widevine-partner/provisioning_sdk_source
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update to support OEMCrypto v16 with ODK

Browse Source
This commit is contained in:
KongQun Yang
2020-09-21 15:54:04 -07:00
parent 93265ab9d1
commit 69d813f0f1
203 changed files with 16337 additions and 2290 deletions
Download Patch File Download Diff File Expand all files Collapse all files

193
protos/public/BUILD
View File

@@ -10,7 +10,7 @@
package(default_visibility = ["//visibility:public"])
load("@protobuf_repo//:protobuf.bzl", "cc_proto_library", "py_proto_library")
load("@com_google_protobuf//:protobuf.bzl", "py_proto_library")
# Only a subset of files are included in binary release.
filegroup(
@@ -18,127 +18,228 @@ filegroup(
srcs = [
"certificate_provisioning.proto",
"client_identification.proto",
"device_common.proto",
"external_license.proto",
"hash_algorithm.proto",
"license_protocol.proto",
"provisioned_device_info.proto",
"remote_attestation.proto",
"signed_drm_certificate.proto",
]
],
)
proto_library(
name = "certificate_provisioning_proto",
srcs = ["certificate_provisioning.proto"],
deps = [
":client_identification_proto",
":hash_algorithm_proto",
":remote_attestation_proto",
],
)
cc_proto_library(
name = "certificate_provisioning_proto",
srcs = ["certificate_provisioning.proto"],
default_runtime = "@protobuf_repo//:protobuf",
protoc = "@protobuf_repo//:protoc",
deps = [
":client_identification_proto",
":remote_attestation_proto",
],
name = "certificate_provisioning_cc_proto",
deps = [":certificate_provisioning_proto"],
)
py_proto_library(
name = "certificate_provisioning_py_pb2",
srcs = ["certificate_provisioning.proto"],
default_runtime = "@protobuf_repo//:protobuf_python",
protoc = "@protobuf_repo//:protoc",
default_runtime = "@com_google_protobuf//:protobuf_python",
protoc = "@com_google_protobuf//:protoc",
deps = [
":client_identification_py_pb2",
":hash_algorithm_py_pb2",
":remote_attestation_py_pb2",
],
)
cc_proto_library(
proto_library(
name = "client_identification_proto",
srcs = ["client_identification.proto"],
default_runtime = "@protobuf_repo//:protobuf",
protoc = "@protobuf_repo//:protoc",
)
cc_proto_library(
name = "client_identification_cc_proto",
deps = [":client_identification_proto"],
)
py_proto_library(
name = "client_identification_py_pb2",
srcs = ["client_identification.proto"],
default_runtime = "@protobuf_repo//:protobuf_python",
protoc = "@protobuf_repo//:protoc",
default_runtime = "@com_google_protobuf//:protobuf_python",
protoc = "@com_google_protobuf//:protoc",
)
proto_library(
name = "device_common_proto",
srcs = ["device_common.proto"],
)
cc_proto_library(
name = "device_common_cc_proto",
deps = [":device_common_proto"],
)
java_proto_library(
name = "device_common_java_proto",
deps = [":device_common_proto"],
)
proto_library(
name = "device_certificate_status_proto",
srcs = ["device_certificate_status.proto"],
default_runtime = "@protobuf_repo//:protobuf",
protoc = "@protobuf_repo//:protoc",
deps = [":provisioned_device_info_proto"],
deps = [
":hash_algorithm_proto",
":provisioned_device_info_proto",
],
)
cc_proto_library(
name = "device_certificate_status_cc_proto",
deps = [":device_certificate_status_proto"],
)
py_proto_library(
name = "device_certificate_status_py_pb2",
srcs = ["device_certificate_status.proto"],
default_runtime = "@protobuf_repo//:protobuf_python",
protoc = "@protobuf_repo//:protoc",
default_runtime = "@com_google_protobuf//:protobuf_python",
protoc = "@com_google_protobuf//:protoc",
deps = [":provisioned_device_info_py_pb2"],
)
cc_proto_library(
proto_library(
name = "drm_certificate_proto",
srcs = ["drm_certificate.proto"],
default_runtime = "@protobuf_repo//:protobuf",
protoc = "@protobuf_repo//:protoc",
deps = [":provisioned_device_info_proto"],
)
cc_proto_library(
name = "drm_certificate_cc_proto",
deps = [":drm_certificate_proto"],
)
py_proto_library(
name = "drm_certificate_py_pb2",
srcs = ["drm_certificate.proto"],
default_runtime = "@protobuf_repo//:protobuf_python",
protoc = "@protobuf_repo//:protoc",
default_runtime = "@com_google_protobuf//:protobuf_python",
protoc = "@com_google_protobuf//:protoc",
deps = [":provisioned_device_info_py_pb2"],
)
cc_proto_library(
proto_library(
name = "errors_proto",
srcs = ["errors.proto"],
default_runtime = "@protobuf_repo//:protobuf",
protoc = "@protobuf_repo//:protoc",
)
cc_proto_library(
name = "errors_cc_proto",
deps = [":errors_proto"],
)
proto_library(
name = "external_license_proto",
srcs = ["external_license.proto"],
deps = [
":client_identification_proto",
":license_protocol_proto",
],
)
cc_proto_library(
name = "external_license_cc_proto",
deps = [":external_license_proto"],
)
proto_library(
name = "remote_attestation_proto",
srcs = ["remote_attestation.proto"],
default_runtime = "@protobuf_repo//:protobuf",
protoc = "@protobuf_repo//:protoc",
deps = [":client_identification_proto"],
)
cc_proto_library(
name = "remote_attestation_cc_proto",
deps = [":remote_attestation_proto"],
)
py_proto_library(
name = "remote_attestation_py_pb2",
srcs = ["remote_attestation.proto"],
default_runtime = "@protobuf_repo//:protobuf_python",
protoc = "@protobuf_repo//:protoc",
default_runtime = "@com_google_protobuf//:protobuf_python",
protoc = "@com_google_protobuf//:protoc",
deps = [":client_identification_py_pb2"],
)
cc_proto_library(
proto_library(
name = "signed_drm_certificate_proto",
srcs = ["signed_drm_certificate.proto"],
default_runtime = "@protobuf_repo//:protobuf",
protoc = "@protobuf_repo//:protoc",
deps = [":hash_algorithm_proto"],
)
cc_proto_library(
name = "signed_drm_certificate_cc_proto",
deps = [":signed_drm_certificate_proto"],
)
py_proto_library(
name = "signed_drm_certificate_py_pb2",
srcs = ["signed_drm_certificate.proto"],
default_runtime = "@protobuf_repo//:protobuf_python",
protoc = "@protobuf_repo//:protoc",
default_runtime = "@com_google_protobuf//:protobuf_python",
protoc = "@com_google_protobuf//:protoc",
deps = [":hash_algorithm_py_pb2"],
)
proto_library(
name = "provisioned_device_info_proto",
srcs = ["provisioned_device_info.proto"],
deps = [":device_common_proto"],
)
cc_proto_library(
name = "provisioned_device_info_proto",
srcs = ["provisioned_device_info.proto"],
default_runtime = "@protobuf_repo//:protobuf",
protoc = "@protobuf_repo//:protoc",
name = "provisioned_device_info_cc_proto",
deps = [":provisioned_device_info_proto"],
)
py_proto_library(
name = "provisioned_device_info_py_pb2",
srcs = ["provisioned_device_info.proto"],
default_runtime = "@protobuf_repo//:protobuf_python",
protoc = "@protobuf_repo//:protoc",
default_runtime = "@com_google_protobuf//:protobuf_python",
protoc = "@com_google_protobuf//:protoc",
)
proto_library(
name = "license_protocol_proto",
srcs = ["license_protocol.proto"],
deps = [
":client_identification_proto",
":hash_algorithm_proto",
":remote_attestation_proto",
],
)
cc_proto_library(
name = "license_protocol_cc_proto",
deps = [":license_protocol_proto"],
)
proto_library(
name = "hash_algorithm_proto",
srcs = ["hash_algorithm.proto"],
)
cc_proto_library(
name = "hash_algorithm_cc_proto",
deps = [":hash_algorithm_proto"],
)
java_proto_library(
name = "hash_algorithm_java_proto",
deps = [":hash_algorithm_proto"],
)
py_proto_library(
name = "hash_algorithm_py_pb2",
srcs = ["hash_algorithm.proto"],
default_runtime = "@com_google_protobuf//:protobuf_python",
protoc = "@com_google_protobuf//:protoc",
)

33
protos/public/certificate_provisioning.proto
View File

@@ -14,11 +14,14 @@
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
import "protos/public/client_identification.proto";
import "protos/public/hash_algorithm.proto";
import "protos/public/remote_attestation.proto";
option java_package = "com.google.video.widevine.protos";
// ProvisioningOptions specifies the type of certificate to specify and
// in the case of X509 certificates, the certificate authority to use.
message ProvisioningOptions {
@@ -127,8 +130,16 @@ message ProvisioningContext {
// Protocol-dependent context data, encrypted with key and IV in key_data.
// Required.
optional bytes context_data = 2;
// HMAC-SHA256 MAC of |context_data|, generated using MAC key in key_data.
optional bytes mac = 3;
}
message SignedProvisioningContext {
// ProvisioningContext in bytes.
optional bytes provisioning_context = 1;
// RSASSA-PSS signature of provisioning_context. Signed with service private
// key.
optional bytes signature = 2;
// Optional field that indicates the hash algorithm used in signature scheme.
optional HashAlgorithmProto hash_algorithm = 3;
}
// Cryptographic tokens to be used for ProvisioningContext.
@@ -137,8 +148,6 @@ message ProvisioningContextKeyData {
optional bytes encryption_key = 1;
// Encryption IV, 16 bytes. Required.
optional bytes encryption_iv = 2;
// MAC key, usually 32 bytes used with HMAC-SHA256. Required.
optional bytes mac_key = 3;
}
// Serialized ProvisioningRequest or ProvisioningResponse signed with
@@ -147,9 +156,7 @@ message SignedProvisioningMessage {
enum ProtocolVersion {
SERVICE_CERTIFICATE_REQUEST = 1; // Service certificate request.
PROVISIONING_20 = 2; // Keybox factory-provisioned devices.
PROVISIONING_30 = 3; // OEM certificate factory-provisioned devices.
ARCPP_PROVISIONING = 4; // ChromeOS/Arc++ devices.
INTEL_SIGMA_101 = 101; // Intel Sigma 1.0.1 protocol.
PROVISIONING_30 = 3; // OEM certificate factory-provisioned devices.
}
// Serialized protobuf message for the corresponding protocol and stage of
@@ -164,10 +171,18 @@ message SignedProvisioningMessage {
optional ProtocolVersion protocol_version = 3 [default = PROVISIONING_20];
// Protocol-specific context / state information for multiple-exchange,
// stateful provisioing protocols. Optional.
optional ProvisioningContext provisioning_context = 4;
optional SignedProvisioningContext signed_provisioning_context = 4;
// Remote attestation data to authenticate that the ChromeOS client device
// is operating in verified mode. Remote attestation challenge data is
// |message| field above. Required for ARCPP_PROVISIONING request.
// It contains signature of |message|.
optional RemoteAttestation remote_attestation = 5;
// The core message is the simple serialization of fields used by OEMCrypto.
// This field was introduced in OEMCrypto API v16. The core message format is
// documented in the "Widevine Core Message Serialization", found internally
// at
// https://docs.google.com/document/d/1M5f0OA8zrIFufpZiny_M9WkvJkCUs9DpRpeDmk9QKKY/edit
optional bytes oemcrypto_core_message = 6;
// Optional field that indicates the hash algorithm used in signature scheme.
optional HashAlgorithmProto hash_algorithm = 7;
}

17
protos/public/client_identification.proto
View File

@@ -13,10 +13,11 @@
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
option java_package = "com.google.video.widevine.protos";
option java_outer_classname = "ClientIdentificationProtos";
// ClientIdentification message used to authenticate the client device.
message ClientIdentification {
enum TokenType {
@@ -47,6 +48,9 @@ message ClientIdentification {
enum CertificateKeyType {
RSA_2048 = 0;
RSA_3072 = 1;
ECC_SECP256R1 = 2;
ECC_SECP384R1 = 3;
ECC_SECP521R1 = 4;
}
enum AnalogOutputCapabilities {
@@ -84,6 +88,11 @@ message ClientIdentification {
optional uint32 resource_rating_tier = 12 [default = 0];
}
message ClientCredentials {
optional TokenType type = 1 [default = KEYBOX];
optional bytes token = 2;
}
// Type of factory-provisioned device root of trust. Optional.
optional TokenType type = 1 [default = KEYBOX];
// Factory-provisioned device root of trust. Required.
@@ -99,6 +108,8 @@ message ClientIdentification {
optional ClientCapabilities client_capabilities = 6;
// Serialized VmpData message. Optional.
optional bytes vmp_data = 7;
// Optional field that may contain additional provisioning credentials.
optional ClientCredentials device_credentials = 8;
}
// EncryptedClientIdentification message used to hold ClientIdentification
@@ -110,8 +121,8 @@ message EncryptedClientIdentification {
// Serial number for the service certificate for which ClientIdentification is
// encrypted.
optional bytes service_certificate_serial_number = 2;
// Serialized ClientIdentification message, encrypted with the privacy key using
// AES-128-CBC with PKCS#5 padding.
// Serialized ClientIdentification message, encrypted with the privacy key
// using AES-128-CBC with PKCS#5 padding.
optional bytes encrypted_client_id = 3;
// Initialization vector needed to decrypt encrypted_client_id.
optional bytes encrypted_client_id_iv = 4;

75
protos/public/device_certificate_status.proto
View File

@@ -14,11 +14,12 @@ syntax = "proto2";
package widevine;
import "protos/public/hash_algorithm.proto";
import "protos/public/provisioned_device_info.proto";
option java_outer_classname = "DeviceCertificateStatusProtos";
option java_package = "com.google.video.widevine.protos";
import "protos/public/provisioned_device_info.proto";
// Contains DRM and OEM certificate status and device information for a
// specific system ID.
// TODO(user): Move this to its own file.
@@ -35,6 +36,18 @@ message DeviceCertificateStatus {
STATUS_REVOKED = 40; // Revoked device.
}
message RevokedIdentifiers {
// Contains a sorted list of DRM serial numbers that are revoked.
repeated bytes revoked_certificate_serial_numbers = 1;
// Contains a sorted list of revoked_unique_id_hashes that are revoked.
// These identifiers are hash values of the root of trust identifier.
// For a keybox, hash = SHA256(KeyboxUniqueID || SecretSauce) where
// SecretSauce is a Widevine owned secret. For Provisioning 3.0, hash =
// SHA256(X509SerialNumber|| SecretSauce) where SecretSauce is a Widevine
// owned secret.
repeated bytes revoked_unique_id_hashes = 2;
}
// Serial number of the intermediate DrmCertificate to which this
// message refers. Required.
optional bytes drm_serial_number = 1;
@@ -49,6 +62,10 @@ message DeviceCertificateStatus {
optional bytes oem_serial_number = 5;
// Status of the device. Optional.
optional Status status = 6 [default = STATUS_UNKNOWN];
// RevokedIdentifiers collect all the serial_numbers or unique_id_hashes used
// for individual drm certificate revocation.
optional RevokedIdentifiers revoked_identifiers = 7;
}
// List of DeviceCertificateStatus. Used to propagate certificate revocation
@@ -58,10 +75,15 @@ message DeviceCertificateStatusList {
optional uint32 creation_time_seconds = 1;
// DeviceCertificateStatus for each system ID.
repeated DeviceCertificateStatus certificate_status = 2;
// The duration for this device certificate status list in seconds. Within
// this grace period, content provider can set device certificate status list
// in the SDK. The default time is 7 days.
optional uint32 duration_time_seconds = 3;
}
// List of DeviceCertificateStatus. Used to propagate certificate revocation
// status and device information. (Used in published devices library)
message PublishedDevicesList {
// POSIX time, in seconds, when the list was created. Required.
optional uint32 creation_time_seconds = 1;
// DeviceCertificateStatus for each system ID.
repeated DeviceCertificateStatus device_certificate_status = 2;
}
// Signed CertificateStatusList
@@ -71,43 +93,6 @@ message SignedDeviceCertificateStatusList {
// Signature of certificate_status_list. Signed with root certificate private
// key using RSASSA-PSS. Required.
optional bytes signature = 2;
}
// A signed request sent to Widevine Provisioning Server (keysmith) to retrieve
// 'DeviceCertificateStatusList'.
message SignedDeviceCertificateStatusListRequest {
// Serialized DeviceCertificateStatusListRequest. Required.
optional bytes device_certificate_status_list_request = 1;
// Signature of device_certificate_status_list_request. Signed with root
// certificate private key using RSASSA-PSS. Required.
optional bytes signature = 2;
}
// A request sent to Widevine Provisioning Server (keysmith) to retrieve
// 'DeviceCertificateStatusList'.
message DeviceCertificateStatusListRequest {
// The version of sdk. Required.
optional string sdk_version = 1;
// POSIX time, in seconds, when this request was created. Required.
optional uint64 sdk_time_seconds = 2;
}
// Contains response from Widevine Provisioning Server with status and
// DeviceCertificateStatusList information.
message DeviceCertificateStatusListResponse {
enum Status {
UNKNOWN = 0;
OK = 1;
SIGNATURE_FAILED = 2;
NOT_AUTHORIZED = 3;
AUTHORIZATION_EXPIRED = 4;
PROVIDER_ID_MISSING = 5;
INTERNAL_ERROR = 6;
}
// Status returned by the Widevine Provisioning Server. Required.
optional Status status = 1;
// String message returned by the Widevine Provisioning Server.
optional string status_message = 2;
// Serialized SignedDeviceCertificateStatusList. Required.
optional bytes signed_device_certificate_status_list = 3;
// Optional field that indicates the hash algorithm used in signature scheme.
optional HashAlgorithmProto hash_algorithm = 3;
}

172
protos/public/device_common.proto Normal file
View File

@@ -0,0 +1,172 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2020 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
//
// This file contains device-related definitions that are common to both the
// legacy device management service and the new devices service. Eventually,
// we may merge the contents of this file into other files.
syntax = "proto3";
package widevine;
option java_package = "com.google.video.widevine.protos";
// Allows additional make/models to be associated with a system_id.
message DeviceModel {
// ModelStatus is used to specify how confident we are that this
// make/model/year combination is allowed by the device manufacturer.
// VERIFIED indicates that the manufacturer confirmed that it is correct.
// UNVERIFIED means that we have sufficient data to believe it is correct,
// but the manufacturer has not confirmed.
// UNKNOWN indicates that we do not have sufficient information to indicate
// whether or not the device is allowed by the manufacturer.
// REJECTED indicates that the manufacturer explicitly disallowed the use
// of the make/model/year combination.
enum ModelStatus {
MODEL_STATUS_UNSPECIFIED = 0;
MODEL_STATUS_VERIFIED = 1;
MODEL_STATUS_UNVERIFIED = 2;
MODEL_STATUS_UNKNOWN = 4;
MODEL_STATUS_REJECTED = 3;
}
// Represents the device manufacturer. Typically, this will be Philips, LG,
// Sharp, etc.
string manufacturer = 1;
// Model of the device.
string model_name = 2;
// The expected release year of the make/model combination. Optional.
uint32 model_year = 3;
// The model status of this make and model.
ModelStatus status = 4;
}
// DeviceState defines the current state of the device. It is used in
// licensing to determine if a (classic or MDRM/CENC) license should be
// issued. The status affects if and how a device record is shown in
// keysmith's CertificateStatusList.
//
// States:
// DEVICE_STATE_UNKNOWN: This should not be used.
// It only indicates that a state has not been set.
// IN_TESTING: The first valid state of a device record. A newly created
// device should be in this state until the device is considered
// "released". In this state a device should only be supported on test
// services (e.g. UAT license service).
// PRE_RELEASE: The state of a device when it's ready to be used with
// production services. In this state a device can receive production
// classic and MDRM/CENC licenses. The device will also be listed in
// keysmith's certificate status list. The device data will be
// available for sharing with internal partners only.
// RELEASED: Indicates that the device is available on the store shelves.
// The device data will be available for sharing with external partners.
// DELETED: Indicates that the device was manually disabled and should
// not be used for any test or production services. The device should
// not appear in the device certificate status list. Customers will
// not be able to see or utilize this state when managing their devices.
// TEST_ONLY: Indicates that this device was never intended for production
// but can be used for test purposes. The device will be listed in the
// certificate status list as a test device.
// REVOKED: Indicates that the device was revoked. No test or production
// service should honor requests (classic nor MDRM/CENC) from one of
// these devices. The device serial number and its REVOKED status will
// appear in keysmith's certificate status list.
//
// Devices in the above states have the following behaviors in widevince
// services:
//
// Licensing | Certificate | Cert | Cert | Test |
// State Prod | UAT | Provisioning | Listed | status | device | redact
// -- -- -- -- -- -- -- --
// IN_TESTING No Yes Yes Yes VALID true yes
// TEST_ONLY No Yes Yes Yes VALID true no
// PRE_RELEASE Yes Yes Yes Yes VALID false yes
// RELEASED Yes Yes Yes Yes VALID false no
// REVOKED No No No Yes REVOKED false no
// DELETED No No No No n/a n/a n/a
enum DeviceState {
DEVICE_STATE_UNKNOWN = 0;
IN_TESTING = 1;
RELEASED = 2;
DELETED = 3;
TEST_ONLY = 4;
REVOKED = 5;
PRE_RELEASE = 6;
}
// Specifies the device type, or form factor of a device.
enum DeviceType {
DEVICE_TYPE_UNSPECIFIED = 0;
DEVICE_TYPE_PHONE = 1;
DEVICE_TYPE_TV = 2;
DEVICE_TYPE_TABLET = 3;
DEVICE_TYPE_GAMING_CONSOLE = 4;
DEVICE_TYPE_SET_TOP_BOX = 5;
DEVICE_TYPE_VIDEO_DONGLE = 6;
DEVICE_TYPE_PC = 7;
DEVICE_TYPE_AUTO = 8;
DEVICE_TYPE_WEARABLE = 9;
DEVICE_TYPE_CONNECTED_AUDIO_DEVICE = 10;
DEVICE_TYPE_SMART_DISPLAY = 11;
// Legacy identifier for records that were created for SoC integration.
DEVICE_TYPE_SOC = 12;
}
// Specifies the platform and OS of the device.
enum Platform {
PLATFORM_UNSPECIFIED = 0;
PLATFORM_CHROMECAST = 1;
PLATFORM_FUCHSIA = 2;
PLATFORM_IOS = 3;
PLATFORM_IPAD_OS = 4;
PLATFORM_TV_OS = 5;
PLATFORM_ANDROID = 6;
PLATFORM_WINDOWS = 7;
PLATFORM_CHROME_OS = 8;
PLATFORM_MAC_OS = 9;
PLATFORM_LINUX = 10;
PLATFORM_WEB_OS = 11;
PLATFORM_TIZEN = 12;
PLATFORM_FIRE_OS = 13;
PLATFORM_ROKU = 14;
PLATFORM_PLAYSTATION = 15;
PLATFORM_XBOX = 16;
PLATFORM_KAIOS = 17;
PLATFORM_RDK = 18;
PLATFORM_OTHER = 19;
}
// This is used for tri-state answers. Yes-TEE, Yes-REE, No.
// This has to be in device_common to avoid import conflicts between security
// profiles and device security profiles.
enum OsOptionalSupport {
OS_OPTIONAL_SUPPORT_UNSPECIFIED = 0;
YES_TEE = 1;
YES_REE = 2;
NO_SUPPORT = 3;
}
// Version of High-bandwidth Digital Content Protection (HDCP).
// This has to be in device_common to avoid import conflicts between security
// profiles and device security profiles.
enum HdcpVersion {
HDCP_VERSION_UNSPECIFIED = 0;
HDCP_V1 = 1;
HDCP_V2 = 2;
HDCP_V2_1 = 3;
HDCP_V2_2 = 4;
HDCP_V2_3 = 5;
}
// Widevine device security level.
enum DeviceSecurityLevel {
SECURITY_LEVEL_UNSPECIFIED = 0;
LEVEL_1 = 1;
LEVEL_2 = 2;
LEVEL_3 = 3;
}

69
protos/public/drm_certificate.proto
View File

@@ -17,8 +17,47 @@ package widevine;
option java_outer_classname = "DrmCertificateProtos";
option java_package = "com.google.video.widevine.protos";
// Definition of the root of trust identifier proto. The proto message contains
// the EC-IES encrypted identifier (e.g. keybox unique id) for a device and
// an associated hash. These can be used by Widevine to identify the root of
// trust that was used to acquire a DRM certificate.
//
// In addition to the encrypted part and the hash, the proto contains the
// version of the root of trust id which implies the EC key algorithm that was
// used.
// Next id: 5
message RootOfTrustId {
// The version specifies the EC algorithm that was used to generate the
// root of trust id.
enum RootOfTrustIdVersion {
// Should not be used.
ROOT_OF_TRUST_ID_VERSION_UNSPECIFIED = 0;
// Version 1 of the ID uses EC-IES with SECP256R1 curve.
ROOT_OF_TRUST_ID_VERSION_1 = 1;
}
optional RootOfTrustIdVersion version = 1;
// The key_id is used for key rotation. It indicates which key was used to
// generate the root of trust id.
optional uint32 key_id = 2;
// The EC-IES encrypted message containing the unique_id. The bytes are
// a concatenation of
// 1) The ephemeral public key. Uncompressed keypoint format per X9.62.
// 2) The plaintext encrypted with the derived AES key using AES CBC,
// PKCS7 padding and a zerio iv.
// 3) The HMAC SHA256 of the cipher text.
optional bytes encrypted_unique_id = 3;
// The hash of encrypted unique id and other values.
// unique_id_hash = SHA256(
// encrypted_unique_id || system_id || SHA256(unique_id || secret_sauce)).
optional bytes unique_id_hash = 4;
}
// DRM certificate definition for user devices, intermediate, service, and root
// certificates.
// Next id: 11
message DrmCertificate {
enum Type {
ROOT = 0; // ProtoBestPractices: ignore.
@@ -28,7 +67,18 @@ message DrmCertificate {
PROVISIONER = 4;
}
enum ServiceType {
UNKNOWN = 0; LICENSE_SERVER_SDK = 1; LICENSE_SERVER_PROXY_SDK = 2;
UNKNOWN_SERVICE_TYPE = 0;
LICENSE_SERVER_SDK = 1;
LICENSE_SERVER_PROXY_SDK = 2;
PROVISIONING_SDK = 3;
CAS_PROXY_SDK = 4;
}
enum Algorithm {
UNKNOWN_ALGORITHM = 0;
RSA = 1;
ECC_SECP256R1 = 2;
ECC_SECP384R1 = 3;
ECC_SECP521R1 = 4;
}
// Type of certificate. Required.
optional Type type = 1;
@@ -50,6 +100,19 @@ message DrmCertificate {
// certificate. Required for service and provisioner certificates.
optional string provider_id = 7;
// This field is used only when type = SERVICE to specify which SDK uses
// service certificate.
optional ServiceType service_type = 8 [default = UNKNOWN];
// service certificate. This repeated field is treated as a set. A certificate
// may be used for the specified service SDK if the appropriate ServiceType
// is specified in this field.
repeated ServiceType service_types = 8;
// Required. The algorithm field contains the curve used to create the
// |public_key| if algorithm is one of the ECC types.
// The |algorithm| is used for both to determine the if the certificate is ECC
// or RSA. The |algorithm| also specifies the parameters that were used to
// create |public_key| and are used to create an ephemeral session key.
optional Algorithm algorithm = 9 [default = RSA];
// Optional. May be present in DEVICE certificate types. This is the root
// of trust identifier that holds an encrypted value that identifies the
// keybox or other root of trust that was used to provision a DEVICE drm
// certificate.
optional RootOfTrustId rot_id = 10;
}

73
protos/public/errors.proto
View File

@@ -12,6 +12,7 @@
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
@@ -239,4 +240,76 @@ enum Errors {
// Invalid method parameter.
INVALID_PARAMETER = 170;
// Even KeyID not specified, CasEncryptionResponse.KeyInfo.KeySlot
MISSING_EVEN_KEY_ID = 171;
// Even Key not specified, CasEncryptionResponse.KeyInfo.KeySlot
MISSING_EVEN_KEY = 172;
// VMP verification required for this platform, however VMP data is missing.
VMP_ERROR_PLATFORM_NOT_VERIFIED = 173;
// VMP verification failed this platform, perhaps was tampered with.
VMP_ERROR_PLATFORM_TAMPERED = 174;
// Device Certificate SN is revoked.
DRM_DEVICE_CERTIFICATE_SERIAL_NUMBER_REVOKED = 175;
// Signing key expired.
SIGNING_KEY_EXPIRED = 176;
// Signature verification failed.
SIGNATURE_VERIFICATION_FAILED = 177;
// License request provider and the signer provider do not match.
SIGNER_PROVIDER_ID_MISMATCH = 178;
// Invalid session key.
INVALID_SESSION_KEY = 179;
// Device not supported.
DEVICE_NOT_SUPPORTED = 180;
// Empty content info entry
CONTENT_INFO_ENTRY_EMPTY = 181;
// Drm device certificate serial number is empty.
DRM_DEVICE_CERTIFICATE_EMPTY_SERIAL_NUMBER = 182;
// Make/Model reported in license request is unknown.
UNKNOWN_MAKE_MODEL = 183;
// Generating ECC ephemeral keys failed.
DRM_DEVICE_CERTIFICATE_ECC_KEYGEN_FAILED = 184;
// Certificate Algorithm.
INVALID_CERT_ALGORITHM = 185;
// RSA Public key not found.
MISSING_RSA_PUBLIC_KEY = 186;
// An error in creating a RSA Public Key.
CREATE_RSA_PUBLIC_KEY_FAILED = 187;
// An error was found in the ATSC profile.
ATSC_PROFILE_ERROR = 188;
// Attempt to parse the external license request message failed.
EXTERNAL_LICENSE_REQUEST_PARSE_ERROR = 189;
// Unexpected key type for the type of message.
INVALID_KEY_TYPE = 190;
// Unable to find provider key.
MISSING_PROVIDER_KEY = 191;
// Unable to find provider iv.
MISSING_PROVIDER_IV = 192;
// Group id is empty.
EMPTY_GROUP_ID = 193;
// Encrypted license challenge not decrypted.
INVALID_ENCRYPTED_LICENSE_CHALLENGE = 194;
}

81
protos/public/external_license.proto Normal file
View File

@@ -0,0 +1,81 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2019 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
//
// Description:
// Definitions of the protocol buffer messages used in the Widevine license
// exchange protocol to support DRM systems native to a device other than
// Widevine.
syntax = "proto2";
package widevine;
import "protos/public/client_identification.proto";
import "protos/public/license_protocol.proto";
option java_package = "com.google.video.widevine.externallicense";
option java_multiple_files = true;
enum ExternalLicenseType {
EXTERNAL_LICENSE_TYPE_UNDEFINED = 0;
PLAYREADY_LICENSE_NEW = 1;
PLAYREADY_LICENSE_RENEWAL = 2;
PLAYREADY_LICENSE_RELEASE = 3;
}
message EncryptedLicenseRequest {
// Provider ID for which the license request is encrypted (owner of
// service certificate).
optional string provider_id = 1;
// Serial number for the service certificate for which license_request is
// encrypted.
optional bytes service_certificate_serial_number = 2;
// Serialized license request message, encrypted with the privacy key
// using AES-128-CBC with PKCS#5 padding.
optional bytes encrypted_license_request = 3;
// Initialization vector needed to decrypt encrypted_license_request.
optional bytes encrypted_license_request_iv = 4;
// AES-128 privacy key, encrypted with the service public key using RSA-OAEP.
optional bytes encrypted_privacy_key = 5;
}
message ExternalLicenseRequest {
optional ExternalLicenseType request_type = 1;
// The license request.
oneof clear_or_encrypted_request {
// License request from the client.
bytes request = 2;
// Encrypted request from the client.
EncryptedLicenseRequest encrypted_request = 7;
}
oneof clear_or_encrypted_client_id {
// Information about the device.
ClientIdentification client_id = 3;
// Encrypted ClientIdentification message, used for privacy purposes.
EncryptedClientIdentification encrypted_client_id = 4;
}
// Information about the content, including the PSSH data.
optional LicenseRequest.ContentIdentification content_id = 5;
// Time of the request in seconds (UTC) as set by the client.
optional int64 request_time = 6;
}
message ExternalLicense {
optional ExternalLicenseType license_type = 1;
// The license representing the license type.
optional bytes license = 2;
// Widevine specific policy for renewals and expiry.
optional License.Policy policy = 3;
// Time of the request in seconds (UTC) as set in
// LicenseRequest.request_time. If this time is not set in the request,
// the local time at the license service is used in this field.
optional int64 license_start_time = 4;
// List of key Identifiers associated with this license.
repeated bytes key_id = 5;
}

20
protos/public/hash_algorithm.proto Normal file
View File

@@ -0,0 +1,20 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2020 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
syntax = "proto3";
package widevine;
// LINT.IfChange
enum HashAlgorithmProto {
// Unspecified hash algorithm: SHA_256 shall be used for ECC based algorithms
// and SHA_1 shall be used otherwise.
HASH_ALGORITHM_UNSPECIFIED = 0;
HASH_ALGORITHM_SHA_1 = 1;
HASH_ALGORITHM_SHA_256 = 2;
}

522
protos/public/license_protocol.proto Normal file
View File

@@ -0,0 +1,522 @@
////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
//
// Description:
// Definitions of the protocol buffer messages used in the Widevine license
// exchange protocol, described in Widevine license exchange protocol document
syntax = "proto2";
package widevine;
import "protos/public/client_identification.proto";
import "protos/public/hash_algorithm.proto";
import "protos/public/remote_attestation.proto";
option java_package = "com.google.video.widevine.protos";
// option optimize_for = LITE_RUNTIME;
enum LicenseType {
STREAMING = 1;
OFFLINE = 2;
// License type decision is left to provider.
AUTOMATIC = 3;
}
enum PlatformVerificationStatus {
// The platform is not verified.
PLATFORM_UNVERIFIED = 0;
// Tampering detected on the platform.
PLATFORM_TAMPERED = 1;
// The platform has been verified by means of software.
PLATFORM_SOFTWARE_VERIFIED = 2;
// The platform has been verified by means of hardware (e.g. secure boot).
PLATFORM_HARDWARE_VERIFIED = 3;
// Platform verification was not performed.
PLATFORM_NO_VERIFICATION = 4;
// Platform and secure storage capability have been verified by means of
// software.
PLATFORM_SECURE_STORAGE_SOFTWARE_VERIFIED = 5;
}
// LicenseIdentification is propagated from LicenseRequest to License,
// incrementing version with each iteration.
message LicenseIdentification {
optional bytes request_id = 1;
optional bytes session_id = 2;
optional bytes purchase_id = 3;
optional LicenseType type = 4;
optional int32 version = 5;
optional bytes provider_session_token = 6;
}
// This message is used to indicate the license cateogry spec for a license as
// a part of initial license issuance.
// LINT.IfChange
message LicenseCategorySpec {
// Possible license categories.
enum LicenseCategory {
// By default, License is used for single content.
SINGLE_CONTENT_LICENSE_DEFAULT = 0;
// License is used for multiple contents (could be a combination of
// single contents and groups of contents).
MULTI_CONTENT_LICENSE = 1;
// License is used for contents logically grouped.
GROUP_LICENSE = 2;
}
// Optional. License category indicates if license is used for single
// content, multiple contents (could be a combination of
// single contents and groups of contents) or a group of contents.
optional LicenseCategory license_category = 1;
// Optional. Content or group ID covered by the license.
oneof content_or_group_id {
// Content_id would be present if it is a license for single content.
bytes content_id = 2;
// Group_id would be present if the license is a multi_content_license or
// group_license. Group Id could be the name of a group of contents,
// defined by licensor.
bytes group_id = 3;
}
}
message License {
// LINT.IfChange
message Policy {
// Indicates that playback of the content is allowed.
optional bool can_play = 1 [default = false];
// Indicates that the license may be persisted to non-volatile
// storage for offline use.
optional bool can_persist = 2 [default = false];
// Indicates that renewal of this license is allowed.
optional bool can_renew = 3 [default = false];
// For the |*duration*| fields, playback must halt when
// license_start_time (seconds since the epoch (UTC)) +
// license_duration_seconds is exceeded. A value of 0
// indicates that there is no limit to the duration.
// Indicates the rental window.
optional int64 rental_duration_seconds = 4 [default = 0];
// Indicates the viewing window, once playback has begun.
optional int64 playback_duration_seconds = 5 [default = 0];
// Indicates the time window for this specific license.
optional int64 license_duration_seconds = 6 [default = 0];
// The |renewal*| fields only apply if |can_renew| is true.
// The window of time, in which playback is allowed to continue while
// renewal is attempted, yet unsuccessful due to backend problems with
// the license server.
optional int64 renewal_recovery_duration_seconds = 7 [default = 0];
// All renewal requests for this license shall be directed to the
// specified URL.
optional string renewal_server_url = 8;
// How many seconds after license_start_time, before renewal is first
// attempted.
optional int64 renewal_delay_seconds = 9 [default = 0];
// Specifies the delay in seconds between subsequent license
// renewal requests, in case of failure.
optional int64 renewal_retry_interval_seconds = 10 [default = 0];
// Indicates that the license shall be sent for renewal when usage is
// started.
optional bool renew_with_usage = 11 [default = false];
// Indicates to client that license renewal and release requests ought to
// include ClientIdentification (client_id).
optional bool always_include_client_id = 12 [default = false];
// Duration of grace period before playback_duration_seconds (short window)
// goes into effect. Optional.
optional int64 play_start_grace_period_seconds = 13 [default = 0];
// Enables "soft enforcement" of playback_duration_seconds, letting the user
// finish playback even if short window expires. Optional.
optional bool soft_enforce_playback_duration = 14 [default = false];
// Enables "soft enforcement" of rental_duration_seconds. Initial playback
// must always start before rental duration expires. In order to allow
// subsequent playbacks to start after the rental duration expires,
// soft_enforce_playback_duration must be true. Otherwise, subsequent
// playbacks will not be allowed once rental duration expires. Optional.
optional bool soft_enforce_rental_duration = 15 [default = true];
}
message KeyContainer {
enum KeyType {
SIGNING = 1; // No more than one signing key may appear.
CONTENT = 2; // Content key.
KEY_CONTROL = 3; // Key control block for license renewals. No key.
OPERATOR_SESSION = 4; // wrapped keys for auxiliary crypto operations.
ENTITLEMENT = 5; // Entitlement keys.
OEM_CONTENT = 6; // Partner-specific content key.
}
// The SecurityLevel enumeration allows the server to communicate the level
// of robustness required by the client, in order to use the key.
enum SecurityLevel {
// Software-based whitebox crypto is required.
SW_SECURE_CRYPTO = 1;
// Software crypto and an obfuscated decoder is required.
SW_SECURE_DECODE = 2;
// The key material and crypto operations must be performed within a
// hardware backed trusted execution environment.
HW_SECURE_CRYPTO = 3;
// The crypto and decoding of content must be performed within a hardware
// backed trusted execution environment.
HW_SECURE_DECODE = 4;
// The crypto, decoding and all handling of the media (compressed and
// uncompressed) must be handled within a hardware backed trusted
// execution environment.
HW_SECURE_ALL = 5;
}
message KeyControl {
// If present, the key control must be communicated to the secure
// environment prior to any usage. This message is automatically generated
// by the Widevine License Server SDK.
optional bytes key_control_block = 1;
optional bytes iv = 2;
}
message OutputProtection {
// Indicates whether HDCP is required on digital outputs, and which
// version should be used.
enum HDCP {
HDCP_NONE = 0;
HDCP_V1 = 1;
HDCP_V2 = 2;
HDCP_V2_1 = 3;
HDCP_V2_2 = 4;
HDCP_V2_3 = 5;
HDCP_NO_DIGITAL_OUTPUT = 0xff;
}
optional HDCP hdcp = 1 [default = HDCP_NONE];
// Indicate the CGMS setting to be inserted on analog output.
enum CGMS {
CGMS_NONE = 42;
COPY_FREE = 0;
COPY_ONCE = 2;
COPY_NEVER = 3;
}
optional CGMS cgms_flags = 2 [default = CGMS_NONE];
enum HdcpSrmRule {
HDCP_SRM_RULE_NONE = 0;
// In 'required_protection', this means most current SRM is required.
// Update the SRM on the device. If update cannot happen,
// do not allow the key.
// In 'requested_protection', this means most current SRM is requested.
// Update the SRM on the device. If update cannot happen,
// allow use of the key anyway.
CURRENT_SRM = 1;
}
optional HdcpSrmRule hdcp_srm_rule = 3 [default = HDCP_SRM_RULE_NONE];
// Optional requirement to indicate analog output is not allowed.
optional bool disable_analog_output = 4 [default = false];
// Optional requirement to indicate digital output is not allowed.
optional bool disable_digital_output = 5 [default = false];
// Optional. If set, it indicates digital video recording (DVR) is
// allowed.
optional bool allow_record = 6 [default = false];
}
message VideoResolutionConstraint {
// Minimum and maximum video resolutions in the range (height x width).
optional uint32 min_resolution_pixels = 1;
optional uint32 max_resolution_pixels = 2;
// Optional output protection requirements for this range. If not
// specified, the OutputProtection in the KeyContainer applies.
optional OutputProtection required_protection = 3;
}
message OperatorSessionKeyPermissions {
// Permissions/key usage flags for operator service keys
// (type = OPERATOR_SESSION).
optional bool allow_encrypt = 1 [default = false];
optional bool allow_decrypt = 2 [default = false];
optional bool allow_sign = 3 [default = false];
optional bool allow_signature_verify = 4 [default = false];
}
// KeyCategorySpec message is used to identify if current key is generated
// for a single content or a group of contents. Currently it is only used in
// CAS request.
message KeyCategorySpec {
// Represents what kind of content a key is used for.
enum KeyCategory {
// By default, key is created for single content.
SINGLE_CONTENT_KEY_DEFAULT = 0;
// Key is created for a group of contents.
GROUP_KEY = 1;
}
// Indicate if the current key is created for single content or for group
// use.
optional KeyCategory key_category = 1;
// Id for key category. If it is a key for single content, this id
// represents the content_id. Otherwise, it represents a group_id.
oneof content_or_group_id {
bytes content_id = 2;
bytes group_id = 3;
}
}
optional bytes id = 1;
optional bytes iv = 2;
optional bytes key = 3;
optional KeyType type = 4;
optional SecurityLevel level = 5 [default = SW_SECURE_CRYPTO];
optional OutputProtection required_protection = 6;
// NOTE: Use of requested_protection is not recommended as it is only
// supported on a small number of platforms.
optional OutputProtection requested_protection = 7;
optional KeyControl key_control = 8;
optional OperatorSessionKeyPermissions operator_session_key_permissions = 9;
// Optional video resolution constraints. If the video resolution of the
// content being decrypted/decoded falls within one of the specified ranges,
// the optional required_protections may be applied. Otherwise an error will
// be reported.
// NOTE: Use of this feature is not recommended, as it is only supported on
// a small number of platforms.
repeated VideoResolutionConstraint video_resolution_constraints = 10;
// Optional flag to indicate the key must only be used if the client
// supports anti rollback of the user table. Content provider can query the
// client capabilities to determine if the client support this feature.
optional bool anti_rollback_usage_table = 11 [default = false];
// Optional not limited to commonly known track types such as SD, HD.
// It can be some provider defined label to identify the track.
optional string track_label = 12;
// Optional. It is used to identify if current key is generated for a
// single content or a group of contents. Currently it is only used in CAS
// request.
optional KeyCategorySpec key_category_spec = 13;
}
optional LicenseIdentification id = 1;
optional Policy policy = 2;
repeated KeyContainer key = 3;
// Time of the request in seconds (UTC) as set in
// LicenseRequest.request_time. If this time is not set in the request,
// the local time at the license service is used in this field.
optional int64 license_start_time = 4;
// TODO(b/65054419): Deprecate remote_attestation_verified in favor of
// platform_verification_status, below.
optional bool remote_attestation_verified = 5 [default = false];
// Client token generated by the content provider. Optional.
optional bytes provider_client_token = 6;
// 4cc code specifying the CENC protection scheme as defined in the CENC 3.0
// specification. Propagated from Widevine PSSH box. Optional.
optional uint32 protection_scheme = 7;
// 8 byte verification field "HDCPDATA" followed by unsigned 32 bit minimum
// HDCP SRM version (whether the version is for HDCP1 SRM or HDCP2 SRM
// depends on client max_hdcp_version).
optional bytes srm_requirement = 8;
// If present this contains a signed SRM file (either HDCP1 SRM or HDCP2 SRM
// depending on client max_hdcp_version) that should be installed on the
// client device.
optional bytes srm_update = 9;
// Indicates the status of any type of platform verification performed by the
// server.
optional PlatformVerificationStatus platform_verification_status = 10
[default = PLATFORM_NO_VERIFICATION];
// IDs of the groups for which keys are delivered in this license, if any.
repeated bytes group_ids = 11;
// Optional. LicenseCategorySpec is used to indicate the license cateogry for
// a license. It could be used as a part of initial license issuance or shown
// as a part of license in license response.
optional LicenseCategorySpec license_category_spec = 12;
}
enum ProtocolVersion {
VERSION_2_0 = 20;
VERSION_2_1 = 21;
VERSION_2_2 = 22;
}
message LicenseRequest {
message ContentIdentification {
message WidevinePsshData {
repeated bytes pssh_data = 1;
optional LicenseType license_type = 2;
optional bytes request_id = 3; // Opaque, client-specified.
}
message WebmKeyId {
optional bytes header = 1;
optional LicenseType license_type = 2;
optional bytes request_id = 3; // Opaque, client-specified.
}
message ExistingLicense {
optional LicenseIdentification license_id = 1;
optional int64 seconds_since_started = 2;
optional int64 seconds_since_last_played = 3;
optional bytes session_usage_table_entry = 4;
}
message InitData {
enum InitDataType {
CENC = 1;
WEBM = 2;
}
optional InitDataType init_data_type = 1 [default = CENC];
optional bytes init_data = 2;
optional LicenseType license_type = 3;
optional bytes request_id = 4;
}
oneof content_id_variant {
// Exactly one of these must be present.
WidevinePsshData widevine_pssh_data = 1;
WebmKeyId webm_key_id = 2;
ExistingLicense existing_license = 3;
InitData init_data = 4;
}
}
enum RequestType {
NEW = 1;
RENEWAL = 2;
RELEASE = 3;
}
// The client_id provides information authenticating the calling device. It
// contains the Widevine keybox token that was installed on the device at the
// factory. This field or encrypted_client_id below is required for a valid
// license request, but both should never be present in the same request.
optional ClientIdentification client_id = 1;
optional ContentIdentification content_id = 2;
optional RequestType type = 3;
// Time of the request in seconds (UTC) as set by the client.
optional int64 request_time = 4;
// Old-style decimal-encoded string key control nonce.
optional bytes key_control_nonce_deprecated = 5;
optional ProtocolVersion protocol_version = 6 [default = VERSION_2_0];
// New-style uint32 key control nonce, please use instead of
// key_control_nonce_deprecated.
optional uint32 key_control_nonce = 7;
// Encrypted ClientIdentification message, used for privacy purposes.
optional EncryptedClientIdentification encrypted_client_id = 8;
}
message LicenseError {
enum Error {
// The device credentials are invalid. The device must re-provision.
INVALID_DRM_DEVICE_CERTIFICATE = 1;
// The device credentials have been revoked. Re-provisioning is not
// possible.
REVOKED_DRM_DEVICE_CERTIFICATE = 2;
// The service is currently unavailable due to the backend being down
// or similar circumstances.
SERVICE_UNAVAILABLE = 3;
}
optional Error error_code = 1;
}
message MetricData {
enum MetricType {
// The time spent in the 'stage', specified in microseconds.
LATENCY = 1;
// The UNIX epoch timestamp at which the 'stage' was first accessed in
// microseconds.
TIMESTAMP = 2;
}
message TypeValue {
optional MetricType type = 1;
// The value associated with 'type'. For example if type == LATENCY, the
// value would be the time in microseconds spent in this 'stage'.
optional int64 value = 2 [default = 0];
}
// 'stage' that is currently processing the SignedMessage. Required.
optional string stage_name = 1;
// metric and associated value.
repeated TypeValue metric_data = 2;
}
message VersionInfo {
// License SDK version reported by the Widevine License SDK. This field
// is populated automatically by the SDK.
optional string license_sdk_version = 1;
// Version of the service hosting the license SDK. This field is optional.
// It may be provided by the hosting service.
optional string license_service_version = 2;
}
message SignedMessage {
enum MessageType {
LICENSE_REQUEST = 1;
LICENSE = 2;
ERROR_RESPONSE = 3;
SERVICE_CERTIFICATE_REQUEST = 4;
SERVICE_CERTIFICATE = 5;
SUB_LICENSE = 6;
CAS_LICENSE_REQUEST = 7;
CAS_LICENSE = 8;
EXTERNAL_LICENSE_REQUEST = 9;
EXTERNAL_LICENSE = 10;
}
enum SessionKeyType {
UNDEFINED = 0;
WRAPPED_AES_KEY = 1;
EPHEMERAL_ECC_PUBLIC_KEY = 2;
}
optional MessageType type = 1;
optional bytes msg = 2;
// Required field that contains the signature of the bytes of msg.
// For license requests, the signing algorithm is determined by the
// certificate contained in the request.
// For license responses, the signing algorithm is HMAC with signing key based
// on |session_key|.
optional bytes signature = 3;
// If populated, the contents of this field will be signaled by the
// |session_key_type| type. If the |session_key_type| is WRAPPED_AES_KEY the
// key is the bytes of an encrypted AES key. If the |session_key_type| is
// EPHERMERAL_ECC_PUBLIC_KEY the field contains the bytes of an RFC5208 ASN1
// serialized ECC public key.
optional bytes session_key = 4;
// Remote attestation data which will be present in the initial license
// request for ChromeOS client devices operating in verified mode. Remote
// attestation challenge data is |msg| field above. Optional.
optional RemoteAttestation remote_attestation = 5;
repeated MetricData metric_data = 6;
// Version information from the SDK and license service. This information is
// provided in the license response.
optional VersionInfo service_version_info = 7;
// Optional field that contains the algorithm type used to generate the
// session_key and signature in a LICENSE message.
optional SessionKeyType session_key_type = 8 [default = WRAPPED_AES_KEY];
// The core message is the simple serialization of fields used by OEMCrypto.
// This field was introduced in OEMCrypto API v16.
optional bytes oemcrypto_core_message = 9;
// Optional field that indicates the hash algorithm used in signature scheme.
optional HashAlgorithmProto hash_algorithm = 10;
// If true it indicates that a LICENSE message session key was based on a key
// provided in a secondary encryption certificate. The secondary encryption
// certificate was provided by the client in a previous LICENSE_REQUEST
// message.
optional bool using_dual_certificate = 11;
}

14
protos/public/provisioned_device_info.proto
View File

@@ -13,9 +13,12 @@ syntax = "proto2";
package widevine;
import "protos/public/device_common.proto";
option java_package = "com.google.video.widevine.protos";
option java_outer_classname = "ProvisionedDeviceInfoProto";
// Contains device model information for a provisioned device.
message ProvisionedDeviceInfo {
enum WvSecurityLevel {
@@ -55,13 +58,14 @@ message ProvisionedDeviceInfo {
optional uint32 system_id = 1;
// Name of system-on-a-chip. Optional.
optional string soc = 2;
// Name of manufacturer. Optional.
// First registered manufacturer. Optional.
optional string manufacturer = 3;
// Manufacturer's model name. Matches "brand" in device metadata. Optional.
// First registered manufacturer's model name. Matches "brand" in device
// metadata. Optional.
optional string model = 4;
// Type of device (Phone, Tablet, TV, etc).
// First registered type of device (Phone, Tablet, TV, etc).
optional string device_type = 5;
// Device model year. Optional.
// First registered device model year. Optional.
optional uint32 model_year = 6;
// Widevine-defined security level. Optional.
optional WvSecurityLevel security_level = 7 [default = LEVEL_UNSPECIFIED];
@@ -70,4 +74,6 @@ message ProvisionedDeviceInfo {
optional bool test_device = 8 [default = false];
// Indicates the type of device root of trust which was factory provisioned.
optional ProvisioningMethod provisioning_method = 9;
// A list of ModelInfo using the same system_id.
repeated DeviceModel model_info = 10;
}

5
protos/public/remote_attestation.proto
View File

@@ -13,10 +13,12 @@
syntax = "proto2";
package widevine;
option java_package = "com.google.video.widevine.protos";
import "protos/public/client_identification.proto";
option java_package = "com.google.video.widevine.protos";
message RemoteAttestation {
// Encrypted ClientIdentification message containing the device remote
// attestation certificate. Required.
@@ -27,4 +29,3 @@ message RemoteAttestation {
// Signed remote attestation challenge + salt. Required.
optional bytes signature = 3;
}

5
protos/public/signed_drm_certificate.proto
View File

@@ -12,9 +12,12 @@ syntax = "proto2";
package widevine;
import "protos/public/hash_algorithm.proto";
option java_outer_classname = "SignedDrmCertificateProtos";
option java_package = "com.google.video.widevine.protos";
// DrmCertificate signed by a higher (CA) DRM certificate.
message SignedDrmCertificate {
// Serialized certificate. Required.
@@ -24,4 +27,6 @@ message SignedDrmCertificate {
optional bytes signature = 2;
// SignedDrmCertificate used to sign this certificate.
optional SignedDrmCertificate signer = 3;
// Optional field that indicates the hash algorithm used in signature scheme.
optional HashAlgorithmProto hash_algorithm = 4;
}