92 lines
3.3 KiB
Protocol Buffer
92 lines
3.3 KiB
Protocol Buffer
////////////////////////////////////////////////////////////////////////////////
|
|
// Copyright 2016 Google Inc.
|
|
//
|
|
// This software is licensed under the terms defined in the Widevine Master
|
|
// License Agreement. For a copy of this agreement, please contact
|
|
// widevine-licensing@google.com.
|
|
////////////////////////////////////////////////////////////////////////////////
|
|
|
|
//
|
|
// Description:
|
|
// Device certificate and certificate status list format definitions.
|
|
|
|
syntax = "proto2";
|
|
|
|
package widevine;
|
|
|
|
option java_outer_classname = "DeviceCertificateProtos";
|
|
option java_package = "com.google.video.widevine.protos";
|
|
|
|
import "protos/public/provisioned_device_info.proto";
|
|
|
|
// DRM certificate definition for user devices, intermediate, service, and root
|
|
// certificates.
|
|
message DrmDeviceCertificate {
|
|
enum CertificateType {
|
|
ROOT = 0;
|
|
DRM_INTERMEDIATE = 1;
|
|
DRM_USER_DEVICE = 2;
|
|
SERVICE = 3;
|
|
PROVISIONER = 4;
|
|
}
|
|
|
|
// Type of certificate. Required.
|
|
optional CertificateType type = 1;
|
|
// 128-bit globally unique serial number of certificate.
|
|
// Value is 0 for root certificate. Required.
|
|
optional bytes serial_number = 2;
|
|
// POSIX time, in seconds, when the certificate was created. Required.
|
|
optional uint32 creation_time_seconds = 3;
|
|
// Device public key. PKCS#1 ASN.1 DER-encoded. Required.
|
|
optional bytes public_key = 4;
|
|
// Widevine system ID for the device. Required for intermediate and
|
|
// user device certificates.
|
|
optional uint32 system_id = 5;
|
|
// Deprecated field, which used to indicate whether the device was a test
|
|
// (non-production) device. The test_device field in ProvisionedDeviceInfo
|
|
// below should be observed instead.
|
|
optional bool test_device_deprecated = 6 [deprecated = true];
|
|
// Service identifier (web origin) for the provider which owns the
|
|
// certificate. Required for service and provisioner certificates.
|
|
optional string provider_id = 7;
|
|
}
|
|
|
|
// Contains DRM and OEM certificate status and device information for a
|
|
// specific system ID.
|
|
message DeviceCertificateStatus {
|
|
enum Status {
|
|
VALID = 0;
|
|
REVOKED = 1;
|
|
};
|
|
|
|
// Serial number of the intermediate DrmDeviceCertificate to which this
|
|
// message refers. Required.
|
|
optional bytes drm_serial_number = 1;
|
|
// Status of the certificate. Optional.
|
|
optional Status status = 2 [default = VALID];
|
|
// Device model information about the device to which the intermediate
|
|
// certificate(s) correspond.
|
|
optional ProvisionedDeviceInfo device_info = 4;
|
|
// Serial number of the OEM X.509 intermediate certificate for this type
|
|
// of device. Present only if the device is OEM-provisioned.
|
|
optional bytes oem_serial_number = 5;
|
|
}
|
|
|
|
// List of DeviceCertificateStatus. Used to propagate certificate revocation
|
|
// status and device information.
|
|
message DeviceCertificateStatusList {
|
|
// POSIX time, in seconds, when the list was created. Required.
|
|
optional uint32 creation_time_seconds = 1;
|
|
// DeviceCertificateStatus for each system ID.
|
|
repeated DeviceCertificateStatus certificate_status = 2;
|
|
}
|
|
|
|
// Signed CertificateStatusList
|
|
message SignedCertificateStatusList {
|
|
// Serialized DeviceCertificateStatusList. Required.
|
|
optional bytes certificate_status_list = 1;
|
|
// Signature of certificate_status_list. Signed with root certificate private
|
|
// key using RSASSA-PSS. Required.
|
|
optional bytes signature = 2;
|
|
}
|