////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////

//
// Description:
//   Definitions of the protocol buffer messages used in the Widevine License
//   Server SDK.

syntax = "proto2";

package widevine;

import "protos/public/license_protocol.proto";
import "protos/public/widevine_pssh.proto";

option java_package = "com.google.video.widevine.protos";

// This message is used to pass optional data on initial license issuance.
// LINT.IfChange
message SessionInit {
  optional bytes session_id = 1;
  optional bytes purchase_id = 2;
  // master_signing_key should be 128 bits in length.
  optional bytes master_signing_key = 3;
  // signing_key should be 512 bits in length to be split into two
  // (server || client) HMAC-SHA256 keys.
  optional bytes signing_key = 4;
  optional int64 license_start_time = 5;
  // Client token for the session. This session is for use by the license
  // provider, and is akin to a client cookie. It will be copied to
  // License::provider_client_token, and sent back by the client in
  // ClientIdentification::provider_client_token in all license requests
  // thereafter.
  optional bytes provider_client_token = 6;
  // Session token for the session. This token is for use by the license
  // provider, and is akin to a session cookie. It will be copied to
  // LicenseIdentfication::provider_session_token, and sent back in all
  // license renewal and release requests for the session thereafter.
  optional bytes provider_session_token = 7;
  // If false and the request contains a provider_client_token, use the token
  // from the request even if SessionInit.provider_client_token is specified.
  // If true and the request contains a provider_client_token, use
  // SessionInit.provider_client_token.
  optional bool override_provider_client_token = 8 [default = false];
  // Set true if group key(s) should not be included in the license. If true,
  // the result license will contain keys for the current content only,
  // therefore the license cannot be used to playback other content in the same
  // group.
  optional bool exclude_group_key = 9 [default = false];
  // If set to true, the OEM Crypto API version will be not be reflected in the
  // license response.
  optional bool disable_oem_crypto_api_version_reflection = 10
      [default = false];
  // For testing use only.  Service Providers can test how devices are handling
  // the version reflection in KCB (key control block) by specifying the api
  // version that is reflected back in the KCB.  If an override is specified,
  // the override value will be used in the KCB instead of the api version
  // specified by the client in client_capabilities.
  // Crypto API version is represented as 4 bytes, for example 'kcxx', where xx
  // is the API version.  Some valid values are: 'kc09', kc10', kc14'.  Only the
  // first 4 bytes are used and additional bytes are ignored.
  optional bytes override_oem_crypto_api_version = 11;
}

// This message is used by the server to preserve and restore session state.
message SessionState {
  optional LicenseIdentification license_id = 1;
  optional bytes signing_key = 2;
  optional uint32 keybox_system_id = 3;
  // Provider client token sent back in the license.
  optional bytes provider_client_token = 4;
  // License counter associated with the avove token.
  optional uint32 license_counter = 5;
}

message ContentInfo {
  message ContentInfoEntry {
    message Pssh {
      optional bytes system_id = 1;
      oneof pssh_data {
        // Populated for non-Widevine PSSH boxes.
        bytes raw_data = 2;
        // Populated if system_id matches Widevine’s system ID.
        WidevinePsshData widevine_data = 3;
      }
    }

    repeated bytes key_ids = 1;
    // Populated if init_data_type = CENC.
    optional Pssh pssh = 2;
  }

  optional LicenseRequest.ContentIdentification.InitData.InitDataType
      init_data_type = 1;
  repeated ContentInfoEntry content_info_entry = 2;
}

// Usage report sent in a license release.
message SessionUsage {
  enum ClockSecurityLevel {
    INSECURE_CLOCK = 0;
    SECURE_TIMER = 1;
    SECURE_CLOCK = 2;
    HW_SECURE_CLOCK = 3;
  }
  // Set to true is the license was used.
  optional bool license_used = 1;
  // Set to true is the license was released.
  optional bool license_released = 2;
  optional ClockSecurityLevel clock_security_level = 3;
  optional uint64 seconds_since_license_received = 4;
  // The decrypt values are only set if the license was used.
  optional uint64 seconds_since_first_decrypt = 5;
  optional uint64 seconds_since_last_decrypt = 6;
  optional bytes provider_session_token = 7;
}