Export provisioning sdk

Change-Id: I4d47d80444c9507f84896767dc676112ca11e901

protos/public/BUILD

@@ -0,0 +1,89 @@
+################################################################################
+# Copyright 2016 Google Inc.
+#
+# This software is licensed under the terms defined in the Widevine Master
+# License Agreement. For a copy of this agreement, please contact
+# widevine-licensing@google.com.
+################################################################################
+
+#
+# Description:
+#   Public protocol buffer definitions for Widevine Services.
+
+package(default_visibility = ["//visibility:public"])
+
+load("@protobuf_repo//:protobuf.bzl", "cc_proto_library", "py_proto_library")
+
+cc_proto_library(
+    name = "certificate_provisioning_proto",
+    srcs = ["certificate_provisioning.proto"],
+    default_runtime = "@protobuf_repo//:protobuf",
+    protoc = "@protobuf_repo//:protoc",
+    deps = [":client_identification_proto"],
+)
+
+py_proto_library(
+    name = "certificate_provisioning_py_pb2",
+    srcs = ["certificate_provisioning.proto"],
+    default_runtime = "@protobuf_repo//:protobuf_python",
+    protoc = "@protobuf_repo//:protoc",
+    deps = [":client_identification_py_pb2"],
+)
+
+cc_proto_library(
+    name = "client_identification_proto",
+    srcs = ["client_identification.proto"],
+    default_runtime = "@protobuf_repo//:protobuf",
+    protoc = "@protobuf_repo//:protoc",
+)
+
+py_proto_library(
+    name = "client_identification_py_pb2",
+    srcs = ["client_identification.proto"],
+    default_runtime = "@protobuf_repo//:protobuf_python",
+    protoc = "@protobuf_repo//:protoc",
+)
+
+cc_proto_library(
+    name = "device_certificate_proto",
+    srcs = ["device_certificate.proto"],
+    default_runtime = "@protobuf_repo//:protobuf",
+    protoc = "@protobuf_repo//:protoc",
+    deps = [":provisioned_device_info_proto"],
+)
+
+py_proto_library(
+    name = "device_certificate_py_pb2",
+    srcs = ["device_certificate.proto"],
+    default_runtime = "@protobuf_repo//:protobuf_python",
+    protoc = "@protobuf_repo//:protoc",
+    deps = [":provisioned_device_info_py_pb2"],
+)
+
+cc_proto_library(
+    name = "signed_device_certificate_proto",
+    srcs = ["signed_device_certificate.proto"],
+    default_runtime = "@protobuf_repo//:protobuf",
+    protoc = "@protobuf_repo//:protoc",
+)
+
+py_proto_library(
+    name = "signed_device_certificate_py_pb2",
+    srcs = ["signed_device_certificate.proto"],
+    default_runtime = "@protobuf_repo//:protobuf_python",
+    protoc = "@protobuf_repo//:protoc",
+)
+
+cc_proto_library(
+    name = "provisioned_device_info_proto",
+    srcs = ["provisioned_device_info.proto"],
+    default_runtime = "@protobuf_repo//:protobuf",
+    protoc = "@protobuf_repo//:protoc",
+)
+
+py_proto_library(
+    name = "provisioned_device_info_py_pb2",
+    srcs = ["provisioned_device_info.proto"],
+    default_runtime = "@protobuf_repo//:protobuf_python",
+    protoc = "@protobuf_repo//:protoc",
+)

protos/public/certificate_provisioning.proto

@@ -0,0 +1,98 @@
+////////////////////////////////////////////////////////////////////////////////
+// Copyright 2016 Google Inc.
+//
+// This software is licensed under the terms defined in the Widevine Master
+// License Agreement. For a copy of this agreement, please contact
+// widevine-licensing@google.com.
+////////////////////////////////////////////////////////////////////////////////
+
+//
+// Description:
+//   Public protocol buffer definitions for Widevine Device Certificate
+//   Provisioning protocol.
+
+syntax = "proto2";
+
+package widevine;
+option java_package = "com.google.video.widevine.protos";
+
+import "protos/public/client_identification.proto";
+
+// ProvisioningOptions specifies the type of certificate to specify and
+// in the case of X509 certificates, the certificate authority to use.
+message ProvisioningOptions {
+  enum CertificateType {
+    WIDEVINE_DRM = 0; // Default.  The original certificate type.
+    X509 = 1; // X.509 certificate.
+  }
+
+  optional CertificateType certificate_type = 1 [default = WIDEVINE_DRM];
+
+  // Contains the application-specific name used to identify the certificate
+  // authority for signing the generated certificate. This is required iff the
+  // certificate type is X509.
+  optional string certificate_authority = 2;
+}
+
+// Provisioning request sent by client devices to provisioning service.
+message ProvisioningRequest {
+  oneof clear_or_encrypted_client_id {
+    // Device root of trust and other client identification. Required.
+    ClientIdentification client_id = 1;
+    EncryptedClientIdentification encrypted_client_id = 5;
+  }
+  // Nonce value used to prevent replay attacks. Required.
+  optional bytes nonce = 2;
+  // Options for type of certificate to generate.  Optional.
+  optional ProvisioningOptions options = 3;
+  oneof spoid_param {
+    // Stable identifier, unique for each device + application (or origin).
+    // To be deprecated.
+    bytes stable_id = 4;
+    // Service provider ID from the service certificate's provider_id field.
+    // Preferred parameter.
+    bytes provider_id = 6;
+    // Client-generated stable per-origin identifier to be copied directly
+    // to the client certificate serial number.
+    bytes spoid = 7;
+  }
+}
+
+// Provisioning response sent by the provisioning server to client devices.
+// This message is used for both regular Widevine DRM certificates and for
+// application-specific X.509 certificates.
+message ProvisioningResponse {
+  // AES-128 encrypted device private RSA key. PKCS#1 ASN.1 DER-encoded.
+  // Required. For X.509 certificates, the private RSA key may also include
+  // a prefix as specified by private_key_prefix in the X509CertificateMetadata
+  // proto message.
+  optional bytes device_rsa_key = 1;
+  // Initialization vector used to encrypt device_rsa_key. Required.
+  optional bytes device_rsa_key_iv = 2;
+  // For Widevine DRM certificates, this contains the serialized
+  // SignedDrmDeviceCertificate. For X.509 certificates, this contains the PEM
+  // encoded X.509 certificate. Required.
+  optional bytes device_certificate = 3;
+  // Nonce value matching nonce in ProvisioningRequest. Required.
+  optional bytes nonce = 4;
+  // Key used to wrap device_rsa_key when DRM provisioning an OEM factory
+  // provisioned device. Encrypted with the device OEM public key using
+  // RSA-OAEP.
+  optional bytes wrapping_key = 5;
+}
+
+// Serialized ProvisioningRequest or ProvisioningResponse signed with
+// The message authentication key.
+message SignedProvisioningMessage {
+  enum ProtocolVersion {
+    VERSION_2 = 2;  // Keybox factory-provisioned devices.
+    VERSION_3 = 3;  // OEM certificate factory-provisioned devices.
+  }
+
+  // Serialized ProvisioningRequest or ProvisioningResponse. Required.
+  optional bytes message = 1;
+  // HMAC-SHA256 (Keybox) or RSASSA-PSS (OEM) signature of message. Required.
+  optional bytes signature = 2;
+  // Version number of provisioning protocol.
+  optional ProtocolVersion protocol_version = 3 [default = VERSION_2];
+}

protos/public/client_identification.proto

@@ -0,0 +1,101 @@
+////////////////////////////////////////////////////////////////////////////////
+// Copyright 2016 Google Inc.
+//
+// This software is licensed under the terms defined in the Widevine Master
+// License Agreement. For a copy of this agreement, please contact
+// widevine-licensing@google.com.
+////////////////////////////////////////////////////////////////////////////////
+
+//
+// Description:
+//   ClientIdentification messages used by provisioning and license protocols.
+
+syntax = "proto2";
+
+package widevine;
+option java_package = "com.google.video.widevine.protos";
+
+option java_outer_classname = "ClientIdentificationProtos";
+
+// ClientIdentification message used to authenticate the client device.
+message ClientIdentification {
+  enum TokenType {
+    KEYBOX = 0;
+    DRM_DEVICE_CERTIFICATE = 1;
+    REMOTE_ATTESTATION_CERTIFICATE = 2;
+    OEM_DEVICE_CERTIFICATE = 3;
+  }
+
+  message NameValue {
+    optional string name = 1;
+    optional string value = 2;
+  }
+
+  // Capabilities which not all clients may support. Used for the license
+  // exchange protocol only.
+  message ClientCapabilities {
+    enum HdcpVersion {
+      HDCP_NONE = 0;
+      HDCP_V1 = 1;
+      HDCP_V2 = 2;
+      HDCP_V2_1 = 3;
+      HDCP_V2_2 = 4;
+      HDCP_NO_DIGITAL_OUTPUT = 0xff;
+    }
+
+    enum CertificateKeyType {
+      RSA_2048 = 0;
+      RSA_3072 = 1;
+    }
+
+    optional bool client_token = 1 [default = false];
+    optional bool session_token = 2 [default = false];
+    optional bool video_resolution_constraints = 3 [default = false];
+    optional HdcpVersion max_hdcp_version = 4 [default = HDCP_NONE];
+    optional uint32 oem_crypto_api_version = 5;
+    // Client has hardware support for protecting the usage table, such as
+    // storing the generation number in secure memory.  For Details, see:
+    // https://docs.google.com/document/d/1Mm8oB51SYAgry62mEuh_2OEkabikBiS61kN7HsDnh9Y/edit#heading=h.xgjl2srtytjt
+    optional bool anti_rollback_usage_table = 6 [default = false];
+    // The client shall report |srm_version| if available.
+    optional uint32 srm_version = 7;
+    // A device may have SRM data, and report a version, but may not be capable
+    // of updating SRM data.
+    optional bool can_update_srm = 8 [default = false];
+    repeated CertificateKeyType supported_certificate_key_type = 9;
+  }
+
+  // Type of factory-provisioned device root of trust. Optional.
+  optional TokenType type = 1 [default = KEYBOX];
+  // Factory-provisioned device root of trust. Required.
+  optional bytes token = 2;
+  // Optional client information name/value pairs.
+  repeated NameValue client_info = 3;
+  // Client token generated by the content provider. Optional.
+  optional bytes provider_client_token = 4;
+  // Number of licenses received by the client to which the token above belongs.
+  // Only present if client_token is specified.
+  optional uint32 license_counter = 5;
+  // List of non-baseline client capabilities.
+  optional ClientCapabilities client_capabilities = 6;
+  // Serialized VmpData message. Optional.
+  optional bytes vmp_data = 7;
+}
+
+// EncryptedClientIdentification message used to hold ClientIdentification
+// messages encrypted for privacy purposes.
+message EncryptedClientIdentification {
+  // Provider ID for which the ClientIdentifcation is encrypted (owner of
+  // service certificate).
+  optional string provider_id = 1;
+  // Serial number for the service certificate for which ClientIdentification is
+  // encrypted.
+  optional bytes service_certificate_serial_number = 2;
+  // Serialized ClientIdentification message, encrypted with the privacy key using
+  // AES-128-CBC with PKCS#5 padding.
+  optional bytes encrypted_client_id = 3;
+  // Initialization vector needed to decrypt encrypted_client_id.
+  optional bytes encrypted_client_id_iv = 4;
+  // AES-128 privacy key, encrypted with the service public key using RSA-OAEP.
+  optional bytes encrypted_privacy_key = 5;
+}

protos/public/device_certificate.proto

@@ -0,0 +1,91 @@
+////////////////////////////////////////////////////////////////////////////////
+// Copyright 2016 Google Inc.
+//
+// This software is licensed under the terms defined in the Widevine Master
+// License Agreement. For a copy of this agreement, please contact
+// widevine-licensing@google.com.
+////////////////////////////////////////////////////////////////////////////////
+
+//
+// Description:
+//   Device certificate and certificate status list format definitions.
+
+syntax = "proto2";
+
+package widevine;
+
+option java_outer_classname = "DeviceCertificateProtos";
+option java_package = "com.google.video.widevine.protos";
+
+import "protos/public/provisioned_device_info.proto";
+
+// DRM certificate definition for user devices, intermediate, service, and root
+// certificates.
+message DrmDeviceCertificate {
+  enum CertificateType {
+    ROOT = 0;
+    DRM_INTERMEDIATE = 1;
+    DRM_USER_DEVICE = 2;
+    SERVICE = 3;
+    PROVISIONER = 4;
+  }
+
+  // Type of certificate. Required.
+  optional CertificateType type = 1;
+  // 128-bit globally unique serial number of certificate.
+  // Value is 0 for root certificate. Required.
+  optional bytes serial_number = 2;
+  // POSIX time, in seconds, when the certificate was created. Required.
+  optional uint32 creation_time_seconds = 3;
+  // Device public key. PKCS#1 ASN.1 DER-encoded. Required.
+  optional bytes public_key = 4;
+  // Widevine system ID for the device. Required for intermediate and
+  // user device certificates.
+  optional uint32 system_id = 5;
+  // Deprecated field, which used to indicate whether the device was a test
+  // (non-production) device. The test_device field in ProvisionedDeviceInfo
+  // below should be observed instead.
+  optional bool test_device_deprecated = 6 [deprecated = true];
+  // Service identifier (web origin) for the provider which owns the
+  // certificate. Required for service and provisioner certificates.
+  optional string provider_id = 7;
+}
+
+// Contains DRM and OEM certificate status and device information for a
+// specific system ID.
+message DeviceCertificateStatus {
+  enum Status {
+    VALID = 0;
+    REVOKED = 1;
+  };
+
+  // Serial number of the intermediate DrmDeviceCertificate to which this
+  // message refers. Required.
+  optional bytes drm_serial_number = 1;
+  // Status of the certificate. Optional.
+  optional Status status = 2 [default = VALID];
+  // Device model information about the device to which the intermediate
+  // certificate(s) correspond.
+  optional ProvisionedDeviceInfo device_info = 4;
+  // Serial number of the OEM X.509 intermediate certificate for this type
+  // of device. Present only if the device is OEM-provisioned.
+  optional bytes oem_serial_number = 5;
+}
+
+// List of DeviceCertificateStatus. Used to propagate certificate revocation
+// status and device information.
+message DeviceCertificateStatusList {
+  // POSIX time, in seconds, when the list was created. Required.
+  optional uint32 creation_time_seconds = 1;
+  // DeviceCertificateStatus for each system ID.
+  repeated DeviceCertificateStatus certificate_status = 2;
+}
+
+// Signed CertificateStatusList
+message SignedCertificateStatusList {
+  // Serialized DeviceCertificateStatusList. Required.
+  optional bytes certificate_status_list = 1;
+  // Signature of certificate_status_list. Signed with root certificate private
+  // key using RSASSA-PSS. Required.
+  optional bytes signature = 2;
+}

protos/public/provisioned_device_info.proto

@@ -0,0 +1,47 @@
+////////////////////////////////////////////////////////////////////////////////
+// Copyright 2016 Google Inc.
+//
+// This software is licensed under the terms defined in the Widevine Master
+// License Agreement. For a copy of this agreement, please contact
+// widevine-licensing@google.com.
+////////////////////////////////////////////////////////////////////////////////
+
+// Description:
+//   Provisioned device info format definitions.
+
+syntax = "proto2";
+
+package widevine;
+
+option java_package = "com.google.video.widevine.protos";
+option java_outer_classname = "ProvisionedDeviceInfoProto";
+
+// Contains device model information for a provisioned device.
+message ProvisionedDeviceInfo {
+  enum WvSecurityLevel {
+    // Defined in Widevine Security Integration Guide for DASH on Android:
+    // http://doc/1Zum-fcJeoIw6KG1kDP_KepIE5h9gAZg0PaMtemBvk9c/edit#heading=h.1t3h5sf
+    LEVEL_UNSPECIFIED = 0;
+    LEVEL_1 = 1;
+    LEVEL_2 = 2;
+    LEVEL_3 = 3;
+  }
+
+  // Widevine system ID for the device. Mandatory.
+  optional uint32 system_id = 1;
+  // Name of system-on-a-chip. Optional.
+  optional string soc = 2;
+  // Name of manufacturer. Optional.
+  optional string manufacturer = 3;
+  // Manufacturer's model name. Matches "brand" in device metadata. Optional.
+  optional string model = 4;
+  // Type of device (Phone, Tablet, TV, etc).
+  optional string device_type = 5;
+  // Device model year. Optional.
+  optional uint32 model_year = 6;
+  // Widevine-defined security level. Optional.
+  optional WvSecurityLevel security_level = 7 [default = LEVEL_UNSPECIFIED];
+  // True if the certificate corresponds to a test (non production) device.
+  // Optional.
+  optional bool test_device = 8 [default = false];
+}

protos/public/signed_device_certificate.proto

@@ -0,0 +1,27 @@
+////////////////////////////////////////////////////////////////////////////////
+// Copyright 2016 Google Inc.
+//
+// This software is licensed under the terms defined in the Widevine Master
+// License Agreement. For a copy of this agreement, please contact
+// widevine-licensing@google.com.
+////////////////////////////////////////////////////////////////////////////////
+
+// Signed device certificate definition.
+
+syntax = "proto2";
+
+package widevine;
+
+option java_outer_classname = "SignedDeviceCertificateProtos";
+option java_package = "com.google.video.widevine.protos";
+
+// DrmDeviceCertificate signed by a higher (CA) DRM certificate.
+message SignedDrmDeviceCertificate {
+  // Serialized certificate. Required.
+  optional bytes drm_certificate = 1;
+  // Signature of certificate. Signed with root or intermediate
+  // certificate specified below. Required.
+  optional bytes signature = 2;
+  // SignedDrmDeviceCertificate used to sign this certificate.
+  optional SignedDrmDeviceCertificate signer = 3;
+}