameValue client_info = 3;
// Client token generated by the content provider. Optional.
optional bytes provider_client_token = 4;
// Number of licenses received by the client to which the token above belongs.
// Only present if client_token is specified.
optional uint32 license_counter = 5;
// List of non-baseline client capabilities.
optional ClientCapabilities client_capabilities = 6;
// Serialized VmpData message. Optional.
optional bytes vmp_data = 7;
}
// EncryptedClientIdentification message used to hold ClientIdentification
// messages encrypted for privacy purposes.
message EncryptedClientIdentification {
// Provider ID for which the ClientIdentifcation is encrypted (owner of
// service certificate).
optional string provider_id = 1;
// Serial number for the service certificate for which ClientIdentification is
// encrypted.
optional bytes service_certificate_serial_number = 2;
// Serialized ClientIdentification message, encrypted with the privacy key using
// AES-128-CBC with PKCS#5 padding.
optional bytes encrypted_client_id = 3;
// Initialization vector needed to decrypt encrypted_client_id.
optional bytes encrypted_client_id_iv = 4;
// AES-128 privacy key, encrypted with the service public key using RSA-OAEP.
optional bytes encrypted_privacy_key = 5;
}

113
protos/public/device_certificate_status.proto Normal file
View File

@@ -0,0 +1,113 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2017 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
//
//
// Description:
// Device certificate status list object definitions.
syntax = "proto2";
package widevine;
option java_outer_classname = "DeviceCertificateStatusProtos";
option java_package = "com.google.video.widevine.protos";
import "protos/public/provisioned_device_info.proto";
// Contains DRM and OEM certificate status and device information for a
// specific system ID.
// TODO(user): Move this to its own file.
message DeviceCertificateStatus {
enum DeprecatedStatus {
DEPRECATED_VALID = 0;
DEPRECATED_REVOKED = 1;
}
enum Status {
STATUS_UNKNOWN = 0;
STATUS_IN_TESTING = 10; // Pre-release, active device.
STATUS_RELEASED = 20; // Released, active device.
STATUS_TEST_ONLY = 30; // Development-only device.
STATUS_REVOKED = 40; // Revoked device.
}
// Serial number of the intermediate DrmCertificate to which this
// message refers. Required.
optional bytes drm_serial_number = 1;
// Status of the certificate. Optional & deprecated in favor of |status|
// below.
optional DeprecatedStatus deprecated_status = 2 [default = DEPRECATED_VALID];
// Device model information about the device to which the intermediate
// certificate(s) correspond.
optional ProvisionedDeviceInfo device_info = 4;
// Serial number of the OEM X.509 intermediate certificate for this type
// of device. Present only if the device is OEM-provisioned.
optional bytes oem_serial_number = 5;
// Status of the device. Optional.
optional Status status = 6 [default = STATUS_UNKNOWN];
}
// List of DeviceCertificateStatus. Used to propagate certificate revocation
// status and device information.
message DeviceCertificateStatusList {
// POSIX time, in seconds, when the list was created. Required.
optional uint32 creation_time_seconds = 1;
// DeviceCertificateStatus for each system ID.
repeated DeviceCertificateStatus certificate_status = 2;
// The duration for this device certificate status list in seconds. Within
// this grace period, content provider can set device certificate status list
// in the SDK. The default time is 7 days.
optional uint32 duration_time_seconds = 3;
}
// Signed CertificateStatusList
message SignedDeviceCertificateStatusList {
// Serialized DeviceCertificateStatusList. Required.
optional bytes certificate_status_list = 1;
// Signature of certificate_status_list. Signed with root certificate private
// key using RSASSA-PSS. Required.
optional bytes signature = 2;
}
// A signed request sent to Widevine Provisioning Server (keysmith) to retrieve
// 'DeviceCertificateStatusList'.
message SignedDeviceCertificateStatusListRequest {
// Serialized DeviceCertificateStatusListRequest. Required.
optional bytes device_certificate_status_list_request = 1;
// Signature of device_certificate_status_list_request. Signed with root
// certificate private key using RSASSA-PSS. Required.
optional bytes signature = 2;
}
// A request sent to Widevine Provisioning Server (keysmith) to retrieve
// 'DeviceCertificateStatusList'.
message DeviceCertificateStatusListRequest {
// The version of sdk. Required.
optional string sdk_version = 1;
// POSIX time, in seconds, when this request was created. Required.
optional uint64 sdk_time_seconds = 2;
}
// Contains response from Widevine Provisioning Server with status and
// DeviceCertificateStatusList information.
message DeviceCertificateStatusListResponse {
enum Status {
UNKNOWN = 0;
OK = 1;
SIGNATURE_FAILED = 2;
NOT_AUTHORIZED = 3;
AUTHORIZATION_EXPIRED = 4;
PROVIDER_ID_MISSING = 5;
INTERNAL_ERROR = 6;
}
// Status returned by the Widevine Provisioning Server. Required.
optional Status status = 1;
// String message returned by the Widevine Provisioning Server.
optional string status_message = 2;
// Serialized SignedDeviceCertificateStatusList. Required.
optional bytes signed_device_certificate_status_list = 3;
}

50
protos/public/drm_certificate.proto Normal file
View File

@@ -0,0 +1,50 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2017 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
//
// Description:
// DRM certificate object definition.
syntax = "proto2";
package widevine;
option java_outer_classname = "DrmCertificateProtos";
option java_package = "com.google.video.widevine.protos";
// DRM certificate definition for user devices, intermediate, service, and root
// certificates.
message DrmCertificate {
enum Type {
ROOT = 0; // ProtoBestPractices: ignore.
DEVICE_MODEL = 1;
DEVICE = 2;
SERVICE = 3;
PROVISIONER = 4;
}
// Type of certificate. Required.
optional Type type = 1;
// 128-bit globally unique serial number of certificate.
// Value is 0 for root certificate. Required.
optional bytes serial_number = 2;
// POSIX time, in seconds, when the certificate was created. Required.
optional uint32 creation_time_seconds = 3;
// Device public key. PKCS#1 ASN.1 DER-encoded. Required.
optional bytes public_key = 4;
// Widevine system ID for the device. Required for intermediate and
// user device certificates.
optional uint32 system_id = 5;
// Deprecated field, which used to indicate whether the device was a test
// (non-production) device. The test_device field in ProvisionedDeviceInfo
// below should be observed instead.
optional bool test_device_deprecated = 6 [deprecated = true];
// Service identifier (web origin) for the provider which owns the
// certificate. Required for service and provisioner certificates.
optional string provider_id = 7;
}

239
protos/public/errors.proto Normal file
View File

@@ -0,0 +1,239 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2017 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
//
// Description:
// Definitions of the common Widevine protocol errors.
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
enum Errors {
// Attempt to parse the signed message failed.
SIGNED_MESSAGE_PARSE_ERROR = 100;
// Attempt to parse the license request message failed.
LICENSE_REQUEST_PARSE_ERROR = 101;
// Attempt to parse the session state message failed.
SESSION_STATE_PARSE_ERROR = 102;
// The license request does not contain content_id. Since client_id was
// not present, content_id was expected.
MISSING_CONTENT_ID = 103;
// The license request does not contain license_id. Since client_id was
// not present, license_id was expected.
MISSING_LICENSE_ID = 104;
// The license request does not contain client_id. Since this is not a
// renewal, client_id was expected.
MISSING_CLIENT_ID = 105;
// ClientCert construction failed.
INVALID_SIGNATURE = 106;
// Session Id from the session state does not match session Id specified.
SESSION_ID_MISMATCH = 107;
// License Id from session state does not match license Id in the renewal
// license request.
RENEWAL_LICENSE_ID_MISMATCH = 108;
// Signing key is missing from the session state.
MISSING_RENEWAL_SIGNING_KEY = 109;
// Signature verification failed when using the session's state signing key.
INVALID_RENEWAL_SIGNATURE = 110;
// System Id from the keybox is not supported.
UNSUPPORTED_SYSTEM_ID = 111;
// Error trying to encrypt.
ENCRYPT_ERROR = 112;
// Error trying to decrypt the keybox.
KEYBOX_DECRYPT_ERROR = 113;
// Client Id type is not expected.
INVALID_CLIENT_CERT_TYPE = 114;
// Error usung the keybox token. Perhaps the size is less than 72 bytes.
INVALID_KEYBOX_TOKEN = 115;
// Unable to find a preprovisionnig key based on the system Id. Perhaps the
// device was revoked.
MISSING_PRE_PROV_KEY = 116;
// Unable to verify the token hash.
TOKEN_HASH_MISMATCH = 117;
// Unable to create the encryption key for the initial license.
MISSING_ENCRYPTION_KEY = 118;
// Signing key is missing from the session state.
MISSING_SIGNING_KEY = 119;
// Serialization failed.
UNABLE_TO_SERIALIZE_SIGNED_MESSAGE = 120;
// Serialization failed.
UNABLE_TO_SERIALIZE_SESSION_STATE = 121;
// Client cert is missing. Perhaps an attempt to renew with content keys.
MISSING_CLIENT_CERT = 122;
// Attempt to use GenerateSignedLicense() for license renewal containing
// content keys.
RENEWAL_WITH_CONTENT_KEYS_NOT_ALLOWED = 123;
// Invalid Nonce, expected as a 32 bit unsigned int.
INVALID_KEY_CONTROL_NONCE = 124;
// Invalid renewal signing key size. For protocol version 2_0, size must be 32
// bytes. For protocol version 2_1, size must be 64 bytes.
INVALID_RENEWAL_SIGNING_KEY_SIZE = 125;
// Invalid Device Certificate token. Perhaps the intermediate cert was
// replaced or the device cert is corrupt. Will result in re-provisioning.
INVALID_DRM_CERTIFICATE = 126;
// Device Certificate was revoked.
DRM_DEVICE_CERTIFICATE_REVOKED = 127;
// Device Certificate not in the certificate status list, and unknown
// devices are not allowed.
DRM_DEVICE_CERTIFICATE_UNKNOWN = 128;
// Invalid Certificate status list.
INVALID_CERTIFICATE_STATUS_LIST = 129;
// Expired Certificate status list.
EXPIRED_CERTIFICATE_STATUS_LIST = 130;
// KeyControl block generation failed.
KEYCONTROL_GENERATION_ERROR = 131;
// The device root certificate was not set.
ROOT_CERTIFICATE_NOT_SET = 132;
// The service certificate is invalid.
INVALID_SERVICE_CERTIFICATE = 133;
// Service certificate not found.
SERVICE_CERTIFICATE_NOT_FOUND = 134;
// Invalid EncryptedClientIdentification message.
INVALID_ENCRYPTED_CLIENT_IDENTIFICATION = 135;
// No service certificates have been added.
SERVICE_CERTIFICATE_NOT_SET = 136;
// Could not process service private key.
INVALID_SERVICE_PRIVATE_KEY = 137;
// ClientIdentification and EncryptedClientIdentification were specified.
MULTIPLE_CLIENT_ID = 138;
// Message is a service certificate request.
SERVICE_CERTIFICATE_REQUEST_MESSAGE = 139;
// Invalid message type
INVALID_MESSAGE_TYPE = 140;
// Remote attestation verification failed.
REMOTE_ATTESTATION_FAILED = 141;
// can_play = true for license RELEASE response.
INVALID_RELEASE_CAN_PLAY_VALUE = 142;
// can_persist = false for offline license.
INVALID_OFFLINE_CAN_PERSIST = 143;
// Session usage table entry is malformed.
INVALID_SESSION_USAGE_TABLE_ENTRY = 144;
// Session usage table entry signature verification failed.
INVALID_SESSION_USAGE_SIGNATURE = 145;
// The type of ContentIdentification is unrecognized
INVALID_CONTENT_ID_TYPE = 146;
// Unknown InitData type.
UNKNOWN_INIT_DATA_TYPE = 147;
// InitData.init_data field is missing.
MISSING_INIT_DATA = 148;
// InitData contains invalid ISO BMFF boxes.
INVALID_CENC_INIT_DATA = 149;
// Malformed PSSH box.
INVALID_PSSH = 150;
// PSSH box version not supported.
UNSUPPORTED_PSSH_VERSION = 151;
// Widevine PSSH Data malformed.
INVALID_WIDEVINE_PSSH_DATA = 152;
// Device capabilities are too low for the specified output protection.
DEVICE_CAPABILITIES_TOO_LOW = 153;
// Invalid master signing key size. Must be 16 bytes.
INVALID_MASTER_SIGNING_KEY_SIZE = 154;
// Invalid signing key size. Must be 64 bytes.
INVALID_SIGNING_KEY_SIZE = 155;
// Keybox tokens not intialized. PreProvisioning keys not loaded.
KEYBOX_TOKEN_KEYS_NOT_INITIALIZED = 156;
// Provider Id in device certificate does not match service Id for License
// server. Check cert used when initializing with AddDrmServiceCertificate().
PROVIDER_ID_MISMATCH = 157;
// Certificate chain not selected.
CERT_CHAIN_NOT_SELECTED = 158;
// Failed to read the SRM file from specified location.
INVALID_SRM_LOCATION = 159;
// Invalid SRM file size, HDCP2 SRM file must be at least 396 bytes.
INVALID_SRM_SIZE = 160;
// SRM file signature validation failed.
INVALID_SRM_SIGNATURE = 161;
// Unable to find provider.
MISSING_PROVIDER = 162;
// Unable to find group master key id.
MISSING_GROUP_MASTER_KEY_ID = 163;
// Unable to find group master key.
MISSING_GROUP_MASTER_KEY = 164;
// Invalid Provider session token size. Must be less than 256 bytes.
INVALID_PROVIDER_SESSION_TOKEN_SIZE = 165;
// Failure to decrypt data with service certificate private key.
SERVICE_PRIVATE_KEY_DECRYPT_ERROR = 166;
// Disallowed development certificate.
DEVELOPMENT_CERTIFICATE_NOT_ALLOWED = 167;
// Invalid message. E.g. Deserialization failed.
INVALID_MESSAGE = 168;
// Invalid key size.
INVALID_KEY_SIZE = 169;
}

403
protos/public/license_protocol.proto Normal file
View File

@@ -0,0 +1,403 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
//
// Description:
// Definitions of the protocol buffer messages used in the Widevine license
// exchange protocol, described in Widevine license exchange protocol document
// TODO(user): find out a right way to strip out all the doc link.
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
import "protos/public/client_identification.proto";
import "protos/public/remote_attestation.proto";
// option optimize_for = LITE_RUNTIME;
enum LicenseType {
STREAMING = 1;
OFFLINE = 2;
}
enum PlatformVerificationStatus {
// The platform is not verified.
PLATFORM_UNVERIFIED = 0;
// Tampering detected on the platform.
PLATFORM_TAMPERED = 1;
// The platform has been verified by means of software.
PLATFORM_SOFTWARE_VERIFIED = 2;
// The platform has been verified by means of hardware (e.g. secure boot).
PLATFORM_HARDWARE_VERIFIED = 3;
// Platform verification was not performed.
PLATFORM_NO_VERIFICATION = 4;
// Platform and secure storage capability have been verified by means of
// software.
PLATFORM_SECURE_STORAGE_SOFTWARE_VERIFIED = 5;
}
// LicenseIdentification is propagated from LicenseRequest to License,
// incrementing version with each iteration.
message LicenseIdentification {
optional bytes request_id = 1;
optional bytes session_id = 2;
optional bytes purchase_id = 3;
optional LicenseType type = 4;
optional int32 version = 5;
optional bytes provider_session_token = 6;
}
message License {
// LINT.IfChange
message Policy {
// Indicates that playback of the content is allowed.
optional bool can_play = 1 [default = false];
// Indicates that the license may be persisted to non-volatile
// storage for offline use.
optional bool can_persist = 2 [default = false];
// Indicates that renewal of this license is allowed.
optional bool can_renew = 3 [default = false];
// For the |*duration*| fields, playback must halt when
// license_start_time (seconds since the epoch (UTC)) +
// license_duration_seconds is exceeded. A value of 0
// indicates that there is no limit to the duration.
// Indicates the rental window.
optional int64 rental_duration_seconds = 4 [default = 0];
// Indicates the viewing window, once playback has begun.
optional int64 playback_duration_seconds = 5 [default = 0];
// Indicates the time window for this specific license.
optional int64 license_duration_seconds = 6 [default = 0];
// The |renewal*| fields only apply if |can_renew| is true.
// The window of time, in which playback is allowed to continue while
// renewal is attempted, yet unsuccessful due to backend problems with
// the license server.
optional int64 renewal_recovery_duration_seconds = 7 [default = 0];
// All renewal requests for this license shall be directed to the
// specified URL.
optional string renewal_server_url = 8;
// How many seconds after license_start_time, before renewal is first
// attempted.
optional int64 renewal_delay_seconds = 9 [default = 0];
// Specifies the delay in seconds between subsequent license
// renewal requests, in case of failure.
optional int64 renewal_retry_interval_seconds = 10 [default = 0];
// Indicates that the license shall be sent for renewal when usage is
// started.
optional bool renew_with_usage = 11 [default = false];
// Indicates to client that license renewal and release requests ought to
// include ClientIdentification (client_id).
optional bool always_include_client_id = 12 [default = false];
// Duration of grace period before playback_duration_seconds (short window)
// goes into effect. Optional.
optional int64 play_start_grace_period_seconds = 13 [default = 0];
// Enables "soft enforcement" of playback_duration_seconds, letting the user
// finish playback even if short window expires. Optional.
optional bool soft_enforce_playback_duration = 14 [default = false];
}
message KeyContainer {
enum KeyType {
SIGNING = 1; // Exactly one key of this type must appear.
CONTENT = 2; // Content key.
KEY_CONTROL = 3; // Key control block for license renewals. No key.
OPERATOR_SESSION = 4; // wrapped keys for auxiliary crypto operations.
ENTITLEMENT = 5; // Entitlement keys.
}
// The SecurityLevel enumeration allows the server to communicate the level
// of robustness required by the client, in order to use the key.
enum SecurityLevel {
// Software-based whitebox crypto is required.
SW_SECURE_CRYPTO = 1;
// Software crypto and an obfuscated decoder is required.
SW_SECURE_DECODE = 2;
// The key material and crypto operations must be performed within a
// hardware backed trusted execution environment.
HW_SECURE_CRYPTO = 3;
// The crypto and decoding of content must be performed within a hardware
// backed trusted execution environment.
HW_SECURE_DECODE = 4;
// The crypto, decoding and all handling of the media (compressed and
// uncompressed) must be handled within a hardware backed trusted
// execution environment.
HW_SECURE_ALL = 5;
}
message KeyControl {
// If present, the key control must be communicated to the secure
// environment prior to any usage. This message is automatically generated
// by the Widevine License Server SDK.
optional bytes key_control_block = 1;
optional bytes iv = 2;
}
message OutputProtection {
// Indicates whether HDCP is required on digital outputs, and which
// version should be used.
enum HDCP {
HDCP_NONE = 0;
HDCP_V1 = 1;
HDCP_V2 = 2;
HDCP_V2_1 = 3;
HDCP_V2_2 = 4;
HDCP_V2_3 = 5;
HDCP_NO_DIGITAL_OUTPUT = 0xff;
}
optional HDCP hdcp = 1 [default = HDCP_NONE];
// Indicate the CGMS setting to be inserted on analog output.
enum CGMS {
CGMS_NONE = 42;
COPY_FREE = 0;
COPY_ONCE = 2;
COPY_NEVER = 3;
}
optional CGMS cgms_flags = 2 [default = CGMS_NONE];
enum HdcpSrmRule {
HDCP_SRM_RULE_NONE = 0;
// In 'required_protection', this means most current SRM is required.
// Update the SRM on the device. If update cannot happen,
// do not allow the key.
// In 'requested_protection', this means most current SRM is requested.
// Update the SRM on the device. If update cannot happen,
// allow use of the key anyway.
CURRENT_SRM = 1;
}
optional HdcpSrmRule hdcp_srm_rule = 3 [default = HDCP_SRM_RULE_NONE];
// Optional requirement to indicate analog output is not allowed.
optional bool disable_analog_output = 4 [default = false];
}
message VideoResolutionConstraint {
// Minimum and maximum video resolutions in the range (height x width).
optional uint32 min_resolution_pixels = 1;
optional uint32 max_resolution_pixels = 2;
// Optional output protection requirements for this range. If not
// specified, the OutputProtection in the KeyContainer applies.
optional OutputProtection required_protection = 3;
}
message OperatorSessionKeyPermissions {
// Permissions/key usage flags for operator service keys
// (type = OPERATOR_SESSION).
optional bool allow_encrypt = 1 [default = false];
optional bool allow_decrypt = 2 [default = false];
optional bool allow_sign = 3 [default = false];
optional bool allow_signature_verify = 4 [default = false];
}
optional bytes id = 1;
optional bytes iv = 2;
optional bytes key = 3;
optional KeyType type = 4;
optional SecurityLevel level = 5 [default = SW_SECURE_CRYPTO];
optional OutputProtection required_protection = 6;
// NOTE: Use of requested_protection is not recommended as it is only
// supported on a small number of platforms.
optional OutputProtection requested_protection = 7;
optional KeyControl key_control = 8;
optional OperatorSessionKeyPermissions operator_session_key_permissions = 9;
// Optional video resolution constraints. If the video resolution of the
// content being decrypted/decoded falls within one of the specified ranges,
// the optional required_protections may be applied. Otherwise an error will
// be reported.
// NOTE: Use of this feature is not recommended, as it is only supported on
// a small number of platforms.
repeated VideoResolutionConstraint video_resolution_constraints = 10;
// Optional flag to indicate the key must only be used if the client
// supports anti rollback of the user table. Content provider can query the
// client capabilities to determine if the client support this feature.
optional bool anti_rollback_usage_table = 11 [default = false];
// Optional not limited to commonly known track types such as SD, HD.
// It can be some provider defined label to identify the track.
optional string track_label = 12;
}
optional LicenseIdentification id = 1;
optional Policy policy = 2;
repeated KeyContainer key = 3;
// Time of the request in seconds (UTC) as set in
// LicenseRequest.request_time. If this time is not set in the request,
// the local time at the license service is used in this field.
optional int64 license_start_time = 4;
// TODO(b/65054419): Deprecate remote_attestation_verified in favor of
// platform_verification_status, below.
optional bool remote_attestation_verified = 5 [default = false];
// Client token generated by the content provider. Optional.
optional bytes provider_client_token = 6;
// 4cc code specifying the CENC protection scheme as defined in the CENC 3.0
// specification. Propagated from Widevine PSSH box. Optional.
optional uint32 protection_scheme = 7;
// 8 byte verification field "HDCPDATA" followed by unsigned 32 bit minimum
// HDCP SRM version (whether the version is for HDCP1 SRM or HDCP2 SRM
// depends on client max_hdcp_version).
optional bytes srm_requirement = 8;
// If present this contains a signed SRM file (either HDCP1 SRM or HDCP2 SRM
// depending on client max_hdcp_version) that should be installed on the
// client device.
optional bytes srm_update = 9;
// Indicates the status of any type of platform verification performed by the
// server.
optional PlatformVerificationStatus platform_verification_status = 10
[default = PLATFORM_NO_VERIFICATION];
// IDs of the groups for which keys are delivered in this license, if any.
repeated bytes group_ids = 11;
}
enum ProtocolVersion {
VERSION_2_0 = 20;
VERSION_2_1 = 21;
}
message LicenseRequest {
message ContentIdentification {
message CencDeprecated {
repeated bytes pssh = 1;
optional LicenseType license_type = 2;
optional bytes request_id = 3; // Opaque, client-specified.
}
message WebmDeprecated {
optional bytes header = 1;
optional LicenseType license_type = 2;
optional bytes request_id = 3; // Opaque, client-specified.
}
message ExistingLicense {
optional LicenseIdentification license_id = 1;
optional int64 seconds_since_started = 2;
optional int64 seconds_since_last_played = 3;
optional bytes session_usage_table_entry = 4;
}
message InitData {
enum InitDataType {
CENC = 1;
WEBM = 2;
}
optional InitDataType init_data_type = 1 [default = CENC];
optional bytes init_data = 2;
optional LicenseType license_type = 3;
optional bytes request_id = 4;
}
oneof content_id_variant {
// Exactly one of these must be present.
CencDeprecated cenc_id_deprecated = 1;
WebmDeprecated webm_id_deprecated = 2;
ExistingLicense existing_license = 3;
InitData init_data = 4;
}
}
enum RequestType {
NEW = 1;
RENEWAL = 2;
RELEASE = 3;
}
// The client_id provides information authenticating the calling device. It
// contains the Widevine keybox token that was installed on the device at the
// factory. This field or encrypted_client_id below is required for a valid
// license request, but both should never be present in the same request.
optional ClientIdentification client_id = 1;
optional ContentIdentification content_id = 2;
optional RequestType type = 3;
// Time of the request in seconds (UTC) as set by the client.
optional int64 request_time = 4;
// Old-style decimal-encoded string key control nonce.
optional bytes key_control_nonce_deprecated = 5;
optional ProtocolVersion protocol_version = 6 [default = VERSION_2_0];
// New-style uint32 key control nonce, please use instead of
// key_control_nonce_deprecated.
optional uint32 key_control_nonce = 7;
// Encrypted ClientIdentification message, used for privacy purposes.
optional EncryptedClientIdentification encrypted_client_id = 8;
}
message LicenseError {
enum Error {
// The device credentials are invalid. The device must re-provision.
INVALID_DRM_DEVICE_CERTIFICATE = 1;
// The device credentials have been revoked. Re-provisioning is not
// possible.
REVOKED_DRM_DEVICE_CERTIFICATE = 2;
// The service is currently unavailable due to the backend being down
// or similar circumstances.
SERVICE_UNAVAILABLE = 3;
}
optional Error error_code = 1;
}
message MetricData {
enum MetricType {
// The time spent in the 'stage', specified in microseconds.
LATENCY = 1;
// The UNIX epoch timestamp at which the 'stage' was first accessed in
// microseconds.
TIMESTAMP = 2;
}
message TypeValue {
optional MetricType type = 1;
// The value associated with 'type'. For example if type == LATENCY, the
// value would be the time in microseconds spent in this 'stage'.
optional int64 value = 2 [default = 0];
}
// 'stage' that is currently processing the SignedMessage. Required.
optional string stage_name = 1;
// metric and associated value.
repeated TypeValue metric_data = 2;
}
message SignedMessage {
enum MessageType {
LICENSE_REQUEST = 1;
LICENSE = 2;
ERROR_RESPONSE = 3;
SERVICE_CERTIFICATE_REQUEST = 4;
SERVICE_CERTIFICATE = 5;
SUB_LICENSE = 6;
CAS_LICENSE_REQUEST = 7;
CAS_LICENSE = 8;
}
optional MessageType type = 1;
optional bytes msg = 2;
optional bytes signature = 3;
optional bytes session_key = 4;
// Remote attestation data which will be present in the initial license
// request for ChromeOS client devices operating in verified mode. Remote
// attestation challenge data is |msg| field above. Optional.
optional RemoteAttestation remote_attestation = 5;
repeated MetricData metric_data = 6;
}

120
protos/public/license_server_sdk.proto Normal file
View File

@@ -0,0 +1,120 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
//
// Description:
// Definitions of the protocol buffer messages used in the Widevine License
// Server SDK.
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
import "protos/public/license_protocol.proto";
import "protos/public/widevine_pssh.proto";
// This message is used to pass optional data on initial license issuance.
// LINT.IfChange
message SessionInit {
optional bytes session_id = 1;
optional bytes purchase_id = 2;
// master_signing_key should be 128 bits in length.
optional bytes master_signing_key = 3;
// signing_key should be 512 bits in length to be split into two
// (server || client) HMAC-SHA256 keys.
optional bytes signing_key = 4;
optional int64 license_start_time = 5;
// Client token for the session. This session is for use by the license
// provider, and is akin to a client cookie. It will be copied to
// License::provider_client_token, and sent back by the client in
// ClientIdentification::provider_client_token in all license requests
// thereafter.
optional bytes provider_client_token = 6;
// Session token for the session. This token is for use by the license
// provider, and is akin to a session cookie. It will be copied to
// LicenseIdentfication::provider_session_token, and sent back in all
// license renewal and release requests for the session thereafter.
optional bytes provider_session_token = 7;
// If false and the request contains a provider_client_token, use the token
// from the request even if SessionInit.provider_client_token is specified.
// If true and the request contains a provider_client_token, use
// SessionInit.provider_client_token.
optional bool override_provider_client_token = 8 [default = false];
// Set true if group key(s) should not be included in the license. If true,
// the result license will contain keys for the current content only,
// therefore the license cannot be used to playback other content in the same
// group.
optional bool exclude_group_key = 9 [default = false];
// If set to true, the OEM Crypto API version will be not be reflected in the
// license response.
optional bool disable_oem_crypto_api_version_reflection = 10
[default = false];
// For testing use only. Service Providers can test how devices are handling
// the version reflection in KCB (key control block) by specifying the api
// version that is reflected back in the KCB. If an override is specified,
// the override value will be used in the KCB instead of the api version
// specified by the client in client_capabilities.
// Crypto API version is represented as 4 bytes, for example 'kcxx', where xx
// is the API version. Some valid values are: 'kc09', kc10', kc14'. Only the
// first 4 bytes are used and additional bytes are ignored.
optional bytes override_oem_crypto_api_version = 11;
}
// This message is used by the server to preserve and restore session state.
message SessionState {
optional LicenseIdentification license_id = 1;
optional bytes signing_key = 2;
optional uint32 keybox_system_id = 3;
// Provider client token sent back in the license.
optional bytes provider_client_token = 4;
// License counter associated with the avove token.
optional uint32 license_counter = 5;
}
message ContentInfo {
message ContentInfoEntry {
message Pssh {
optional bytes system_id = 1;
oneof pssh_data {
// Populated for non-Widevine PSSH boxes.
bytes raw_data = 2;
// Populated if system_id matches Widevines system ID.
WidevinePsshData widevine_data = 3;
}
}
repeated bytes key_ids = 1;
// Populated if init_data_type = CENC.
optional Pssh pssh = 2;
}
optional LicenseRequest.ContentIdentification.InitData.InitDataType
init_data_type = 1;
repeated ContentInfoEntry content_info_entry = 2;
}
// Usage report sent in a license release.
message SessionUsage {
enum ClockSecurityLevel {
INSECURE_CLOCK = 0;
SECURE_TIMER = 1;
SECURE_CLOCK = 2;
HW_SECURE_CLOCK = 3;
}
// Set to true is the license was used.
optional bool license_used = 1;
// Set to true is the license was released.
optional bool license_released = 2;
optional ClockSecurityLevel clock_security_level = 3;
optional uint64 seconds_since_license_received = 4;
// The decrypt values are only set if the license was used.
optional uint64 seconds_since_first_decrypt = 5;
optional uint64 seconds_since_last_decrypt = 6;
optional bytes provider_session_token = 7;
}

373
protos/public/license_services.proto Normal file
View File

@@ -0,0 +1,373 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
// Data and Service definitions for Widevine DRM Service.
syntax = "proto2";
option java_package = "com.google.video.widevine.licensing";
import "protos/public/client_identification.proto";
import "protos/public/license_protocol.proto";
import "protos/public/license_server_sdk.proto";
package widevine;
// TODO(user): refactor license_services.proto and sdk_stats.proto.
enum ModularDrmType {
WIDEVINE = 0;
PLAYREADY = 1;
FAIRPLAY = 2;
}
// LINT.IfChange
// The Modular DRM license request sent to the RPC service.
message ModularDrmLicenseRequest {
// The request payload. This is usually the HTTP Post body of a request.
// Required.
optional bytes payload = 1;
// A ContentKeySpec identifies a content key by track type name. It also
// specifies the policy that should be used for this key.
// LINT.IfChange
message ContentKeySpec {
// A track type is used to represent a set of tracks that share the same
// content key and security level. Common values are SD, HD, UHD1, UHD2
// and AUDIO. Content providers may use arbitrary strings for track type
// as long as they are consistent with the track types used at registration
// time. Required.
optional string track_type = 1;
// The following settings override pre-stored settings referenced by the
// policy_name.
// Security level defines the robustness requirements on key handling at
// client side.
optional License.KeyContainer.SecurityLevel security_level = 2;
optional License.KeyContainer.OutputProtection required_output_protection =
3;
optional License.KeyContainer.OutputProtection requested_output_protection =
4;
// Optional content key Id for this track. If specified, this Id is used to
// identify the key for this track. If not specified, the license server
// will either generate or lookup the key Id for this track.
optional bytes key_id = 5;
// Optional content key for this track. If specified, this key is used to
// build the license. If not specified, the license server will generate
// or lookup the key for this track.
optional bytes key = 6;
// TODO (robinconnell): iv, key_type, and operator_session_key_permissions
// where added to support OPERATION_SESSION licenses. But with the addition
// of the field the ContentKeySpec message is almost the same as the
// License.KeyContainer message. Merge the two messages needs to be
// investigated.
// Optional iv used to encrypt the keys. If not specified random iv will be
// generated.
optional bytes iv = 7;
optional License.KeyContainer.KeyType key_type = 8;
optional License.KeyContainer.OperatorSessionKeyPermissions
operator_session_key_permissions = 9;
// Optional video resolution constraints. If the video resolution of the
// content being decrypted/decoded falls within one of the specified ranges,
// the optional required_protections may be applied. Otherwise an error will
// be reported.
repeated License.KeyContainer.VideoResolutionConstraint
video_resolution_constraints = 10;
}
// Specifies a list of content keys and policies to be included in a license.
repeated ContentKeySpec content_key_specs = 2;
// A shortcut for specifying which track types should be included in a
// license.
// This field is ignored if one or more content_key_specs is specified.
// LINT.IfChange
enum CommonTrackTypeSet {
// Implies SD and HD.
SD_HD = 0;
// Implies SD only.
SD_ONLY = 1;
// Implies SD, HD, and UHD1.
SD_UHD1 = 2;
// Implies SD, HD, UHD1 and UHD2.
SD_UHD2 = 3;
}
optional CommonTrackTypeSet allowed_track_types = 3 [default = SD_UHD1];
// Identifier used to derive KeyId(s) and Content Key(s)
// for each content_key_specs.track_type. Required only
// when the content id isn't part of the PSSH. Used for
// backward-compatibility with existing YouTube CENC
// videos. Ignored for assets whose PSSH includes a
// content id.
optional bytes content_id = 4;
// Used to look up Content Key(s) and policy. Required.
optional string provider = 5;
// A blob of data to be sent to client and bounce back in subsequent heartbeat
// requests. Maps to license.license_id.prchase.id.
optional string replay_data = 6;
// License policy information could come from various sources. For any given
// field in a policy, the final value is determined by (in the order by
// highest precedence to lowest)
// 1. request.policy // acts as policy override.
// 2. if !use_policy_overrides_exclusively,
// if request.has_policy_name
// GetStoredPolicy(request.policy_name)
// else
// GetStoredPolicy(GetRegisteredAsset(request.content_id).policy_name)
// Policy overrides specified by a content provider proxy.
optional License.Policy policy_overrides = 7;
// Use a previously registered policy named <policy_name>.
optional string policy_name = 8;
// Use Policy attributes specified by policy_overrides and
// skip any Policy lookup from storage.
optional bool use_policy_overrides_exclusively = 9 [default = false];
// Indicates whether this is a Widevine, PlayReady or FairPlay license
// request.
optional ModularDrmType drm_type = 10 [default = WIDEVINE];
// This is now handled as a server configuration, only enabled for QA and UAT.
optional bool allow_test_device_deprecated = 11 [deprecated = true];
// The IP Address of the portal that is forwarding the license request from
// the device.
optional string client_ip_address = 13;
// The client software identifier, as used by HTTP.
optional string user_agent = 14;
// Client token owned by Content Provider. This value is added to the
// license response.
// TODO(user): Deprecated and use session_init instead.
optional bytes provider_client_token = 15;
// Session token owned by Content Provider. This value is added to the
// license response.
// TODO(user): Deprecated and use session_init instead.
optional bytes provider_session_token = 16;
// Pass optional data to initial license.
optional SessionInit session_init = 17;
// Indicates whether to process the license request and return the parsed data
// only, hence not generating an actual license.
optional bool parse_only = 18 [default = false];
// The request identifier for this license request as specified by the
// content provider proxy. Optional.
optional string content_provider_request_id = 19 [default = "unspecified"];
// Indicates all key and iv values in ContentKeySpec are encrypted with this
// sesion key. This session key is encrypted with the providers AES key. If
// session_key is used, session_iv must also be specified.
optional bytes session_key = 20;
// Indicates all key and iv values in ContentKeySpec are encrypted with this
// session IV. This session IV is encrypted with the provider's AES key.
optional bytes session_iv = 21;
// In prod environment, normally license request from IN_TESTING devices
// will be rejected. But if test_content is true, such request from
// a IN_TESTING device will succeed.
// In all other environments, test_content has no impact, licensing for
// IN_TESTING wil be allowed regardless.
// See b/26692995 for more info.
optional bool test_content = 22 [default = false];
// The name of the provider making the request. This field will be
// populated by content providers who are serving content packaged by
// content owners. If the content owner and content provider are the same,
// this field will be empty.
// Example: Play is a content provider which serves content packaged and
// owned by the content owner, YouTube.
optional string requesting_provider = 23;
// Serialized ClientIdentification protobuf message returned by the Proxy SDK
// GetClientInfoAsAtring() API.
optional bytes client_id_msg = 24;
// If set to true and the device is L3, return AUDIO and SD keys only.
// This takes precedence over allowed_track_types.
optional bool sd_only_for_l3 = 25 [default = false];
// Content providers who host their own service certificate must set this
// field by using the ProxySDK(internally, RequestInspector) API.
optional PlatformVerificationStatus platform_verification_status = 26
[default = PLATFORM_NO_VERIFICATION];
}
// LINT.IfChange
// A generic protobuf used as the request format of various Modular DRM APIs,
// including GetModularDrmLicense and KeyRequest APIs.
// The following docs describe how the proto is interpreted by various APIs.
message SignedModularDrmRequest {
// For GetModularDrmLicenseExternal, request is a ModularDrmLicenseRequest in
// JSON format.
optional bytes request = 1;
optional bytes signature = 2;
// Identifies the entity sending / signing the request.
optional string signer = 3;
// The IP Address of the portal that is forwarding the request from the
// original sender.
optional string client_ip_address = 4;
// The client software identifier, as used by HTTP.
optional string user_agent = 5;
// The request identifier for this license request as specified by the
// content provider proxy. Optional.
optional string content_provider_request_id = 6 [default = "unspecified"];
// The provider on behalf of whom, this request is made. This field will be
// populated by content providers who are serving content packaged by content
// owners ("signer").
optional string provider = 7;
}
// LINT.IfChange
message SignedModularDrmResponse {
// A CommonEncryptionResponse message in JSON format.
optional bytes response = 1;
optional bytes signature = 2;
}
message LicenseMetadata {
// DRM-specific status code from the WvmStatus enum. It's a uint32 here
// because providers can use the 'setstatus' field to supply their own
// arbitrary return values.
optional uint32 drm_status_code = 1;
// Asset Identifier that was generated by this DRM service.
optional uint64 asset_id = 2;
optional string asset_name = 4;
}
// LINT.IfChange
message ModularDrmLicenseResponse {
enum Status {
OK = 0;
SIGNATURE_FAILED = 1;
INVALID_LICENSE_CHALLENGE = 2;
INVALID_CONTENT_INFO = 3;
POLICY_UNKNOWN = 4;
MALFORMED_REQUEST = 5;
INTERNAL_ERROR = 6;
PROVIDER_MISSING = 7;
INVALID_REQUEST = 8;
ACCESS_DENIED = 9;
SIGNING_KEY_EXPIRED = 10;
}
optional Status status = 1;
optional string status_message = 2;
optional bytes license = 3;
message LicenseMetadata {
optional bytes content_id = 1;
optional LicenseType license_type = 2;
optional LicenseRequest.RequestType request_type = 3;
// The current SRM version sent back to client in the license.
optional uint32 srm_version = 4;
// Whether SRM file was included in the license.
optional bool srm_included = 5 [default = false];
// Sets the value from
// ClientIdentification.ClientCapabilities.can_update_srm in the license
// request.
optional bool can_update_srm = 6 [default = false];
}
optional LicenseMetadata license_metadata = 4;
message Track {
optional string type = 1;
optional bytes key_id = 2;
}
// A subset of data from the Widevine PSSH.
message Pssh {
repeated bytes key_id = 1;
optional bytes content_id = 2;
}
// List of tracks for which keys exist in the license response.
repeated Track supported_tracks = 5;
// Make as identified from the provisioned device info. If that is not
// available, the device make will be retrieved from the license request.
optional string make = 6;
// Model as identified from the provisioned device info. If that is not
// available, the device model will be retrieved from the license request.
optional string model = 7;
// Set to true if the license request contained remote attestation challenge
// and the challenge was verified.
optional bool remote_attestation_verified = 8;
// Widevine-defined security level.
optional uint32 security_level = 9;
// Actual SDK license status as defined in widevine/server/sdk/error.proto.
optional uint32 internal_status = 10;
// Usage report sent in a license release.
optional SessionUsage session_usage = 11;
optional SessionState session_state = 12;
// Globally unique serial number of certificate associated with this
// device.
optional bytes drm_cert_serial_number = 13;
// Whether the device (make/model) making the license request is whitelisted.
// Indicates the type of message in the license response.
optional SignedMessage.MessageType message_type = 15;
// Optional Android Id reported by the Android client.
// See go/avi-unique-device-id
optional bytes android_id = 16;
// If this is a group key license, this is the group identifier from the PSSH.
optional bytes group_id = 17;
// Platform specifies the OS or device type and perhaps other software
// information for the device receving this license response.
// Example: Android, iOS, Chrome, PC.
optional string platform = 18;
optional Pssh pssh_data = 20;
// Maximum HDCP version specified by the client.
optional ClientIdentification.ClientCapabilities.HdcpVersion
client_max_hdcp_version = 21;
// Optional client information name/value pairs from the client.
repeated ClientIdentification.NameValue client_info = 22;
// Optional number of seconds before a signing key expires.
optional int64 signature_expiration_secs = 23;
// Set to true, if license request was for "live" stream.
optional bool is_live = 24 [default = false];
// Platform verification status
optional PlatformVerificationStatus platform_verification_status = 25
[default = PLATFORM_UNVERIFIED];
// The "provider" field in ModularDrmLicenseRequest.
optional string content_owner = 26;
// The "requesting_provider" in ModularDrmLicenseRequest. If
// "requesting_provider" is empty, then "provider" from
// ModularDrmLicenseRequest will be set here.
optional string content_provider = 27;
// SystemID of the requesting device.
optional uint32 system_id = 28;
}
message LicenseResponse {
// Each license is a Base64-encoded string which is of the format
// <status><asset_id><license blob>. Multiple licenses are separated by a
// comma. Required.
optional string licenses = 2;
// License for the requested asset. This should not be returned to the
// client, but possibly evaluated by the provider. The number of
// license_metadata fields must be the same as the number of licenses.
// Required.
repeated LicenseMetadata license_metadata = 3;
// Make as specified in the license request.
optional string make = 4;
// Model as specified in the license request.
optional string model = 5;
// Platform specifies the OS or device type and perhaps other software
// information for the device receving this license response.
// Example: Android, iOS, Chrome, PC.
optional string platform = 6;
}

73
protos/public/provisioned_device_info.proto Normal file
View File

@@ -0,0 +1,73 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
// Description:
// Provisioned device info format definitions.
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
option java_outer_classname = "ProvisionedDeviceInfoProto";
// Contains device model information for a provisioned device.
message ProvisionedDeviceInfo {
enum WvSecurityLevel {
// Defined in Widevine Security Integration Guide for DASH on Android:
// http://doc/1Zum-fcJeoIw6KG1kDP_KepIE5h9gAZg0PaMtemBvk9c/edit#heading=h.1t3h5sf
LEVEL_UNSPECIFIED = 0;
LEVEL_1 = 1;
LEVEL_2 = 2;
LEVEL_3 = 3;
}
// Widevine initial provisioning / bootstrapping method. DRM certificates are
// required for retrieving licenses, so if a DRM certificate is not initially
// provisioned, then the provisioned credentials will be used to provision
// a DRM certificate via the Widevine Provisioning Service.
enum ProvisioningMethod {
// Don't use this.
PROVISIONING_METHOD_UNSPECIFIED = 0;
// Factory-provisioned device-unique keybox.
FACTORY_KEYBOX = 1;
// Factory-provisioned device-unique OEM certificate.
FACTORY_OEM_DEVICE_CERTIFICATE = 2;
// Factory-provisioned model-group OEM certificate.
FACTORY_OEM_GROUP_CERTIFICATE = 3;
// Factory-provisioned model-group DRM certificate (Level-3 "baked in").
FACTORY_DRM_GROUP_CERTIFICATE = 4;
// OTA-provisioned keybox (Level-1 ARC++).
OTA_KEYBOX = 5;
// OTA-provisioned device-unique OEM certificate.
OTA_OEM_DEVICE_CERTIFICATE = 6;
// OTA-provisioned model-group OEM certificate.
OTA_OEM_GROUP_CERTIFICATE = 7;
// OTA-provisioned device-unique DRM certificate (Bedrock).
OTA_DRM_DEVICE_CERTIFICATE = 8;
}
// Widevine system ID for the device. Mandatory.
optional uint32 system_id = 1;
// Name of system-on-a-chip. Optional.
optional string soc = 2;
// Name of manufacturer. Optional.
optional string manufacturer = 3;
// Manufacturer's model name. Matches "brand" in device metadata. Optional.
optional string model = 4;
// Type of device (Phone, Tablet, TV, etc).
optional string device_type = 5;
// Device model year. Optional.
optional uint32 model_year = 6;
// Widevine-defined security level. Optional.
optional WvSecurityLevel security_level = 7 [default = LEVEL_UNSPECIFIED];
// True if the certificate corresponds to a test (non production) device.
// Optional.
optional bool test_device = 8 [default = false];
// Indicates the type of device root of trust which was factory provisioned.
optional ProvisioningMethod provisioning_method = 9;
}

30
protos/public/remote_attestation.proto Normal file
View File

@@ -0,0 +1,30 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2017 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
//
// Description:
// Remote attestation is used by ChromeOS device to authenticate itself
// to Widevine services for both licensing and keybox provisioning.
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
import "protos/public/client_identification.proto";
message RemoteAttestation {
// Encrypted ClientIdentification message containing the device remote
// attestation certificate. Required.
optional EncryptedClientIdentification certificate = 1;
// Bytes of salt which were added to the remote attestation challenge prior to
// signing it. Required.
optional bytes salt = 2;
// Signed remote attestation challenge + salt. Required.
optional bytes signature = 3;
}

69
protos/public/sdk_stats.proto Normal file
View File

@@ -0,0 +1,69 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
//
// Main protocol buffers for Widevine external SDK
// licensing statistics.
// Design doc: https://docs.google.com/document/d/1yyt5TxApYbI0N07aH94zwnKYuzYdFcmqZtC3jCyph8k/edit#
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
option java_outer_classname = "LicenseStatsProtos";
message DeviceLicenseCounterByStatus {
// The response status sent by the SDK in response to the license request.
// Required.
optional int32 license_status = 1;
// Count of licenses for this status code. Required.
optional int64 count = 2;
}
message DeviceLicenseCounterByModel {
// The model of the device sending a license request to the Widevine SDK. Optional.
optional string device_model = 1;
// license status specific breakdown of counter data
repeated DeviceLicenseCounterByStatus counter_by_status = 2;
}
message DeviceLicenseCounterByMake {
// The make of the device sending a license request to the Widevine SDK. Optional.
optional string device_make = 1;
// device model specific breakdown of counter data.
repeated DeviceLicenseCounterByModel counter_by_model = 2;
}
message DeviceLicenseCounterBySystemId {
// The system identifier for the device make/model family. Optional.
optional int32 device_system_id = 1;
// device make specific breakdown of counter data.
repeated DeviceLicenseCounterByMake counter_by_make = 2;
}
message DeviceLicenseCounterRequest {
// The provider hosting the Widevine SDK. Required.
optional string provider = 1;
// The collection start time in UTC for this counter data. Required.
optional int64 counter_utc_start_time_usec = 2;
// The collection end time in UTC for this counter data. Required.
optional int64 counter_utc_end_time_usec = 3;
// device systemId specific breakdown of counter data.
repeated DeviceLicenseCounterBySystemId counter_by_systemid = 4;
}
message SignedDeviceLicenseCounterRequest {
// The license counter data by device. Required.
optional DeviceLicenseCounterRequest device_license_counter_request = 1;
// The signature for the provider sending the request. Required.
optional bytes signature = 2;
}

27
protos/public/signed_drm_certificate.proto Normal file
View File

@@ -0,0 +1,27 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
// Signed device certificate definition.
syntax = "proto2";
package widevine;
option java_outer_classname = "SignedDrmCertificateProtos";
option java_package = "com.google.video.widevine.protos";
// DrmCertificate signed by a higher (CA) DRM certificate.
message SignedDrmCertificate {
// Serialized certificate. Required.
optional bytes drm_certificate = 1;
// Signature of certificate. Signed with root or intermediate
// certificate specified below. Required.
optional bytes signature = 2;
// SignedDrmCertificate used to sign this certificate.
optional SignedDrmCertificate signer = 3;
}

39
protos/public/verified_media_pipeline.proto Normal file
View File

@@ -0,0 +1,39 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2017 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
//
// Description:
// Protocol messages used for the Verified Media Pipeline feature of the
// Widevine CDM.
syntax = "proto2";
option optimize_for = LITE_RUNTIME;
package vmp;
message VmpData {
message SignedBinaryInfo {
// File name of the binary. Required.
optional string file_name = 1;
// Index into |certificates| for the code signing certificate used to sign
// this binary. Required if the binary is signed..
optional uint32 certificate_index = 2;
// SHA-512 digest of signed binary. Required if the file was present.
optional bytes binary_hash = 3;
// Flags from signature file, if any. Required if signed.
optional uint32 flags = 4;
// Signature of the binary. Required if signed.
optional bytes signature = 5;
}
// Distinct certificates used in binary code signing. No certificate should
// be present more than once.
repeated bytes certificates = 1;
// Info about each signed binary.
repeated SignedBinaryInfo signed_binary_info = 2;
}

99
protos/public/widevine_pssh.proto Normal file
View File

@@ -0,0 +1,99 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2017 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
//
// Declaration of protocol buffer which is used to encode the data stored in
// Common Encryption (CENC) 'pssh' box Data fields.
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
message WidevinePsshData {
enum Type {
SINGLE = 0; // Single PSSH to be used to retrieve content keys.
ENTITLEMENT = 1; // Primary PSSH used to retrieve entitlement keys.
ENTITLED_KEY = 2; // Secondary PSSH containing entitled key(s).
}
message EntitledKey {
// ID of entitlement key used for wrapping |key|.
optional bytes entitlement_key_id = 1;
// ID of the entitled key.
optional bytes key_id = 2;
// Wrapped key. Required.
optional bytes key = 3;
// IV used for wrapping |key|. Required.
optional bytes iv = 4;
// Size of entitlement key used for wrapping |key|.
optional uint32 entitlement_key_size_bytes = 5 [default = 32];
}
// Entitlement or content key IDs. Can onnly present in SINGLE or ENTITLEMENT
// PSSHs. May be repeated to facilitate delivery of multiple keys in a
// single license. Cannot be used in conjunction with content_id or
// group_ids, which are the preferred mechanism.
repeated bytes key_ids = 2;
// Content identifier which may map to multiple entitlement or content key
// IDs to facilitate the delivery of multiple keys in a single license.
// Cannot be present in conjunction with key_ids, but if used must be in all
// PSSHs.
optional bytes content_id = 4;
// Crypto period index, for media using key rotation. Always corresponds to
// The content key period. This means that if using entitlement licensing
// the ENTITLED_KEY PSSHs will have sequential crypto_period_index's, whereas
// the ENTITELEMENT PSSHs will have gaps in the sequence. Required if doing
// key rotation.
optional uint32 crypto_period_index = 7;
// Protection scheme identifying the encryption algorithm. The protection
// scheme is represented as a uint32 value. The uint32 contains 4 bytes each
// representing a single ascii character in one of the 4CC protection scheme
// values. To be deprecated in favor of signaling from content.
// 'cenc' (AES-CTR) protection_scheme = 0x63656E63,
// 'cbc1' (AES-CBC) protection_scheme = 0x63626331,
// 'cens' (AES-CTR pattern encryption) protection_scheme = 0x63656E73,
// 'cbcs' (AES-CBC pattern encryption) protection_scheme = 0x63626373.
optional uint32 protection_scheme = 9;
// Optional. For media using key rotation, this represents the duration
// of each crypto period in seconds.
optional uint32 crypto_period_seconds = 10;
// Type of PSSH. Required if not SINGLE.
optional Type type = 11 [default = SINGLE];
// Key sequence for Widevine-managed keys. Optional.
optional uint32 key_sequence = 12;
// Group identifiers for all groups to which the content belongs. This can
// be used to deliver licenses to unlock multiple titles / channels.
// Optional, and may only be present in ENTITLEMENT and ENTITLED_KEY PSSHs, and
// not in conjunction with key_ids.
repeated bytes group_ids = 13;
// Copy/copies of the content key used to decrypt the media stream in which
// the PSSH box is embedded, each wrapped with a different entitlement key.
// May also contain sub-licenses to support devices with OEMCrypto 13 or
// older. May be repeated if using group entitlement keys. Present only in
// PSSHs of type ENTITLED_KEY.
repeated EntitledKey entitled_keys = 14;
//////////////////////////// Deprecated Fields ////////////////////////////
enum Algorithm {
UNENCRYPTED = 0;
AESCTR = 1;
};
optional Algorithm algorithm = 1 [deprecated = true];
optional string provider = 3 [deprecated = true];
optional string track_type = 5 [deprecated = true];
optional string policy = 6 [deprecated = true];
optional bytes grouped_license = 8 [deprecated = true];
}