media/cdm/json_web_key.h

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef MEDIA_CDM_JSON_WEB_KEY_H_
   6 #define MEDIA_CDM_JSON_WEB_KEY_H_
   7
   8 #include <string>
   9 #include <utility>
  10 #include <vector>
  11
  12 #include "base/basictypes.h"
  13 #include "media/base/media_export.h"
  14 #include "media/base/media_keys.h"
  15
  16 namespace media {
  17
  18 // The ClearKey license request format (ref:
  19 // https://dvcs.w3.org/hg/html-media/raw-file/default/encrypted-media/encrypted-media.html#clear-key)
  20 // is a JSON object containing the following members:
  21 //   "kids" : An array of key IDs. Each element of the array is the base64url
  22 //            encoding of the octet sequence containing the key ID value.
  23 //   "type" : The requested SessionType.
  24 // An example:
  25 //   { "kids":["67ef0gd8pvfd0","77ef0gd8pvfd0"], "type":"temporary" }
  26
  27 // The ClearKey license format is a JSON Web Key (JWK) Set containing
  28 // representation of the symmetric key to be used for decryption.
  29 // For each JWK in the set, the parameter values are as follows:
  30 //   "kty" (key type)  : "oct" (octet sequence)
  31 //   "alg" (algorithm) : "A128KW" (AES key wrap using a 128-bit key)
  32 //   "k" (key value)   : The base64url encoding of the octet sequence
  33 //                       containing the symmetric key value.
  34 //   "kid" (key ID)    : The base64url encoding of the octet sequence
  35 //                       containing the key ID value.
  36 // The JSON object may have an optional "type" member value, which may be
  37 // any of the SessionType values. If not specified, the default value of
  38 // "temporary" is used.
  39 // A JSON Web Key Set looks like the following in JSON:
  40 //   { "keys": [ JWK1, JWK2, ... ], "type":"temporary" }
  41 // A symmetric keys JWK looks like the following in JSON:
  42 //   { "kty":"oct",
  43 //     "alg":"A128KW",
  44 //     "kid":"AQIDBAUGBwgJCgsMDQ4PEA",
  45 //     "k":"FBUWFxgZGhscHR4fICEiIw" }
  46
  47 // There may be other properties specified, but they are ignored.
  48 // Ref: http://tools.ietf.org/html/draft-ietf-jose-json-web-key and:
  49 // http://tools.ietf.org/html/draft-jones-jose-json-private-and-symmetric-key
  50
  51 // Vector of key IDs.
  52 typedef std::vector<std::vector<uint8>> KeyIdList;
  53
  54 // Vector of [key_id, key_value] pairs. Values are raw binary data, stored in
  55 // strings for convenience.
  56 typedef std::pair<std::string, std::string> KeyIdAndKeyPair;
  57 typedef std::vector<KeyIdAndKeyPair> KeyIdAndKeyPairs;
  58
  59 // Converts a single |key|, |key_id| pair to a JSON Web Key Set.
  60 MEDIA_EXPORT std::string GenerateJWKSet(const uint8* key, int key_length,
  61                                         const uint8* key_id, int key_id_length);
  62
  63 // Extracts the JSON Web Keys from a JSON Web Key Set. If |input| looks like
  64 // a valid JWK Set, then true is returned and |keys| and |session_type| are
  65 // updated to contain the values found. Otherwise return false.
  66 MEDIA_EXPORT bool ExtractKeysFromJWKSet(const std::string& jwk_set,
  67                                         KeyIdAndKeyPairs* keys,
  68                                         MediaKeys::SessionType* session_type);
  69
  70 // Extracts the Key Ids from a Key IDs Initialization Data
  71 // (https://w3c.github.io/encrypted-media/keyids-format.html). If |input| looks
  72 // valid, then true is returned and |key_ids| is updated to contain the values
  73 // found. Otherwise return false and |error_message| contains the reason.
  74 MEDIA_EXPORT bool ExtractKeyIdsFromKeyIdsInitData(const std::string& input,
  75                                                   KeyIdList* key_ids,
  76                                                   std::string* error_message);
  77
  78 // Creates a license request message for the |key_ids| and |session_type|
  79 // specified. |license| is updated to contain the resulting JSON string.
  80 MEDIA_EXPORT void CreateLicenseRequest(const KeyIdList& key_ids,
  81                                        MediaKeys::SessionType session_type,
  82                                        std::vector<uint8>* license);
  83
  84 // Extract the first key from the license request message. Returns true if
  85 // |license| is a valid license request and contains at least one key,
  86 // otherwise false and |first_key| is not touched.
  87 MEDIA_EXPORT bool ExtractFirstKeyIdFromLicenseRequest(
  88     const std::vector<uint8>& license,
  89     std::vector<uint8>* first_key);
  90
  91 }  // namespace media
  92
  93 #endif  // MEDIA_CDM_JSON_WEB_KEY_H_