widevine-partner/media_cas_proxy_sdk_source
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CAS Proxy SDK git checkin as per g3doc.

Browse Source 
Adds support for specifying service type when creating a service certificate.

A recent change to the SDK allows for service certificates (DrmCertificate) to also specify a ServiceType indicating which type of service they are supposed to be used on.  This CL adds certificate creation service support for this.

-------------
Fix typo in cas proxy SDK.

-------------
Migrate C++ proto_library rules to cc_proto_library.

We update dependency edges of cc_* rules on proto_library() rules to use a cc_proto_library() intermediary in preparation for eliminating proto_library()'s cc support as per []

More information: []

Tested:
    TAP --sample for global presubmit queue
    []

-------------
Migrate cc proto_library to cc_proto_library. Also fixes build break introduced by []

-------------
Remove unnecessary #MOE directives

-------------
[Proxy_SDK] Move generateSignature in WvPLSDKEnvironment to signature_util.cc file.

-------------
[SDK]Add service_certificate type check in WVPL LSDK and PROXY SDK.

-------------
[Proxy_SDK] Add new API to get remote_attestation_cert_serial_number for proxy SDK.

-------------
[Proxy_SDK] Add getDrmDeviceId function

-------------
[Proxy_SDK] add getrequesttype function for proxy sdk

-------------
[SDK] Add videoFeature field to WvPLWidevinePsshData in WvPLWidevine.java and wvpl_type.h. Related to []

-------------
Allow specified devices to request licenses even if these devices are in TEST_ONLY state.
This will also override the global setting of TEST_ONLY devices not being allowed to
successfully receive licenses from Widevine License SDK.

-------------
[Proxy_SDK] Add ParseDCSL function and test case.

-------------
[Proxy_SDK] Return non-ok status for service_certificate_request when create proxy sdk session. Add test case in Java test.

-------------
[Proxy_SDK] Add video_feature parsing in GetPsshData function. Also check video_feature when geneateModularDrmLicenseRequest.

-------------
[SDK]Deprecated message_type() function, use request_type() instead.

-------------
Use JDK instead of JRE

The concept of a JRE is going away in JDK 11. The jre/ subdirectory in the JDK will no longer exist and the :jre targets will no longer make sense.

Currently in JDK 8, the JDK is a superset of the JRE (it contains all of the files in the JRE), so this is a safe change.

Tested:
    TAP found no affected targets
    []

-------------
Renaming WvPLSDKSession.request_type() API.
Added LICENSE_TYPE_UNSPECIFIED enumeration to WvPLLicenseType.

-------------
Additional VLOG messaging for licensing with TEST_ONLY devices.

-------------
Remove forward declarations of absl names. The style guide bans this, and those names are not for external users to redeclare. External users should include the public headers instead.

-------------
Change Kokoro to use latest bazel version

-------------
Update the abseil build to the December 18 release.

This fixes a problem where the MOE build is failing because there was no definition for node_hash_map.

-------------
[CAS_Proxy]Add WvPLCASProxyEnvironmentJNI.cc and com_google_video_widevine_sdk_wvpl_WvPLCASProxyEnvironment.h file to implement JNI layer for WvPLCASProxyEnvironment.

-------------
Apply changes to sdk to match device certificate status list updates.

Cleans up some of the protos we're using for the new SignedDeviceInfo. Also, adjusts the sdk implementation to reflect the proto and service changes.

-------------
[CAS_PROXY]Add WvPLCASProxyEnvironment.java, WvPLCASProxySession.java and WvPLCASProxyTest.java file.

-------------
Add API to return the DRM service certificate by provider.

-------------
[CAS_PROXY]Implement SetDrmServiceCertificate and SetDeviceCertificateStatusList JNI layer.

-------------
Get DeviceInfo from request.

-------------
CAS Proxy SDK updated to 1.1.5.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=248640225
This commit is contained in:
Ramji Chandramouli
2019-05-16 18:14:58 -07:00
parent 74b7f405c8
commit be0bb27305
44 changed files with 1496 additions and 577 deletions
Download Patch File Download Diff File Expand all files Collapse all files

151
protos/public/BUILD
View File

@@ -29,6 +29,7 @@ proto_library(
"license_server_sdk.proto",
"provisioned_device_info.proto",
"remote_attestation.proto",
"signed_device_info.proto",
"signed_drm_certificate.proto",
"verified_media_pipeline.proto",
"widevine_pssh.proto",
@@ -44,228 +45,238 @@ java_proto_library(
)
proto_library(
name = "license_services_proto_base",
name = "license_services_proto",
srcs = ["license_services.proto"],
deps = [
":client_identification_proto_base",
":license_protocol_proto_base",
":license_server_sdk_proto_base",
":errors_proto_base",
":client_identification_proto",
":license_protocol_proto",
":license_server_sdk_proto",
":errors_proto",
],
)
cc_proto_library(
name = "license_services_proto",
deps = [":license_services_proto_base"],
name = "license_services_cc_proto",
deps = [":license_services_proto"],
)
java_proto_library(
name = "license_services_java_proto",
deps = [":license_services_proto_base"],
deps = [":license_services_proto"],
)
proto_library(
name = "client_identification_proto_base",
name = "client_identification_proto",
srcs = ["client_identification.proto"],
)
cc_proto_library(
name = "client_identification_proto",
deps = [":client_identification_proto_base"],
name = "client_identification_cc_proto",
deps = [":client_identification_proto"],
)
java_proto_library(
name = "client_identification_java_proto",
deps = [":client_identification_proto_base"],
deps = [":client_identification_proto"],
)
proto_library(
name = "device_certificate_status_proto_base",
name = "device_certificate_status_proto",
srcs = ["device_certificate_status.proto"],
deps = [":provisioned_device_info_proto_base"],
deps = [":provisioned_device_info_proto"],
)
cc_proto_library(
name = "device_certificate_status_proto",
deps = [":device_certificate_status_proto_base"],
name = "device_certificate_status_cc_proto",
deps = [":device_certificate_status_proto"],
)
java_proto_library(
name = "device_certificate_status_java_proto",
deps = [":device_certificate_status_proto_base"],
deps = [":device_certificate_status_proto"],
)
proto_library(
name = "sdk_stats_proto_base",
name = "sdk_stats_proto",
srcs = ["sdk_stats.proto"],
)
cc_proto_library(
name = "sdk_stats_proto",
deps = [":sdk_stats_proto_base"],
name = "sdk_stats_cc_proto",
deps = [":sdk_stats_proto"],
)
java_proto_library(
name = "sdk_stats_java_proto",
deps = [":sdk_stats_proto_base"],
deps = [":sdk_stats_proto"],
)
proto_library(
name = "drm_certificate_proto_base",
name = "drm_certificate_proto",
srcs = ["drm_certificate.proto"],
)
cc_proto_library(
name = "drm_certificate_proto",
deps = [":drm_certificate_proto_base"],
name = "drm_certificate_cc_proto",
deps = [":drm_certificate_proto"],
)
java_proto_library(
name = "drm_certificate_java_proto",
deps = [":drm_certificate_proto_base"],
deps = [":drm_certificate_proto"],
)
proto_library(
name = "errors_proto_base",
name = "errors_proto",
srcs = ["errors.proto"],
)
cc_proto_library(
name = "errors_proto",
deps = [":errors_proto_base"],
name = "errors_cc_proto",
deps = [":errors_proto"],
)
java_proto_library(
name = "errors_java_proto",
deps = [":errors_proto_base"],
deps = [":errors_proto"],
)
proto_library(
name = "license_protocol_proto_base",
name = "license_protocol_proto",
srcs = ["license_protocol.proto"],
deps = [
":client_identification_proto_base",
":remote_attestation_proto_base",
":client_identification_proto",
":remote_attestation_proto",
],
)
cc_proto_library(
name = "license_protocol_proto",
deps = [":license_protocol_proto_base"],
name = "license_protocol_cc_proto",
deps = [":license_protocol_proto"],
)
java_proto_library(
name = "license_protocol_java_proto",
deps = [":license_protocol_proto_base"],
deps = [":license_protocol_proto"],
)
proto_library(
name = "license_server_sdk_proto_base",
name = "license_server_sdk_proto",
srcs = ["license_server_sdk.proto"],
deps = [":license_protocol_proto_base",
":widevine_pssh_proto_base"],
deps = [":license_protocol_proto",
":widevine_pssh_proto"],
)
cc_proto_library(
name = "license_server_sdk_proto",
deps = [":license_server_sdk_proto_base"],
name = "license_server_sdk_cc_proto",
deps = [":license_server_sdk_proto"],
)
java_proto_library(
name = "license_server_sdk_java_proto",
deps = [":license_server_sdk_proto_base"],
deps = [":license_server_sdk_proto"],
)
proto_library(
name = "provisioned_device_info_proto_base",
name = "provisioned_device_info_proto",
srcs = ["provisioned_device_info.proto"],
)
cc_proto_library(
name = "provisioned_device_info_proto",
deps = [":provisioned_device_info_proto_base"],
name = "provisioned_device_info_cc_proto",
deps = [":provisioned_device_info_proto"],
)
java_proto_library(
name = "provisioned_device_info_java_proto",
deps = [":provisioned_device_info_proto_base"],
deps = [":provisioned_device_info_proto"],
)
proto_library(
name = "remote_attestation_proto_base",
name = "remote_attestation_proto",
srcs = ["remote_attestation.proto"],
deps = [":client_identification_proto_base"],
deps = [":client_identification_proto"],
)
cc_proto_library(
name = "remote_attestation_proto",
deps = [":remote_attestation_proto_base"],
name = "remote_attestation_cc_proto",
deps = [":remote_attestation_proto"],
)
java_proto_library(
name = "remote_attestation_java_proto",
deps = [":remote_attestation_proto_base"],
deps = [":remote_attestation_proto"],
)
proto_library(
name = "signed_drm_certificate_proto_base",
name = "signed_device_info_proto",
srcs = ["signed_device_info.proto"],
)
cc_proto_library(
name = "signed_device_info_cc_proto",
deps = [":signed_device_info_proto"],
)
proto_library(
name = "signed_drm_certificate_proto",
srcs = ["signed_drm_certificate.proto"],
)
cc_proto_library(
name = "signed_drm_certificate_proto",
deps = [":signed_drm_certificate_proto_base"],
name = "signed_drm_certificate_cc_proto",
deps = [":signed_drm_certificate_proto"],
)
proto_library(
name = "verified_media_pipeline_proto_base",
name = "verified_media_pipeline_proto",
srcs = ["verified_media_pipeline.proto"],
)
cc_proto_library(
name = "verified_media_pipeline_proto",
deps = [":verified_media_pipeline_proto_base"],
name = "verified_media_pipeline_cc_proto",
deps = [":verified_media_pipeline_proto"],
)
proto_library(
name = "widevine_pssh_proto_base",
name = "widevine_pssh_proto",
srcs = ["widevine_pssh.proto"],
)
cc_proto_library(
name = "widevine_pssh_proto",
deps = [":widevine_pssh_proto_base"],
name = "widevine_pssh_cc_proto",
deps = [":widevine_pssh_proto"],
)
java_proto_library(
name = "widevine_pssh_java_proto",
deps = [":widevine_pssh_proto_base"],
deps = [":widevine_pssh_proto"],
)
proto_library(
name = "media_cas_license_proto_base",
name = "media_cas_license_proto",
srcs = ["media_cas_license.proto"],
deps = [
":license_protocol_proto_base",
":license_server_sdk_proto_base",
":errors_proto_base",
":media_cas_encryption_proto_base",
":license_protocol_proto",
":license_server_sdk_proto",
":errors_proto",
":media_cas_encryption_proto",
],
)
cc_proto_library(
name = "media_cas_license_proto",
deps = [":media_cas_license_proto_base"],
name = "media_cas_license_cc_proto",
deps = [":media_cas_license_proto"],
)
proto_library(
name = "media_cas_encryption_proto_base",
name = "media_cas_encryption_proto",
srcs = ["media_cas_encryption.proto"],
)
cc_proto_library(
name = "media_cas_encryption_proto",
deps = [":media_cas_encryption_proto_base"],
name = "media_cas_encryption_cc_proto",
deps = [":media_cas_encryption_proto"],
)

6
protos/public/client_identification.proto
View File

@@ -13,8 +13,8 @@
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
option java_package = "com.google.video.widevine.protos";
option java_outer_classname = "ClientIdentificationProtos";
// ClientIdentification message used to authenticate the client device.
@@ -110,8 +110,8 @@ message EncryptedClientIdentification {
// Serial number for the service certificate for which ClientIdentification is
// encrypted.
optional bytes service_certificate_serial_number = 2;
// Serialized ClientIdentification message, encrypted with the privacy key using
// AES-128-CBC with PKCS#5 padding.
// Serialized ClientIdentification message, encrypted with the privacy key
// using AES-128-CBC with PKCS#5 padding.
optional bytes encrypted_client_id = 3;
// Initialization vector needed to decrypt encrypted_client_id.
optional bytes encrypted_client_id_iv = 4;

43
protos/public/device_certificate_status.proto
View File

@@ -14,11 +14,11 @@ syntax = "proto2";
package widevine;
import "protos/public/provisioned_device_info.proto";
option java_outer_classname = "DeviceCertificateStatusProtos";
option java_package = "com.google.video.widevine.protos";
import "protos/public/provisioned_device_info.proto";
// Contains DRM and OEM certificate status and device information for a
// specific system ID.
// TODO(user): Move this to its own file.
@@ -72,42 +72,3 @@ message SignedDeviceCertificateStatusList {
// key using RSASSA-PSS. Required.
optional bytes signature = 2;
}
// A signed request sent to Widevine Provisioning Server (keysmith) to retrieve
// 'DeviceCertificateStatusList'.
message SignedDeviceCertificateStatusListRequest {
// Serialized DeviceCertificateStatusListRequest. Required.
optional bytes device_certificate_status_list_request = 1;
// Signature of device_certificate_status_list_request. Signed with root
// certificate private key using RSASSA-PSS. Required.
optional bytes signature = 2;
}
// A request sent to Widevine Provisioning Server (keysmith) to retrieve
// 'DeviceCertificateStatusList'.
message DeviceCertificateStatusListRequest {
// The version of sdk. Required.
optional string sdk_version = 1;
// POSIX time, in seconds, when this request was created. Required.
optional uint64 sdk_time_seconds = 2;
}
// Contains response from Widevine Provisioning Server with status and
// DeviceCertificateStatusList information.
message DeviceCertificateStatusListResponse {
enum Status {
UNKNOWN = 0;
OK = 1;
SIGNATURE_FAILED = 2;
NOT_AUTHORIZED = 3;
AUTHORIZATION_EXPIRED = 4;
PROVIDER_ID_MISSING = 5;
INTERNAL_ERROR = 6;
}
// Status returned by the Widevine Provisioning Server. Required.
optional Status status = 1;
// String message returned by the Widevine Provisioning Server.
optional string status_message = 2;
// Serialized SignedDeviceCertificateStatusList. Required.
optional bytes signed_device_certificate_status_list = 3;
}

12
protos/public/drm_certificate.proto
View File

@@ -28,7 +28,11 @@ message DrmCertificate {
PROVISIONER = 4;
}
enum ServiceType {
UNKNOWN = 0; LICENSE_SERVER_SDK = 1; LICENSE_SERVER_PROXY_SDK = 2;
UNKNOWN_SERVICE_TYPE = 0;
LICENSE_SERVER_SDK = 1;
LICENSE_SERVER_PROXY_SDK = 2;
PROVISIONING_SDK = 3;
CAS_PROXY_SDK = 4;
}
// Type of certificate. Required.
optional Type type = 1;
@@ -50,6 +54,8 @@ message DrmCertificate {
// certificate. Required for service and provisioner certificates.
optional string provider_id = 7;
// This field is used only when type = SERVICE to specify which SDK uses
// service certificate.
optional ServiceType service_type = 8 [default = UNKNOWN];
// service certificate. This repeated field is treated as a set. A certificate
// may be used for the specified service SDK if the appropriate ServiceType
// is specified in this field.
repeated ServiceType service_types = 8;
}

7
protos/public/errors.proto
View File

@@ -12,6 +12,7 @@
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
@@ -245,4 +246,10 @@ enum Errors {
// Even Key not specified, CasEncryptionResponse.KeyInfo.KeySlot
MISSING_EVEN_KEY = 172;
// VMP verification required for this platform, however VMP data is missing.
VMP_ERROR_PLATFORM_NOT_VERIFIED = 173;
// VMP verification failed this platform, perhaps was tampered with.
VMP_ERROR_PLATFORM_TAMPERED = 174;
}

25
protos/public/license_protocol.proto
View File

@@ -14,11 +14,12 @@
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
import "protos/public/client_identification.proto";
import "protos/public/remote_attestation.proto";
option java_package = "com.google.video.widevine.protos";
// option optimize_for = LITE_RUNTIME;
enum LicenseType {
STREAMING = 1;
@@ -117,11 +118,12 @@ message License {
message KeyContainer {
enum KeyType {
SIGNING = 1; // Exactly one key of this type must appear.
CONTENT = 2; // Content key.
KEY_CONTROL = 3; // Key control block for license renewals. No key.
SIGNING = 1; // Exactly one key of this type must appear.
CONTENT = 2; // Content key.
KEY_CONTROL = 3; // Key control block for license renewals. No key.
OPERATOR_SESSION = 4; // wrapped keys for auxiliary crypto operations.
ENTITLEMENT = 5; // Entitlement keys.
ENTITLEMENT = 5; // Entitlement keys.
OEM_CONTENT = 6; // Partner-specific content key.
}
// The SecurityLevel enumeration allows the server to communicate the level
@@ -269,7 +271,6 @@ message License {
[default = PLATFORM_NO_VERIFICATION];
// IDs of the groups for which keys are delivered in this license, if any.
repeated bytes group_ids = 11;
}
enum ProtocolVersion {
@@ -381,6 +382,15 @@ message MetricData {
repeated TypeValue metric_data = 2;
}
message VersionInfo {
// License SDK version reported by the Widevine License SDK. This field
// is populated automatically by the SDK.
optional string license_sdk_version = 1;
// Version of the service hosting the license SDK. This field is optional.
// It may be provided by the hosting service.
optional string license_service_version = 2;
}
message SignedMessage {
enum MessageType {
LICENSE_REQUEST = 1;
@@ -403,4 +413,7 @@ message SignedMessage {
optional RemoteAttestation remote_attestation = 5;
repeated MetricData metric_data = 6;
// Version information from the SDK and license service. This information is
// provided in the license response.
optional VersionInfo service_version_info = 7;
}

3
protos/public/license_server_sdk.proto
View File

@@ -14,11 +14,12 @@
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
import "protos/public/license_protocol.proto";
import "protos/public/widevine_pssh.proto";
option java_package = "com.google.video.widevine.protos";
// This message is used to pass optional data on initial license issuance.
// LINT.IfChange
message SessionInit {

45
protos/public/license_services.proto
View File

@@ -11,9 +11,12 @@
syntax = "proto2";
option java_package = "com.google.video.widevine.licensing";
import "protos/public/client_identification.proto";
import "protos/public/license_protocol.proto";
import "protos/public/license_server_sdk.proto";
package widevine;
// TODO(user): refactor license_services.proto and sdk_stats.proto.
@@ -79,6 +82,11 @@ message ModularDrmLicenseRequest {
// be reported.
repeated License.KeyContainer.VideoResolutionConstraint
video_resolution_constraints = 10;
// Video feature associated with this key. Common value is HDR.
// If specified and the key_id/key is not specified, this value will be
// used to derive the key_id/key.
optional string video_feature = 11;
}
// Specifies a list of content keys and policies to be included in a license.
@@ -207,6 +215,38 @@ message ModularDrmLicenseRequest {
// field by using the ProxySDK(internally, RequestInspector) API.
optional PlatformVerificationStatus platform_verification_status = 26
[default = PLATFORM_NO_VERIFICATION];
// By default, a license request will fail if VMP status is unverified for
// Chrome. Set this field to 'true' to allow license request to succeed when
// VMP status is unverified for Chrome platforms.
// TODO (b/126434032) Change the default to false once partners are notified
optional bool allow_unverified_platform = 27 [default = true];
// By default, a license request will fail if VMP status is tampered for
// Chrome. Set this field to 'true' to allow license request to succeed when
// VMP status is tampered for Chrome platforms.
// TODO (b/126434032) Change the default to false once partners are notified
optional bool allow_tampered_platform = 28 [default = true];
// A shortcut for specifying whether to return keys for the video feature only
// or to return all keys or ignore the video feature.
// The VideoFeatureKeySet only applies when video feature is specified in the
// PSSH.
enum VideoFeatureKeySet {
VF_UNSPECIFIED = 0;
// License should not include keys for the video feature, instead only
// include keys not associated with the video feature.
VF_EXCLUDED = 1;
// License should only include keys associated with the video feature
// (e.g., HDR).
VF_ONLY = 2;
// License should include keys for the video feature and also for keys
// not associated with the video feature (e.g., SDR keys).
VF_INCLUDED = 3;
}
// This field is ignored if one or more content_key_specs is specified.
optional VideoFeatureKeySet video_feature_key_set = 29
[default = VF_EXCLUDED];
}
@@ -291,6 +331,7 @@ message ModularDrmLicenseResponse {
message Track {
optional string type = 1;
optional bytes key_id = 2;
optional string video_feature = 3;
}
// A subset of data from the Widevine PSSH.
message Pssh {
@@ -310,7 +351,7 @@ message ModularDrmLicenseResponse {
optional bool remote_attestation_verified = 8;
// Widevine-defined security level.
optional uint32 security_level = 9;
// Actual SDK license status as defined in widevine/server/sdk/error.proto.
// Actual SDK license status as defined in widevine/protos/public/errors.proto
optional uint32 internal_status = 10;
// Usage report sent in a license release.
optional SessionUsage session_usage = 11;
@@ -342,7 +383,7 @@ message ModularDrmLicenseResponse {
optional bool is_live = 24 [default = false];
// Platform verification status
optional PlatformVerificationStatus platform_verification_status = 25
[default = PLATFORM_UNVERIFIED];
[default = PLATFORM_UNVERIFIED];
// The "provider" field in ModularDrmLicenseRequest.
optional string content_owner = 26;
// The "requesting_provider" in ModularDrmLicenseRequest. If

6
protos/public/media_cas_encryption.proto
View File

@@ -10,10 +10,10 @@
syntax = "proto2";
option java_package = "com.google.video.widevine.mediacasencryption";
package widevine;
option java_package = "com.google.video.widevine.mediacasencryption";
message CasEncryptionRequest {
optional bytes content_id = 1;
optional string provider = 2;
@@ -43,7 +43,7 @@ message CasEncryptionResponse {
SINGLE = 1;
EVEN = 2;
ODD = 3;
};
}
optional bytes key_id = 1;
optional bytes key = 2;
// Optional label used for the key.

31
protos/public/media_cas_license.proto
View File

@@ -14,6 +14,7 @@ syntax = "proto2";
option java_package = "com.google.video.widevine.mediacaslicense";
import "protos/public/license_protocol.proto";
import "protos/public/license_server_sdk.proto";
import "protos/public/media_cas_encryption.proto";
@@ -70,7 +71,7 @@ message CasDrmLicenseResponse {
// TODO(user): Until a CAS license protocol is defined, this field is a
// serialized License message defined in license_protocol.proto.
optional bytes license = 3;
// Actual SDK license status as defined in widevine/server/sdk/error.proto.
// Actual SDK license status as defined in widevine/protos/public/errors.proto
optional uint32 internal_status = 4;
// Indicates the type of message in the license response.
optional SignedMessage.MessageType message_type = 5;
@@ -78,6 +79,8 @@ message CasDrmLicenseResponse {
message PsshData {
repeated bytes key_id = 1;
optional bytes content_id = 2;
// If this is a group key license, this is the group identifier.
optional bytes group_id = 3;
}
message LicenseMetadata {
optional bytes content_id = 1;
@@ -88,6 +91,27 @@ message CasDrmLicenseResponse {
optional string content_owner = 8;
optional string content_provider = 9;
optional LicenseMetadata license_metadata = 10;
message DeviceInfo {
// Make as identified from the provisioned device info. If that is not
// available, the device make will be retrieved from the license request.
optional string make = 1;
// Model as identified from the provisioned device info. If that is not
// available, the device model will be retrieved from the license request.
optional string model = 2;
// Widevine-defined device security level.
optional uint32 security_level = 3;
// Globally unique serial number of certificate associated with this
// device.
optional bytes drm_cert_serial_number = 4;
// Platform specifies the OS or device type and perhaps other software
// information for the device receving this license response.
// Example: Android, iOS, Chrome, PC.
optional string platform = 5;
// SystemID of the requesting device.
optional uint32 system_id = 6;
}
// Device information for the device making the CAS license request.
optional DeviceInfo device_info = 11;
}
message SignedCasDrmRequest {
@@ -103,8 +127,3 @@ message SignedCasDrmRequest {
optional string user_agent = 5;
optional string provider = 6;
}
message SignedCasDrmResponse {
optional bytes response = 1;
optional bytes signature = 2;
}

4
protos/public/remote_attestation.proto
View File

@@ -13,10 +13,11 @@
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
import "protos/public/client_identification.proto";
option java_package = "com.google.video.widevine.protos";
message RemoteAttestation {
// Encrypted ClientIdentification message containing the device remote
// attestation certificate. Required.
@@ -27,4 +28,3 @@ message RemoteAttestation {
// Signed remote attestation challenge + salt. Required.
optional bytes signature = 3;
}

10
protos/public/sdk_stats.proto
View File

@@ -9,14 +9,14 @@
//
// Main protocol buffers for Widevine external SDK
// licensing statistics.
// Design doc: https://docs.google.com/document/d/1yyt5TxApYbI0N07aH94zwnKYuzYdFcmqZtC3jCyph8k/edit#
// Design doc:
// https://docs.google.com/document/d/1yyt5TxApYbI0N07aH94zwnKYuzYdFcmqZtC3jCyph8k/edit#
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
option java_outer_classname = "LicenseStatsProtos";
@@ -29,14 +29,16 @@ message DeviceLicenseCounterByStatus {
}
message DeviceLicenseCounterByModel {
// The model of the device sending a license request to the Widevine SDK. Optional.
// The model of the device sending a license request to the Widevine SDK.
// Optional.
optional string device_model = 1;
// license status specific breakdown of counter data
repeated DeviceLicenseCounterByStatus counter_by_status = 2;
}
message DeviceLicenseCounterByMake {
// The make of the device sending a license request to the Widevine SDK. Optional.
// The make of the device sending a license request to the Widevine SDK.
// Optional.
optional string device_make = 1;
// device model specific breakdown of counter data.
repeated DeviceLicenseCounterByModel counter_by_model = 2;

66
protos/public/signed_device_info.proto Normal file
View File

@@ -0,0 +1,66 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2019 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
//
// This is a pared down copy of the file in:
//
// Do not modify this file without keeping the other file in sync.
// Items in the original file but removed here include.
// - comments
// - SignedDeviceInfoService definition
// - Google api annotations.
//
// TODO(user, yawenyu): Figure out how we can avoid having two copies
// of the same file.
syntax = "proto3";
package widevine;
option csharp_namespace = "Google.Chrome.Widevine.Deviceinfo.V1";
option java_multiple_files = true;
option java_outer_classname = "DeviceCertificateStatusProtos";
option java_package = "com.google.chrome.widevine.deviceinfo.v1";
// GCWDI == Google Chrome Widevine Device Info
option objc_class_prefix = "GCWDI";
// A request sent to Widevine Provisioning Server (keysmith) to retrieve
// 'DeviceCertificateStatusList'.
message DeviceCertificateStatusListRequest {
// The version of sdk. Required.
string sdk_version = 1;
// POSIX time, in seconds, when this request was created. Required.
uint64 sdk_time_seconds = 2;
// The serialized service certificate used to sign the request. Required.
bytes service_certificate = 3;
}
// A device certificate status resource in the Widevine Signed Device Info
// API. It intended to carry information about DRM and OEM certificate
// status and device information for a specific system ID. The information is
// intended to be shared publicly.
// A signed request sent to Widevine Provisioning Server (keysmith) to retrieve
// 'DeviceCertificateStatusList'.
message SignedDeviceInfoRequest {
// A serialized DeviceCertificateStatusListRequest. Required.
bytes device_certificate_status_list_request = 1;
// TODO(user): What's the signature algorithm and the key used?
bytes signature = 2;
}
// Contains a serialized DeviceCertificateStatusList and the signature.
message SignedDeviceInfo {
// Serialized DeviceCertificateStatusList. Required.
bytes device_certificate_status_list = 1;
// Signature of device_certificate_status_list_request. Signed with root
// certificate private key using RSASSA-PSS. Required.
bytes signature = 2;
}

4
protos/public/verified_media_pipeline.proto
View File

@@ -12,10 +12,10 @@
syntax = "proto2";
option optimize_for = LITE_RUNTIME;
package vmp;
option optimize_for = LITE_RUNTIME;
message VmpData {
message SignedBinaryInfo {
// File name of the binary. Required.

13
protos/public/widevine_pssh.proto
View File

@@ -12,6 +12,7 @@
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
message WidevinePsshData {
@@ -75,8 +76,8 @@ message WidevinePsshData {
// Group identifiers for all groups to which the content belongs. This can
// be used to deliver licenses to unlock multiple titles / channels.
// Optional, and may only be present in ENTITLEMENT and ENTITLED_KEY PSSHs, and
// not in conjunction with key_ids.
// Optional, and may only be present in ENTITLEMENT and ENTITLED_KEY PSSHs,
// and not in conjunction with key_ids.
repeated bytes group_ids = 13;
// Copy/copies of the content key used to decrypt the media stream in which
@@ -86,11 +87,17 @@ message WidevinePsshData {
// PSSHs of type ENTITLED_KEY.
repeated EntitledKey entitled_keys = 14;
// Video feature identifier, which is used in conjunction with |content_id|
// to determine the set of keys to be returned in the license. Cannot be
// present in conjunction with |key_ids|.
// Current values are "HDR".
optional string video_feature = 15;
//////////////////////////// Deprecated Fields ////////////////////////////
enum Algorithm {
UNENCRYPTED = 0;
AESCTR = 1;
};
}
optional Algorithm algorithm = 1 [deprecated = true];
optional string provider = 3 [deprecated = true];
optional string track_type = 5 [deprecated = true];