DASH Media Packaging SDK
 All Classes Namespaces Functions Variables Typedefs Enumerator
widevine_encryption_flags.cc
1 // Copyright 2014 Google Inc. All rights reserved.
2 //
3 // Use of this source code is governed by a BSD-style
4 // license that can be found in the LICENSE file or at
5 // https://developers.google.com/open-source/licenses/bsd
6 //
7 // Defines command line flags for widevine_encryption.
8 
9 #include "packager/app/widevine_encryption_flags.h"
10 
11 #include "packager/app/validate_flag.h"
12 #include "packager/base/logging.h"
13 #include "packager/base/strings/string_piece.h"
14 #include "packager/base/strings/string_util.h"
15 
16 DEFINE_bool(enable_widevine_encryption,
17  false,
18  "Enable encryption with Widevine license server/proxy. User should "
19  "provide either AES signing key (--aes_signing_key, "
20  "--aes_signing_iv) or RSA signing key (--rsa_signing_key_path).");
21 DEFINE_bool(enable_widevine_decryption,
22  false,
23  "Enable decryption with Widevine license server/proxy. User should "
24  "provide either AES signing key (--aes_signing_key, "
25  "--aes_signing_iv) or RSA signing key (--rsa_signing_key_path).");
26 DEFINE_bool(include_common_pssh,
27  false,
28  "When using Widevine encryption, include an additional v1 PSSH box "
29  "for the common system ID that includes the key IDs. See: "
30  "https://goo.gl/507mKp");
31 DEFINE_string(key_server_url, "", "Key server url. Required for encryption and "
32  "decryption");
33 DEFINE_string(content_id, "", "Content Id (hex).");
34 DEFINE_string(policy,
35  "",
36  "The name of a stored policy, which specifies DRM content "
37  "rights.");
38 DEFINE_int32(max_sd_pixels,
39  768 * 576,
40  "If the video track has more pixels per frame than max_sd_pixels, "
41  "it is considered as HD, SD otherwise. Default: 768 * 576.");
42 DEFINE_string(signer, "", "The name of the signer.");
43 DEFINE_string(aes_signing_key,
44  "",
45  "AES signing key in hex string. --aes_signing_iv is required. "
46  "Exclusive with --rsa_signing_key_path.");
47 DEFINE_string(aes_signing_iv,
48  "",
49  "AES signing iv in hex string.");
50 DEFINE_string(rsa_signing_key_path,
51  "",
52  "Stores PKCS#1 RSA private key for request signing. Exclusive "
53  "with --aes_signing_key.");
54 DEFINE_int32(crypto_period_duration,
55  0,
56  "Crypto period duration in seconds. If it is non-zero, key "
57  "rotation is enabled.");
58 DEFINE_string(protection_scheme,
59  "cenc",
60  "Choose protection scheme. Currently support cenc and cbc1. "
61  "Default is cenc.");
62 
63 namespace edash_packager {
64 
66  bool success = true;
67 
68  const bool widevine_crypto =
69  FLAGS_enable_widevine_encryption || FLAGS_enable_widevine_decryption;
70  const char widevine_crypto_label[] =
71  "--enable_widevine_encryption/decryption";
72  // key_server_url and signer (optional) are associated with
73  // enable_widevine_encryption and enable_widevine_descryption.
74  if (!ValidateFlag("key_server_url",
75  FLAGS_key_server_url,
76  widevine_crypto,
77  false,
78  widevine_crypto_label)) {
79  success = false;
80  }
81  if (!ValidateFlag("signer",
82  FLAGS_signer,
83  widevine_crypto,
84  true,
85  widevine_crypto_label)) {
86  success = false;
87  }
88  if (widevine_crypto && FLAGS_signer.empty() &&
89  base::StartsWith(base::StringPiece(FLAGS_key_server_url), "http",
90  base::CompareCase::INSENSITIVE_ASCII)) {
91  LOG(WARNING) << "--signer is likely required with "
92  "--enable_widevine_encryption/decryption.";
93  }
94 
95  const char widevine_encryption_label[] = "--enable_widevine_encryption";
96  // content_id and policy (optional) are associated with
97  // enable_widevine_encryption.
98  if (!ValidateFlag("content_id",
99  FLAGS_content_id,
100  FLAGS_enable_widevine_encryption,
101  false,
102  widevine_encryption_label)) {
103  success = false;
104  }
105  if (!ValidateFlag("policy",
106  FLAGS_policy,
107  FLAGS_enable_widevine_encryption,
108  true,
109  widevine_encryption_label)) {
110  success = false;
111  }
112  if (FLAGS_include_common_pssh && !FLAGS_enable_widevine_encryption) {
113  PrintError("--include_common_pssh is only valid with "
114  "--enable_widevine_encryption");
115  success = false;
116  }
117 
118  if (FLAGS_max_sd_pixels <= 0) {
119  PrintError("--max_sd_pixels must be positive.");
120  success = false;
121  }
122 
123  const bool aes = !FLAGS_signer.empty() && FLAGS_rsa_signing_key_path.empty();
124  const char aes_label[] =
125  "--signer is specified and exclusive with --rsa_signing_key_path";
126  // aes_signer_key and aes_signing_iv are associated with aes signing.
127  if (!ValidateFlag(
128  "aes_signing_key", FLAGS_aes_signing_key, aes, true, aes_label)) {
129  success = false;
130  }
131  if (!ValidateFlag(
132  "aes_signing_iv", FLAGS_aes_signing_iv, aes, true, aes_label)) {
133  success = false;
134  }
135 
136  const bool rsa = !FLAGS_signer.empty() && FLAGS_aes_signing_key.empty() &&
137  FLAGS_aes_signing_iv.empty();
138  const char rsa_label[] =
139  "--signer is specified and exclusive with --aes_signing_key/iv";
140  // rsa_signing_key_path is associated with rsa_signing.
141  if (!ValidateFlag("rsa_signing_key_path",
142  FLAGS_rsa_signing_key_path,
143  rsa,
144  true,
145  rsa_label)) {
146  success = false;
147  }
148 
149  if (!FLAGS_signer.empty() &&
150  (FLAGS_aes_signing_key.empty() || FLAGS_aes_signing_iv.empty()) &&
151  FLAGS_rsa_signing_key_path.empty()) {
152  PrintError(
153  "--aes_signing_key/iv or --rsa_signing_key_path is required with "
154  "--signer.");
155  success = false;
156  }
157 
158  if (FLAGS_crypto_period_duration < 0) {
159  PrintError("--crypto_period_duration should not be negative.");
160  success = false;
161  }
162  return success;
163 }
164 
165 } // namespace edash_packager
bool ValidateFlag(const char *flag_name, const std::string &flag_value, bool condition, bool optional, const char *label)
void PrintError(const std::string &error_message)