2014-02-14 23:21:05 +00:00
|
|
|
// Copyright 2014 Google Inc. All rights reserved.
|
|
|
|
//
|
|
|
|
// Use of this source code is governed by a BSD-style
|
|
|
|
// license that can be found in the LICENSE file or at
|
|
|
|
// https://developers.google.com/open-source/licenses/bsd
|
2013-12-17 00:52:13 +00:00
|
|
|
|
2014-10-01 22:10:21 +00:00
|
|
|
#include "packager/media/base/widevine_key_source.h"
|
2013-12-17 00:52:13 +00:00
|
|
|
|
2016-03-21 18:09:24 +00:00
|
|
|
#include <set>
|
|
|
|
|
2014-10-01 22:10:21 +00:00
|
|
|
#include "packager/base/base64.h"
|
|
|
|
#include "packager/base/bind.h"
|
|
|
|
#include "packager/base/json/json_reader.h"
|
|
|
|
#include "packager/base/json/json_writer.h"
|
2017-04-05 20:53:58 +00:00
|
|
|
#include "packager/base/strings/string_number_conversions.h"
|
2016-03-21 18:09:24 +00:00
|
|
|
#include "packager/media/base/fixed_key_source.h"
|
2014-10-07 21:33:08 +00:00
|
|
|
#include "packager/media/base/http_key_fetcher.h"
|
2017-04-04 19:43:41 +00:00
|
|
|
#include "packager/media/base/network_util.h"
|
2014-10-01 22:10:21 +00:00
|
|
|
#include "packager/media/base/producer_consumer_queue.h"
|
2016-02-19 18:24:33 +00:00
|
|
|
#include "packager/media/base/protection_system_specific_info.h"
|
2016-04-06 23:21:45 +00:00
|
|
|
#include "packager/media/base/rcheck.h"
|
2014-10-01 22:10:21 +00:00
|
|
|
#include "packager/media/base/request_signer.h"
|
2016-02-19 18:24:33 +00:00
|
|
|
#include "packager/media/base/widevine_pssh_data.pb.h"
|
2013-12-17 00:52:13 +00:00
|
|
|
|
2016-05-20 21:19:33 +00:00
|
|
|
namespace shaka {
|
2017-04-05 20:53:58 +00:00
|
|
|
namespace media {
|
2013-12-17 00:52:13 +00:00
|
|
|
namespace {
|
|
|
|
|
2014-06-30 15:40:02 +00:00
|
|
|
const bool kEnableKeyRotation = true;
|
|
|
|
|
2014-01-14 18:36:41 +00:00
|
|
|
const char kLicenseStatusOK[] = "OK";
|
|
|
|
// Server may return INTERNAL_ERROR intermittently, which is a transient error
|
|
|
|
// and the next client request may succeed without problem.
|
|
|
|
const char kLicenseStatusTransientError[] = "INTERNAL_ERROR";
|
|
|
|
|
|
|
|
// Number of times to retry requesting keys in case of a transient error from
|
|
|
|
// the server.
|
|
|
|
const int kNumTransientErrorRetries = 5;
|
|
|
|
const int kFirstRetryDelayMilliseconds = 1000;
|
|
|
|
|
2014-04-24 16:59:07 +00:00
|
|
|
// Default crypto period count, which is the number of keys to fetch on every
|
|
|
|
// key rotation enabled request.
|
|
|
|
const int kDefaultCryptoPeriodCount = 10;
|
|
|
|
const int kGetKeyTimeoutInSeconds = 5 * 60; // 5 minutes.
|
2014-10-07 21:33:08 +00:00
|
|
|
const int kKeyFetchTimeoutInSeconds = 60; // 1 minute.
|
2014-04-24 16:59:07 +00:00
|
|
|
|
2017-04-04 19:43:41 +00:00
|
|
|
std::vector<uint8_t> StringToBytes(const std::string& string) {
|
|
|
|
return std::vector<uint8_t>(string.begin(), string.end());
|
|
|
|
}
|
|
|
|
|
|
|
|
std::vector<uint8_t> WidevinePsshFromKeyId(
|
|
|
|
const std::vector<std::vector<uint8_t>>& key_ids) {
|
|
|
|
media::WidevinePsshData widevine_pssh_data;
|
|
|
|
for (const std::vector<uint8_t>& key_id : key_ids)
|
|
|
|
widevine_pssh_data.add_key_id(key_id.data(), key_id.size());
|
|
|
|
return StringToBytes(widevine_pssh_data.SerializeAsString());
|
|
|
|
}
|
|
|
|
|
2013-12-17 00:52:13 +00:00
|
|
|
bool Base64StringToBytes(const std::string& base64_string,
|
2014-09-30 21:52:21 +00:00
|
|
|
std::vector<uint8_t>* bytes) {
|
2013-12-17 00:52:13 +00:00
|
|
|
DCHECK(bytes);
|
|
|
|
std::string str;
|
|
|
|
if (!base::Base64Decode(base64_string, &str))
|
|
|
|
return false;
|
|
|
|
bytes->assign(str.begin(), str.end());
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2014-09-30 21:52:21 +00:00
|
|
|
void BytesToBase64String(const std::vector<uint8_t>& bytes,
|
2014-08-20 23:51:15 +00:00
|
|
|
std::string* base64_string) {
|
|
|
|
DCHECK(base64_string);
|
|
|
|
base::Base64Encode(base::StringPiece(reinterpret_cast<const char*>
|
|
|
|
(bytes.data()), bytes.size()),
|
|
|
|
base64_string);
|
|
|
|
}
|
2013-12-17 00:52:13 +00:00
|
|
|
|
2014-08-20 23:51:15 +00:00
|
|
|
bool GetKeyFromTrack(const base::DictionaryValue& track_dict,
|
2014-09-30 21:52:21 +00:00
|
|
|
std::vector<uint8_t>* key) {
|
2014-08-20 23:51:15 +00:00
|
|
|
DCHECK(key);
|
2013-12-17 00:52:13 +00:00
|
|
|
std::string key_base64_string;
|
|
|
|
RCHECK(track_dict.GetString("key", &key_base64_string));
|
2014-01-14 18:36:41 +00:00
|
|
|
VLOG(2) << "Key:" << key_base64_string;
|
2013-12-17 00:52:13 +00:00
|
|
|
RCHECK(Base64StringToBytes(key_base64_string, key));
|
2014-08-20 23:51:15 +00:00
|
|
|
return true;
|
|
|
|
}
|
2013-12-17 00:52:13 +00:00
|
|
|
|
2014-08-20 23:51:15 +00:00
|
|
|
bool GetKeyIdFromTrack(const base::DictionaryValue& track_dict,
|
2014-09-30 21:52:21 +00:00
|
|
|
std::vector<uint8_t>* key_id) {
|
2014-08-20 23:51:15 +00:00
|
|
|
DCHECK(key_id);
|
2013-12-17 00:52:13 +00:00
|
|
|
std::string key_id_base64_string;
|
|
|
|
RCHECK(track_dict.GetString("key_id", &key_id_base64_string));
|
2014-01-14 18:36:41 +00:00
|
|
|
VLOG(2) << "Keyid:" << key_id_base64_string;
|
2013-12-17 00:52:13 +00:00
|
|
|
RCHECK(Base64StringToBytes(key_id_base64_string, key_id));
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2014-08-20 23:51:15 +00:00
|
|
|
bool GetPsshDataFromTrack(const base::DictionaryValue& track_dict,
|
2014-09-30 21:52:21 +00:00
|
|
|
std::vector<uint8_t>* pssh_data) {
|
2014-04-15 22:18:26 +00:00
|
|
|
DCHECK(pssh_data);
|
2013-12-17 00:52:13 +00:00
|
|
|
|
|
|
|
const base::ListValue* pssh_list;
|
|
|
|
RCHECK(track_dict.GetList("pssh", &pssh_list));
|
|
|
|
// Invariant check. We don't want to crash in release mode if possible.
|
|
|
|
// The following code handles it gracefully if GetSize() does not return 1.
|
2014-03-21 17:26:49 +00:00
|
|
|
DCHECK_EQ(1u, pssh_list->GetSize());
|
2013-12-17 00:52:13 +00:00
|
|
|
|
|
|
|
const base::DictionaryValue* pssh_dict;
|
|
|
|
RCHECK(pssh_list->GetDictionary(0, &pssh_dict));
|
|
|
|
std::string drm_type;
|
|
|
|
RCHECK(pssh_dict->GetString("drm_type", &drm_type));
|
|
|
|
if (drm_type != "WIDEVINE") {
|
|
|
|
LOG(ERROR) << "Expecting drm_type 'WIDEVINE', get '" << drm_type << "'.";
|
|
|
|
return false;
|
|
|
|
}
|
2014-04-15 22:18:26 +00:00
|
|
|
std::string pssh_data_base64_string;
|
|
|
|
RCHECK(pssh_dict->GetString("data", &pssh_data_base64_string));
|
2013-12-17 00:52:13 +00:00
|
|
|
|
2014-04-15 22:18:26 +00:00
|
|
|
VLOG(2) << "Pssh Data:" << pssh_data_base64_string;
|
|
|
|
RCHECK(Base64StringToBytes(pssh_data_base64_string, pssh_data));
|
2013-12-17 00:52:13 +00:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2017-04-05 20:53:58 +00:00
|
|
|
bool IsProtectionSchemeValid(FourCC protection_scheme) {
|
|
|
|
return protection_scheme == FOURCC_cenc || protection_scheme == FOURCC_cbcs ||
|
|
|
|
protection_scheme == FOURCC_cbc1 || protection_scheme == FOURCC_cens;
|
|
|
|
}
|
2013-12-17 00:52:13 +00:00
|
|
|
|
2017-04-05 20:53:58 +00:00
|
|
|
} // namespace
|
2013-12-17 00:52:13 +00:00
|
|
|
|
2016-03-21 18:09:24 +00:00
|
|
|
WidevineKeySource::WidevineKeySource(const std::string& server_url,
|
|
|
|
bool add_common_pssh)
|
2014-10-10 22:36:40 +00:00
|
|
|
: key_production_thread_("KeyProductionThread",
|
|
|
|
base::Bind(&WidevineKeySource::FetchKeysTask,
|
|
|
|
base::Unretained(this))),
|
2014-10-07 21:33:08 +00:00
|
|
|
key_fetcher_(new HttpKeyFetcher(kKeyFetchTimeoutInSeconds)),
|
2014-02-20 22:38:28 +00:00
|
|
|
server_url_(server_url),
|
2014-04-24 16:59:07 +00:00
|
|
|
crypto_period_count_(kDefaultCryptoPeriodCount),
|
2017-04-05 20:53:58 +00:00
|
|
|
protection_scheme_(FOURCC_cenc),
|
2016-03-21 18:09:24 +00:00
|
|
|
add_common_pssh_(add_common_pssh),
|
2014-06-30 15:40:02 +00:00
|
|
|
key_production_started_(false),
|
2016-08-17 21:42:23 +00:00
|
|
|
start_key_production_(base::WaitableEvent::ResetPolicy::AUTOMATIC,
|
|
|
|
base::WaitableEvent::InitialState::NOT_SIGNALED),
|
2014-10-03 17:13:10 +00:00
|
|
|
first_crypto_period_index_(0) {
|
2014-10-15 21:56:12 +00:00
|
|
|
key_production_thread_.Start();
|
2013-12-17 00:52:13 +00:00
|
|
|
}
|
2014-04-24 16:59:07 +00:00
|
|
|
|
2014-08-20 23:51:15 +00:00
|
|
|
WidevineKeySource::~WidevineKeySource() {
|
2014-06-30 15:40:02 +00:00
|
|
|
if (key_pool_)
|
|
|
|
key_pool_->Stop();
|
|
|
|
if (key_production_thread_.HasBeenStarted()) {
|
|
|
|
// Signal the production thread to start key production if it is not
|
|
|
|
// signaled yet so the thread can be joined.
|
|
|
|
start_key_production_.Signal();
|
2014-05-08 23:34:45 +00:00
|
|
|
key_production_thread_.Join();
|
2014-06-30 15:40:02 +00:00
|
|
|
}
|
2014-05-08 23:34:45 +00:00
|
|
|
}
|
|
|
|
|
2014-09-30 21:52:21 +00:00
|
|
|
Status WidevineKeySource::FetchKeys(const std::vector<uint8_t>& content_id,
|
2014-08-20 23:51:15 +00:00
|
|
|
const std::string& policy) {
|
|
|
|
base::AutoLock scoped_lock(lock_);
|
|
|
|
request_dict_.Clear();
|
|
|
|
std::string content_id_base64_string;
|
|
|
|
BytesToBase64String(content_id, &content_id_base64_string);
|
|
|
|
request_dict_.SetString("content_id", content_id_base64_string);
|
|
|
|
request_dict_.SetString("policy", policy);
|
2017-04-05 20:53:58 +00:00
|
|
|
|
|
|
|
FourCC protection_scheme = protection_scheme_;
|
|
|
|
// Treat sample aes as a variant of cbcs.
|
|
|
|
if (protection_scheme == kAppleSampleAesProtectionScheme)
|
|
|
|
protection_scheme = FOURCC_cbcs;
|
|
|
|
if (IsProtectionSchemeValid(protection_scheme)) {
|
|
|
|
request_dict_.SetInteger("protection_scheme", protection_scheme);
|
|
|
|
} else {
|
|
|
|
LOG(WARNING) << "Ignore unrecognized protection scheme "
|
|
|
|
<< FourCCToString(protection_scheme);
|
|
|
|
}
|
|
|
|
|
2014-10-15 21:56:12 +00:00
|
|
|
return FetchKeysInternal(!kEnableKeyRotation, 0, false);
|
2014-08-20 23:51:15 +00:00
|
|
|
}
|
|
|
|
|
2017-04-04 19:43:41 +00:00
|
|
|
Status WidevineKeySource::FetchKeys(EmeInitDataType init_data_type,
|
|
|
|
const std::vector<uint8_t>& init_data) {
|
|
|
|
std::vector<uint8_t> pssh_data;
|
|
|
|
uint32_t asset_id = 0;
|
|
|
|
switch (init_data_type) {
|
|
|
|
case EmeInitDataType::CENC: {
|
|
|
|
const std::vector<uint8_t> widevine_system_id(
|
|
|
|
kWidevineSystemId, kWidevineSystemId + arraysize(kWidevineSystemId));
|
|
|
|
std::vector<ProtectionSystemSpecificInfo> protection_systems_info;
|
|
|
|
if (!ProtectionSystemSpecificInfo::ParseBoxes(
|
|
|
|
init_data.data(), init_data.size(), &protection_systems_info)) {
|
|
|
|
return Status(error::PARSER_FAILURE, "Error parsing the PSSH boxes.");
|
|
|
|
}
|
|
|
|
for (const auto& info: protection_systems_info) {
|
|
|
|
// Use Widevine PSSH if available otherwise construct a Widevine PSSH
|
|
|
|
// from the first available key ids.
|
|
|
|
if (info.system_id() == widevine_system_id) {
|
|
|
|
pssh_data = info.pssh_data();
|
|
|
|
break;
|
|
|
|
} else if (pssh_data.empty() && !info.key_ids().empty()) {
|
|
|
|
pssh_data = WidevinePsshFromKeyId(info.key_ids());
|
|
|
|
// Continue to see if there is any Widevine PSSH. The KeyId generated
|
|
|
|
// PSSH is only used if a Widevine PSSH could not be found.
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (pssh_data.empty())
|
|
|
|
return Status(error::INVALID_ARGUMENT, "No supported PSSHs found.");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
case EmeInitDataType::WEBM:
|
|
|
|
pssh_data = WidevinePsshFromKeyId({init_data});
|
|
|
|
break;
|
|
|
|
case EmeInitDataType::WIDEVINE_CLASSIC:
|
|
|
|
if (init_data.size() < sizeof(asset_id))
|
|
|
|
return Status(error::INVALID_ARGUMENT, "Invalid asset id.");
|
|
|
|
asset_id = ntohlFromBuffer(init_data.data());
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
LOG(ERROR) << "Init data type " << static_cast<int>(init_data_type)
|
|
|
|
<< " not supported.";
|
|
|
|
return Status(error::INVALID_ARGUMENT, "Unsupported init data type.");
|
2016-02-19 18:24:33 +00:00
|
|
|
}
|
2017-04-04 19:43:41 +00:00
|
|
|
const bool widevine_classic =
|
|
|
|
init_data_type == EmeInitDataType::WIDEVINE_CLASSIC;
|
2014-08-20 23:51:15 +00:00
|
|
|
base::AutoLock scoped_lock(lock_);
|
|
|
|
request_dict_.Clear();
|
2017-04-04 19:43:41 +00:00
|
|
|
if (widevine_classic) {
|
|
|
|
// Javascript/JSON does not support int64_t or unsigned numbers. Use double
|
|
|
|
// instead as 32-bit integer can be lossless represented using double.
|
|
|
|
request_dict_.SetDouble("asset_id", asset_id);
|
|
|
|
} else {
|
|
|
|
std::string pssh_data_base64_string;
|
|
|
|
BytesToBase64String(pssh_data, &pssh_data_base64_string);
|
|
|
|
request_dict_.SetString("pssh_data", pssh_data_base64_string);
|
2016-02-19 18:24:33 +00:00
|
|
|
}
|
2017-04-04 19:43:41 +00:00
|
|
|
return FetchKeysInternal(!kEnableKeyRotation, 0, widevine_classic);
|
2014-04-15 22:18:26 +00:00
|
|
|
}
|
2013-12-17 00:52:13 +00:00
|
|
|
|
2017-06-13 21:54:12 +00:00
|
|
|
Status WidevineKeySource::GetKey(const std::string& stream_label,
|
|
|
|
EncryptionKey* key) {
|
2014-06-30 15:40:02 +00:00
|
|
|
DCHECK(key);
|
2017-06-13 21:54:12 +00:00
|
|
|
if (encryption_key_map_.find(stream_label) == encryption_key_map_.end()) {
|
2014-06-30 15:40:02 +00:00
|
|
|
return Status(error::INTERNAL_ERROR,
|
2017-06-13 21:54:12 +00:00
|
|
|
"Cannot find key for '" + stream_label + "'.");
|
2014-06-30 15:40:02 +00:00
|
|
|
}
|
2017-06-13 21:54:12 +00:00
|
|
|
*key = *encryption_key_map_[stream_label];
|
2014-06-30 15:40:02 +00:00
|
|
|
return Status::OK;
|
2014-04-24 16:59:07 +00:00
|
|
|
}
|
|
|
|
|
2014-09-30 21:52:21 +00:00
|
|
|
Status WidevineKeySource::GetKey(const std::vector<uint8_t>& key_id,
|
2014-08-20 23:51:15 +00:00
|
|
|
EncryptionKey* key) {
|
|
|
|
DCHECK(key);
|
2016-08-30 23:01:19 +00:00
|
|
|
for (const auto& pair : encryption_key_map_) {
|
|
|
|
if (pair.second->key_id == key_id) {
|
|
|
|
*key = *pair.second;
|
2014-08-20 23:51:15 +00:00
|
|
|
return Status::OK;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return Status(error::INTERNAL_ERROR,
|
|
|
|
"Cannot find key with specified key ID");
|
|
|
|
}
|
|
|
|
|
2014-09-30 21:52:21 +00:00
|
|
|
Status WidevineKeySource::GetCryptoPeriodKey(uint32_t crypto_period_index,
|
2017-06-13 21:54:12 +00:00
|
|
|
const std::string& stream_label,
|
2014-09-30 21:52:21 +00:00
|
|
|
EncryptionKey* key) {
|
2014-05-08 23:34:45 +00:00
|
|
|
DCHECK(key_production_thread_.HasBeenStarted());
|
2014-06-30 15:40:02 +00:00
|
|
|
// TODO(kqyang): This is not elegant. Consider refactoring later.
|
|
|
|
{
|
|
|
|
base::AutoLock scoped_lock(lock_);
|
|
|
|
if (!key_production_started_) {
|
|
|
|
// Another client may have a slightly smaller starting crypto period
|
|
|
|
// index. Set the initial value to account for that.
|
2014-10-15 21:56:12 +00:00
|
|
|
first_crypto_period_index_ =
|
|
|
|
crypto_period_index ? crypto_period_index - 1 : 0;
|
2014-06-30 15:40:02 +00:00
|
|
|
DCHECK(!key_pool_);
|
|
|
|
key_pool_.reset(new EncryptionKeyQueue(crypto_period_count_,
|
|
|
|
first_crypto_period_index_));
|
|
|
|
start_key_production_.Signal();
|
|
|
|
key_production_started_ = true;
|
|
|
|
}
|
|
|
|
}
|
2017-06-13 21:54:12 +00:00
|
|
|
return GetKeyInternal(crypto_period_index, stream_label, key);
|
2014-04-24 16:59:07 +00:00
|
|
|
}
|
|
|
|
|
2016-08-17 17:41:40 +00:00
|
|
|
void WidevineKeySource::set_signer(std::unique_ptr<RequestSigner> signer) {
|
|
|
|
signer_ = std::move(signer);
|
2014-10-15 00:47:25 +00:00
|
|
|
}
|
|
|
|
|
2016-08-17 17:41:40 +00:00
|
|
|
void WidevineKeySource::set_key_fetcher(
|
|
|
|
std::unique_ptr<KeyFetcher> key_fetcher) {
|
|
|
|
key_fetcher_ = std::move(key_fetcher);
|
2014-04-24 16:59:07 +00:00
|
|
|
}
|
|
|
|
|
2017-07-18 21:30:02 +00:00
|
|
|
void WidevineKeySource::set_group_id(const std::vector<uint8_t>& group_id) {
|
|
|
|
group_id_ = group_id;
|
|
|
|
}
|
|
|
|
|
2014-09-30 21:52:21 +00:00
|
|
|
Status WidevineKeySource::GetKeyInternal(uint32_t crypto_period_index,
|
2017-06-13 21:54:12 +00:00
|
|
|
const std::string& stream_label,
|
2014-09-30 21:52:21 +00:00
|
|
|
EncryptionKey* key) {
|
2014-06-30 15:40:02 +00:00
|
|
|
DCHECK(key_pool_);
|
|
|
|
DCHECK(key);
|
2014-04-24 16:59:07 +00:00
|
|
|
|
2017-01-24 00:55:02 +00:00
|
|
|
std::shared_ptr<EncryptionKeyMap> encryption_key_map;
|
|
|
|
Status status = key_pool_->Peek(crypto_period_index, &encryption_key_map,
|
|
|
|
kGetKeyTimeoutInSeconds * 1000);
|
2014-04-24 16:59:07 +00:00
|
|
|
if (!status.ok()) {
|
|
|
|
if (status.error_code() == error::STOPPED) {
|
|
|
|
CHECK(!common_encryption_request_status_.ok());
|
|
|
|
return common_encryption_request_status_;
|
2014-04-15 22:18:26 +00:00
|
|
|
}
|
|
|
|
return status;
|
2014-04-24 16:59:07 +00:00
|
|
|
}
|
|
|
|
|
2017-06-13 21:54:12 +00:00
|
|
|
if (encryption_key_map->find(stream_label) == encryption_key_map->end()) {
|
2014-04-15 22:18:26 +00:00
|
|
|
return Status(error::INTERNAL_ERROR,
|
2017-06-13 21:54:12 +00:00
|
|
|
"Cannot find key for '" + stream_label + "'.");
|
2014-04-15 22:18:26 +00:00
|
|
|
}
|
2017-06-13 21:54:12 +00:00
|
|
|
*key = *encryption_key_map->at(stream_label);
|
2014-04-15 22:18:26 +00:00
|
|
|
return Status::OK;
|
|
|
|
}
|
|
|
|
|
2014-08-20 23:51:15 +00:00
|
|
|
void WidevineKeySource::FetchKeysTask() {
|
2014-06-30 15:40:02 +00:00
|
|
|
// Wait until key production is signaled.
|
|
|
|
start_key_production_.Wait();
|
|
|
|
if (!key_pool_ || key_pool_->Stopped())
|
|
|
|
return;
|
|
|
|
|
2014-08-20 23:51:15 +00:00
|
|
|
Status status = FetchKeysInternal(kEnableKeyRotation,
|
|
|
|
first_crypto_period_index_,
|
|
|
|
false);
|
2014-06-30 15:40:02 +00:00
|
|
|
while (status.ok()) {
|
|
|
|
first_crypto_period_index_ += crypto_period_count_;
|
2014-08-20 23:51:15 +00:00
|
|
|
status = FetchKeysInternal(kEnableKeyRotation,
|
|
|
|
first_crypto_period_index_,
|
|
|
|
false);
|
2014-04-24 16:59:07 +00:00
|
|
|
}
|
|
|
|
common_encryption_request_status_ = status;
|
2014-06-30 15:40:02 +00:00
|
|
|
key_pool_->Stop();
|
2014-04-15 22:18:26 +00:00
|
|
|
}
|
|
|
|
|
2014-08-20 23:51:15 +00:00
|
|
|
Status WidevineKeySource::FetchKeysInternal(bool enable_key_rotation,
|
2014-09-30 21:52:21 +00:00
|
|
|
uint32_t first_crypto_period_index,
|
2014-08-20 23:51:15 +00:00
|
|
|
bool widevine_classic) {
|
2013-12-17 00:52:13 +00:00
|
|
|
std::string request;
|
2014-08-20 23:51:15 +00:00
|
|
|
FillRequest(enable_key_rotation,
|
|
|
|
first_crypto_period_index,
|
2014-06-30 15:40:02 +00:00
|
|
|
&request);
|
2013-12-17 00:52:13 +00:00
|
|
|
|
|
|
|
std::string message;
|
2014-10-10 22:36:40 +00:00
|
|
|
Status status = GenerateKeyMessage(request, &message);
|
2013-12-17 00:52:13 +00:00
|
|
|
if (!status.ok())
|
|
|
|
return status;
|
2014-01-14 18:36:41 +00:00
|
|
|
VLOG(1) << "Message: " << message;
|
2013-12-17 00:52:13 +00:00
|
|
|
|
|
|
|
std::string raw_response;
|
2014-09-30 21:52:21 +00:00
|
|
|
int64_t sleep_duration = kFirstRetryDelayMilliseconds;
|
2014-01-14 18:36:41 +00:00
|
|
|
|
|
|
|
// Perform client side retries if seeing server transient error to workaround
|
|
|
|
// server limitation.
|
|
|
|
for (int i = 0; i < kNumTransientErrorRetries; ++i) {
|
2014-10-07 21:33:08 +00:00
|
|
|
status = key_fetcher_->FetchKeys(server_url_, message, &raw_response);
|
2014-06-18 19:23:34 +00:00
|
|
|
if (status.ok()) {
|
|
|
|
VLOG(1) << "Retry [" << i << "] Response:" << raw_response;
|
|
|
|
|
|
|
|
std::string response;
|
|
|
|
if (!DecodeResponse(raw_response, &response)) {
|
|
|
|
return Status(error::SERVER_ERROR,
|
|
|
|
"Failed to decode response '" + raw_response + "'.");
|
|
|
|
}
|
|
|
|
|
|
|
|
bool transient_error = false;
|
2014-08-20 23:51:15 +00:00
|
|
|
if (ExtractEncryptionKey(enable_key_rotation,
|
|
|
|
widevine_classic,
|
|
|
|
response,
|
|
|
|
&transient_error))
|
2014-06-18 19:23:34 +00:00
|
|
|
return Status::OK;
|
|
|
|
|
|
|
|
if (!transient_error) {
|
|
|
|
return Status(
|
|
|
|
error::SERVER_ERROR,
|
|
|
|
"Failed to extract encryption key from '" + response + "'.");
|
|
|
|
}
|
|
|
|
} else if (status.error_code() != error::TIME_OUT) {
|
2014-01-14 18:36:41 +00:00
|
|
|
return status;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Exponential backoff.
|
|
|
|
if (i != kNumTransientErrorRetries - 1) {
|
|
|
|
base::PlatformThread::Sleep(
|
|
|
|
base::TimeDelta::FromMilliseconds(sleep_duration));
|
|
|
|
sleep_duration *= 2;
|
|
|
|
}
|
2013-12-17 00:52:13 +00:00
|
|
|
}
|
2014-01-14 18:36:41 +00:00
|
|
|
return Status(error::SERVER_ERROR,
|
|
|
|
"Failed to recover from server internal error.");
|
2013-12-17 00:52:13 +00:00
|
|
|
}
|
|
|
|
|
2014-08-20 23:51:15 +00:00
|
|
|
void WidevineKeySource::FillRequest(bool enable_key_rotation,
|
2014-09-30 21:52:21 +00:00
|
|
|
uint32_t first_crypto_period_index,
|
2014-08-20 23:51:15 +00:00
|
|
|
std::string* request) {
|
2013-12-17 00:52:13 +00:00
|
|
|
DCHECK(request);
|
2014-08-20 23:51:15 +00:00
|
|
|
DCHECK(!request_dict_.empty());
|
2013-12-17 00:52:13 +00:00
|
|
|
|
|
|
|
// Build tracks.
|
|
|
|
base::ListValue* tracks = new base::ListValue();
|
|
|
|
|
|
|
|
base::DictionaryValue* track_sd = new base::DictionaryValue();
|
|
|
|
track_sd->SetString("type", "SD");
|
|
|
|
tracks->Append(track_sd);
|
|
|
|
base::DictionaryValue* track_hd = new base::DictionaryValue();
|
|
|
|
track_hd->SetString("type", "HD");
|
|
|
|
tracks->Append(track_hd);
|
2016-11-11 23:17:17 +00:00
|
|
|
base::DictionaryValue* track_uhd1 = new base::DictionaryValue();
|
|
|
|
track_uhd1->SetString("type", "UHD1");
|
|
|
|
tracks->Append(track_uhd1);
|
|
|
|
base::DictionaryValue* track_uhd2 = new base::DictionaryValue();
|
|
|
|
track_uhd2->SetString("type", "UHD2");
|
|
|
|
tracks->Append(track_uhd2);
|
2013-12-17 00:52:13 +00:00
|
|
|
base::DictionaryValue* track_audio = new base::DictionaryValue();
|
|
|
|
track_audio->SetString("type", "AUDIO");
|
|
|
|
tracks->Append(track_audio);
|
|
|
|
|
2014-08-20 23:51:15 +00:00
|
|
|
request_dict_.Set("tracks", tracks);
|
2013-12-17 00:52:13 +00:00
|
|
|
|
|
|
|
// Build DRM types.
|
|
|
|
base::ListValue* drm_types = new base::ListValue();
|
|
|
|
drm_types->AppendString("WIDEVINE");
|
2014-08-20 23:51:15 +00:00
|
|
|
request_dict_.Set("drm_types", drm_types);
|
2013-12-17 00:52:13 +00:00
|
|
|
|
2014-04-24 16:59:07 +00:00
|
|
|
// Build key rotation fields.
|
2014-06-30 15:40:02 +00:00
|
|
|
if (enable_key_rotation) {
|
2016-01-05 23:17:32 +00:00
|
|
|
// Javascript/JSON does not support int64_t or unsigned numbers. Use double
|
|
|
|
// instead as 32-bit integer can be lossless represented using double.
|
|
|
|
request_dict_.SetDouble("first_crypto_period_index",
|
2014-04-24 16:59:07 +00:00
|
|
|
first_crypto_period_index);
|
2014-08-20 23:51:15 +00:00
|
|
|
request_dict_.SetInteger("crypto_period_count", crypto_period_count_);
|
2014-04-24 16:59:07 +00:00
|
|
|
}
|
|
|
|
|
2017-07-18 21:30:02 +00:00
|
|
|
// Set group id if present.
|
|
|
|
if (!group_id_.empty()) {
|
|
|
|
std::string group_id_base64;
|
|
|
|
BytesToBase64String(group_id_, &group_id_base64);
|
|
|
|
request_dict_.SetString("group_id", group_id_base64);
|
|
|
|
}
|
|
|
|
|
2016-01-05 23:17:32 +00:00
|
|
|
base::JSONWriter::WriteWithOptions(
|
|
|
|
request_dict_,
|
|
|
|
// Write doubles that have no fractional part as a normal integer, i.e.
|
|
|
|
// without using exponential notation or appending a '.0'.
|
|
|
|
base::JSONWriter::OPTIONS_OMIT_DOUBLE_TYPE_PRESERVATION, request);
|
2013-12-17 00:52:13 +00:00
|
|
|
}
|
|
|
|
|
2014-10-10 22:36:40 +00:00
|
|
|
Status WidevineKeySource::GenerateKeyMessage(const std::string& request,
|
|
|
|
std::string* message) {
|
|
|
|
DCHECK(message);
|
2013-12-17 00:52:13 +00:00
|
|
|
|
|
|
|
std::string request_base64_string;
|
2014-02-26 23:55:01 +00:00
|
|
|
base::Base64Encode(request, &request_base64_string);
|
2013-12-17 00:52:13 +00:00
|
|
|
|
2014-10-10 22:36:40 +00:00
|
|
|
base::DictionaryValue request_dict;
|
|
|
|
request_dict.SetString("request", request_base64_string);
|
|
|
|
|
|
|
|
// Sign the request.
|
|
|
|
if (signer_) {
|
|
|
|
std::string signature;
|
|
|
|
if (!signer_->GenerateSignature(request, &signature))
|
|
|
|
return Status(error::INTERNAL_ERROR, "Signature generation failed.");
|
|
|
|
|
|
|
|
std::string signature_base64_string;
|
|
|
|
base::Base64Encode(signature, &signature_base64_string);
|
2013-12-17 00:52:13 +00:00
|
|
|
|
2014-10-10 22:36:40 +00:00
|
|
|
request_dict.SetString("signature", signature_base64_string);
|
|
|
|
request_dict.SetString("signer", signer_->signer_name());
|
|
|
|
}
|
2013-12-17 00:52:13 +00:00
|
|
|
|
2015-07-22 23:40:45 +00:00
|
|
|
base::JSONWriter::Write(request_dict, message);
|
2013-12-17 00:52:13 +00:00
|
|
|
return Status::OK;
|
|
|
|
}
|
|
|
|
|
2014-08-20 23:51:15 +00:00
|
|
|
bool WidevineKeySource::DecodeResponse(
|
2014-04-16 01:09:32 +00:00
|
|
|
const std::string& raw_response,
|
|
|
|
std::string* response) {
|
2013-12-17 00:52:13 +00:00
|
|
|
DCHECK(response);
|
|
|
|
|
|
|
|
// Extract base64 formatted response from JSON formatted raw response.
|
2016-09-06 22:13:42 +00:00
|
|
|
std::unique_ptr<base::Value> root(base::JSONReader::Read(raw_response));
|
2013-12-17 00:52:13 +00:00
|
|
|
if (!root) {
|
|
|
|
LOG(ERROR) << "'" << raw_response << "' is not in JSON format.";
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
const base::DictionaryValue* response_dict = NULL;
|
|
|
|
RCHECK(root->GetAsDictionary(&response_dict));
|
|
|
|
|
|
|
|
std::string response_base64_string;
|
|
|
|
RCHECK(response_dict->GetString("response", &response_base64_string));
|
|
|
|
RCHECK(base::Base64Decode(response_base64_string, response));
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2014-08-20 23:51:15 +00:00
|
|
|
bool WidevineKeySource::ExtractEncryptionKey(
|
2014-06-30 15:40:02 +00:00
|
|
|
bool enable_key_rotation,
|
2014-08-20 23:51:15 +00:00
|
|
|
bool widevine_classic,
|
2014-04-16 01:09:32 +00:00
|
|
|
const std::string& response,
|
|
|
|
bool* transient_error) {
|
2014-01-14 18:36:41 +00:00
|
|
|
DCHECK(transient_error);
|
|
|
|
*transient_error = false;
|
|
|
|
|
2016-09-06 22:13:42 +00:00
|
|
|
std::unique_ptr<base::Value> root(base::JSONReader::Read(response));
|
2013-12-17 00:52:13 +00:00
|
|
|
if (!root) {
|
|
|
|
LOG(ERROR) << "'" << response << "' is not in JSON format.";
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
const base::DictionaryValue* license_dict = NULL;
|
|
|
|
RCHECK(root->GetAsDictionary(&license_dict));
|
|
|
|
|
|
|
|
std::string license_status;
|
|
|
|
RCHECK(license_dict->GetString("status", &license_status));
|
2014-01-14 18:36:41 +00:00
|
|
|
if (license_status != kLicenseStatusOK) {
|
2013-12-17 00:52:13 +00:00
|
|
|
LOG(ERROR) << "Received non-OK license response: " << response;
|
2014-01-14 18:36:41 +00:00
|
|
|
*transient_error = (license_status == kLicenseStatusTransientError);
|
2013-12-17 00:52:13 +00:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
const base::ListValue* tracks;
|
|
|
|
RCHECK(license_dict->GetList("tracks", &tracks));
|
2014-11-06 23:13:35 +00:00
|
|
|
// Should have at least one track per crypto_period.
|
|
|
|
RCHECK(enable_key_rotation ? tracks->GetSize() >= 1 * crypto_period_count_
|
|
|
|
: tracks->GetSize() >= 1);
|
2014-04-24 16:59:07 +00:00
|
|
|
|
|
|
|
int current_crypto_period_index = first_crypto_period_index_;
|
2013-12-17 00:52:13 +00:00
|
|
|
|
2014-04-24 16:59:07 +00:00
|
|
|
EncryptionKeyMap encryption_key_map;
|
2014-04-15 22:18:26 +00:00
|
|
|
for (size_t i = 0; i < tracks->GetSize(); ++i) {
|
2013-12-17 00:52:13 +00:00
|
|
|
const base::DictionaryValue* track_dict;
|
2014-04-15 22:18:26 +00:00
|
|
|
RCHECK(tracks->GetDictionary(i, &track_dict));
|
|
|
|
|
2014-06-30 15:40:02 +00:00
|
|
|
if (enable_key_rotation) {
|
2014-04-24 16:59:07 +00:00
|
|
|
int crypto_period_index;
|
|
|
|
RCHECK(
|
|
|
|
track_dict->GetInteger("crypto_period_index", &crypto_period_index));
|
|
|
|
if (crypto_period_index != current_crypto_period_index) {
|
|
|
|
if (crypto_period_index != current_crypto_period_index + 1) {
|
|
|
|
LOG(ERROR) << "Expecting crypto period index "
|
|
|
|
<< current_crypto_period_index << " or "
|
|
|
|
<< current_crypto_period_index + 1 << "; Seen "
|
|
|
|
<< crypto_period_index << " at track " << i;
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
if (!PushToKeyPool(&encryption_key_map))
|
|
|
|
return false;
|
|
|
|
++current_crypto_period_index;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-06-13 21:54:12 +00:00
|
|
|
std::string stream_label;
|
|
|
|
RCHECK(track_dict->GetString("type", &stream_label));
|
|
|
|
RCHECK(encryption_key_map.find(stream_label) == encryption_key_map.end());
|
2014-04-15 22:18:26 +00:00
|
|
|
|
2016-08-17 17:41:40 +00:00
|
|
|
std::unique_ptr<EncryptionKey> encryption_key(new EncryptionKey());
|
2014-08-20 23:51:15 +00:00
|
|
|
|
|
|
|
if (!GetKeyFromTrack(*track_dict, &encryption_key->key))
|
2014-01-14 18:36:41 +00:00
|
|
|
return false;
|
2014-08-20 23:51:15 +00:00
|
|
|
|
|
|
|
// Get key ID and PSSH data for CENC content only.
|
|
|
|
if (!widevine_classic) {
|
|
|
|
if (!GetKeyIdFromTrack(*track_dict, &encryption_key->key_id))
|
|
|
|
return false;
|
|
|
|
|
2016-02-17 22:03:43 +00:00
|
|
|
ProtectionSystemSpecificInfo info;
|
|
|
|
info.add_key_id(encryption_key->key_id);
|
|
|
|
info.set_system_id(kWidevineSystemId, arraysize(kWidevineSystemId));
|
|
|
|
info.set_pssh_box_version(0);
|
|
|
|
|
2014-09-30 21:52:21 +00:00
|
|
|
std::vector<uint8_t> pssh_data;
|
2014-08-20 23:51:15 +00:00
|
|
|
if (!GetPsshDataFromTrack(*track_dict, &pssh_data))
|
|
|
|
return false;
|
2016-02-17 22:03:43 +00:00
|
|
|
info.set_pssh_data(pssh_data);
|
|
|
|
|
|
|
|
encryption_key->key_system_info.push_back(info);
|
2014-08-20 23:51:15 +00:00
|
|
|
}
|
2017-06-13 21:54:12 +00:00
|
|
|
encryption_key_map[stream_label] = std::move(encryption_key);
|
2014-04-24 16:59:07 +00:00
|
|
|
}
|
|
|
|
|
2016-03-21 18:09:24 +00:00
|
|
|
// If the flag exists, create a common system ID PSSH box that contains the
|
|
|
|
// key IDs of all the keys.
|
|
|
|
if (add_common_pssh_ && !widevine_classic) {
|
|
|
|
std::set<std::vector<uint8_t>> key_ids;
|
|
|
|
for (const EncryptionKeyMap::value_type& pair : encryption_key_map) {
|
|
|
|
key_ids.insert(pair.second->key_id);
|
|
|
|
}
|
|
|
|
|
|
|
|
// Create a common system PSSH box.
|
|
|
|
ProtectionSystemSpecificInfo info;
|
|
|
|
info.set_system_id(kCommonSystemId, arraysize(kCommonSystemId));
|
|
|
|
info.set_pssh_box_version(1);
|
|
|
|
for (const std::vector<uint8_t>& key_id : key_ids) {
|
|
|
|
info.add_key_id(key_id);
|
|
|
|
}
|
|
|
|
|
|
|
|
for (const EncryptionKeyMap::value_type& pair : encryption_key_map) {
|
|
|
|
pair.second->key_system_info.push_back(info);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-04-24 16:59:07 +00:00
|
|
|
DCHECK(!encryption_key_map.empty());
|
2014-06-30 15:40:02 +00:00
|
|
|
if (!enable_key_rotation) {
|
2017-04-04 19:43:41 +00:00
|
|
|
// Merge with previously requested keys.
|
|
|
|
for (auto& pair : encryption_key_map)
|
|
|
|
encryption_key_map_[pair.first] = std::move(pair.second);
|
2014-06-30 15:40:02 +00:00
|
|
|
return true;
|
|
|
|
}
|
2014-04-24 16:59:07 +00:00
|
|
|
return PushToKeyPool(&encryption_key_map);
|
|
|
|
}
|
|
|
|
|
2014-08-20 23:51:15 +00:00
|
|
|
bool WidevineKeySource::PushToKeyPool(
|
2014-04-24 16:59:07 +00:00
|
|
|
EncryptionKeyMap* encryption_key_map) {
|
2014-06-30 15:40:02 +00:00
|
|
|
DCHECK(key_pool_);
|
2014-04-24 16:59:07 +00:00
|
|
|
DCHECK(encryption_key_map);
|
2017-01-24 00:55:02 +00:00
|
|
|
auto encryption_key_map_shared = std::make_shared<EncryptionKeyMap>();
|
|
|
|
encryption_key_map_shared->swap(*encryption_key_map);
|
|
|
|
Status status = key_pool_->Push(encryption_key_map_shared, kInfiniteTimeout);
|
2014-04-24 16:59:07 +00:00
|
|
|
if (!status.ok()) {
|
|
|
|
DCHECK_EQ(error::STOPPED, status.error_code());
|
|
|
|
return false;
|
2013-12-17 00:52:13 +00:00
|
|
|
}
|
2014-04-15 22:18:26 +00:00
|
|
|
return true;
|
2013-12-17 00:52:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
} // namespace media
|
2016-05-20 21:19:33 +00:00
|
|
|
} // namespace shaka
|