Release provisioning sdk b3889b8

Change-Id: Ib423c4bada1ec2c47eff174b0d99dc9c8813a5ed
2016-11-14 10:47:48 -08:00
commit 131a00206c
38 changed files with 1332 additions and 0 deletions
--- a/protos/public/client_identification.proto
+++ b/protos/public/client_identification.proto
@@ -0,0 +1,82 @@
+// Copyright 2013 Google Inc. All Rights Reserved.
+// Author: tinskip@google.com (Thomas Inskip)
+//
+// Description:
+//   ClientIdentification messages used by provisioning and license protocols.
+
+syntax = "proto2";
+
+package widevine;
+option java_package = "com.google.video.widevine.protos";
+
+option java_outer_classname = "ClientIdentificationProtos";
+
+// ClientIdentification message used to authenticate the client device.
+message ClientIdentification {
+  enum TokenType {
+    KEYBOX = 0;
+    DRM_DEVICE_CERTIFICATE = 1;
+    REMOTE_ATTESTATION_CERTIFICATE = 2;
+    OEM_DEVICE_CERTIFICATE = 3;
+  }
+
+  message NameValue {
+    optional string name = 1;
+    optional string value = 2;
+  }
+
+  // Capabilities which not all clients may support. Used for the license
+  // exchange protocol only.
+  message ClientCapabilities {
+    enum HdcpVersion {
+      HDCP_NONE = 0;
+      HDCP_V1 = 1;
+      HDCP_V2 = 2;
+      HDCP_V2_1 = 3;
+      HDCP_V2_2 = 4;
+      HDCP_NO_DIGITAL_OUTPUT = 0xff;
+    }
+
+    optional bool client_token = 1 [default = false];
+    optional bool session_token = 2 [default = false];
+    optional bool video_resolution_constraints = 3 [default = false];
+    optional HdcpVersion max_hdcp_version = 4 [default = HDCP_NONE];
+    optional uint32 oem_crypto_api_version = 5;
+    // Client has hardware support for protecting the usage table, such as
+    // storing the generation number in secure memory.  For Details, see:
+    // https://docs.google.com/document/d/1Mm8oB51SYAgry62mEuh_2OEkabikBiS61kN7HsDnh9Y/edit#heading=h.xgjl2srtytjt
+    optional bool anti_rollback_usage_table = 6 [default = false];
+  }
+
+  // Type of factory-provisioned device root of trust. Optional.
+  optional TokenType type = 1 [default = KEYBOX];
+  // Factory-provisioned device root of trust. Required.
+  optional bytes token = 2;
+  // Optional client information name/value pairs.
+  repeated NameValue client_info = 3;
+  // Client token generated by the content provider. Optional.
+  optional bytes provider_client_token = 4;
+  // Number of licenses received by the client to which the token above belongs.
+  // Only present if client_token is specified.
+  optional uint32 license_counter = 5;
+  // List of non-baseline client capabilities.
+  optional ClientCapabilities client_capabilities = 6;
+}
+
+// EncryptedClientIdentification message used to hold ClientIdentification
+// messages encrypted for privacy purposes.
+message EncryptedClientIdentification {
+  // Service ID for which the ClientIdentifcation is encrypted (owner of service
+  // certificate).
+  optional string service_id = 1;
+  // Serial number for the service certificate for which ClientIdentification is
+  // encrypted.
+  optional bytes service_certificate_serial_number = 2;
+  // Serialized ClientIdentification message, encrypted with the privacy key using
+  // AES-128-CBC with PKCS#5 padding.
+  optional bytes encrypted_client_id = 3;
+  // Initialization vector needed to decrypt encrypted_client_id.
+  optional bytes encrypted_client_id_iv = 4;
+  // AES-128 privacy key, encrypted with the service public key using RSA-OAEP.
+  optional bytes encrypted_privacy_key = 5;
+}