Mirror-Tools
/
shaka-packager
mirror of https://github.com/shaka-project/shaka-packager.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
shaka-packager/html/tutorials/drm.html

312 lines
16 KiB
HTML
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" /><meta name="generator" content="Docutils 0.17.1: http://docutils.sourceforge.net/" />
<title>DRM &#8212; Shaka Packager documentation</title>
<link rel="stylesheet" type="text/css" href="../_static/pygments.css" />
<link rel="stylesheet" type="text/css" href="../_static/sphinxdoc_new.css" />
<link rel="stylesheet" type="text/css" href="../_static/graphviz.css" />
<link rel="stylesheet" type="text/css" href="../_static/table_styling.css" />
<script data-url_root="../" id="documentation_options" src="../_static/documentation_options.js"></script>
<script src="../_static/jquery.js"></script>
<script src="../_static/underscore.js"></script>
<script src="../_static/doctools.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="next" title="Using Widevine Key Server" href="widevine.html" />
<link rel="prev" title="Live" href="live.html" />
</head><body>
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="../genindex.html" title="General Index"
accesskey="I">index</a></li>
<li class="right" >
<a href="widevine.html" title="Using Widevine Key Server"
accesskey="N">next</a> |</li>
<li class="right" >
<a href="live.html" title="Live"
accesskey="P">previous</a> |</li>
<li class="nav-item nav-item-0"><a href="../index.html">Shaka Packager documentation</a> &#187;</li>
<li class="nav-item nav-item-1"><a href="tutorials.html" accesskey="U">Tutorials</a> &#187;</li>
<li class="nav-item nav-item-this"><a href="">DRM</a></li>
</ul>
</div>
<div class="document">
<div class="documentwrapper">
<div class="bodywrapper">
<div class="body" role="main">
<section id="drm">
<h1>DRM<a class="headerlink" href="#drm" title="Permalink to this headline"></a></h1>
<p>Shaka Packager supports fetching encryption keys from Widevine Key Server and
PlayReady Key Server. Shaka Packager also supports Raw Keys, for which keys are
provided to Shaka Packager directly.</p>
<div class="toctree-wrapper compound">
<ul>
<li class="toctree-l1"><a class="reference internal" href="widevine.html">Using Widevine Key Server</a><ul>
<li class="toctree-l2"><a class="reference internal" href="widevine.html#synopsis">Synopsis</a></li>
<li class="toctree-l2"><a class="reference internal" href="widevine.html#examples">Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="widevine.html#widevine-test-credential">Widevine test credential</a></li>
<li class="toctree-l2"><a class="reference internal" href="widevine.html#configuration-options">Configuration options</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="playready.html">Using PlayReady Key Server</a><ul>
<li class="toctree-l2"><a class="reference internal" href="playready.html#synopsis">Synopsis</a></li>
<li class="toctree-l2"><a class="reference internal" href="playready.html#configuration-options">Configuration options</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="raw_key.html">Using Raw Key</a><ul>
<li class="toctree-l2"><a class="reference internal" href="raw_key.html#synopsis">Synopsis</a></li>
<li class="toctree-l2"><a class="reference internal" href="raw_key.html#examples">Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="raw_key.html#configuration-options">Configuration options</a></li>
<li class="toctree-l2"><a class="reference internal" href="raw_key.html#pssh-box-utility-to-generate-pssh-boxes">pssh-box (Utility to generate PSSH boxes)</a></li>
</ul>
</li>
</ul>
</div>
<p>Regardless of which key server you are using, you can instruct Shaka Packager to
generate other protection systems in additional to the native protection system
from the key server. This allows generating multi-DRM contents easily.</p>
<section id="configuration-options">
<h2>Configuration options<a class="headerlink" href="#configuration-options" title="Permalink to this headline"></a></h2>
<section id="drm-related-stream-descriptor-fields">
<h3>DRM related Stream descriptor fields<a class="headerlink" href="#drm-related-stream-descriptor-fields" title="Permalink to this headline"></a></h3>
<dl class="field-list simple">
<dt class="field-odd">skip_encryption=0|1</dt>
<dd class="field-odd"><p>Optional. Defaults to 0 if not specified. If it is set to 1, no encryption
of the stream will be made.</p>
</dd>
<dt class="field-even">drm_label</dt>
<dd class="field-even"><p>Optional value for custom DRM label, which defines the encryption key
applied to the stream. Typically values include AUDIO, SD, HD, UHD1, UHD2.
For raw key, it should be a label defined in keys. If not provided, the
DRM label is derived from stream type (video, audio), resolutions, etc.
Note that it is case sensitive.</p>
</dd>
</dl>
</section>
<section id="general-encryption-options">
<h3>General encryption options<a class="headerlink" href="#general-encryption-options" title="Permalink to this headline"></a></h3>
<dl class="option-list">
<dt><kbd><span class="option">--protection_scheme <var>&lt;scheme&gt;</var></span></kbd></dt>
<dd><p>Specify a protection scheme, cenc or cbc1 or pattern-based protection
schemes cens or cbcs.</p>
</dd>
<dt><kbd><span class="option">--crypt_byte_block</span></kbd></dt>
<dd><p>Specify the count of the encrypted blocks in the protection pattern, where
block is of size 16-bytes.</p>
<p>There are three common patterns (crypt_byte_block:skip_byte_block):
1:9 (default), 5:5, 10:0.</p>
<p>Apply to video streams with cbcs and cens protection schemes only;
ignored otherwise.</p>
</dd>
<dt><kbd><span class="option">--skip_byte_block</span></kbd></dt>
<dd><p>Specify the count of the unencrypted blocks in the protection pattern.</p>
<p>Apply to video streams with cbcs and cens protection schemes only;
ignored otherwise.</p>
</dd>
<dt><kbd><span class="option">--vp9_subsample_encryption</span>, <span class="option">--novp9_subsample_encryption</span></kbd></dt>
<dd><p>Enable / disable VP9 subsample encryption. Enabled by default.</p>
</dd>
<dt><kbd><span class="option">--clear_lead <var>&lt;seconds&gt;</var></span></kbd></dt>
<dd><p>Clear lead in seconds if encryption is enabled.
Shaka Packager does not support partial encrypted segments, all the
segments including the partial segment overlapping with the initial
clear_lead seconds are not encrypted, with all the following segments
encrypted. If segment_duration is greater than clear_lead, then only the
first segment is not encrypted.
Default: 5</p>
</dd>
<dt><kbd><span class="option">--protection_systems</span></kbd></dt>
<dd><p>Protection systems to be generated. Supported protection systems include
Widevine, PlayReady, FairPlay, Marlin, and
<a class="reference external" href="https://goo.gl/s8RIhr">CommonSystem</a>.</p>
</dd>
<dt><kbd><span class="option">--playready_extra_header_data <var>&lt;string&gt;</var></span></kbd></dt>
<dd><p>Extra XML data to add to PlayReady PSSH data. Can be specified even if
using another key source.</p>
</dd>
</dl>
</section>
<section id="widevine-encryption-options">
<h3>Widevine encryption options<a class="headerlink" href="#widevine-encryption-options" title="Permalink to this headline"></a></h3>
<dl class="option-list">
<dt><kbd><span class="option">--enable_widevine_encryption</span></kbd></dt>
<dd><p>Enable encryption with Widevine key server. User should provide either
AES signing key (aes_signing_key, aes_signing_iv) or RSA signing key
(rsa_signing_key_path). This generates Widevine protection system if
protection_systems is not specified. Use protection_systems to generate
multiple protection systems.</p>
</dd>
<dt><kbd><span class="option">--enable_widevine_decryption</span></kbd></dt>
<dd><p>Enable decryption with Widevine key server. User should provide either
AES signing key (aes_signing_key, aes_signing_iv) or RSA signing key
(rsa_signing_key_path).</p>
</dd>
<dt><kbd><span class="option">--key_server_url <var>&lt;url&gt;</var></span></kbd></dt>
<dd><p>Key server url. Required for Widevine encryption and decryption.</p>
</dd>
<dt><kbd><span class="option">--content_id <var>&lt;hex&gt;</var></span></kbd></dt>
<dd><p>Content identifier that uniquely identifies the content.</p>
</dd>
<dt><kbd><span class="option">--policy <var>&lt;policy&gt;</var></span></kbd></dt>
<dd><p>The name of a stored policy, which specifies DRM content rights.</p>
</dd>
<dt><kbd><span class="option">--max_sd_pixels <var>&lt;pixels&gt;</var></span></kbd></dt>
<dd><p>The video track is considered SD if its max pixels per frame is no higher
than <em>max_sd_pixels</em>. Default: 442368 (768 x 576).</p>
</dd>
<dt><kbd><span class="option">--max_hd_pixels <var>&lt;pixels&gt;</var></span></kbd></dt>
<dd><p>The video track is considered HD if its max pixels per frame is higher than
<em>max_sd_pixels</em>, but no higher than <em>max_hd_pixels</em>. Default: 2073600
(1920 x 1080).</p>
</dd>
<dt><kbd><span class="option">--max_uhd1_pixels <var>&lt;pixels&gt;</var></span></kbd></dt>
<dd><p>The video track is considered UHD1 if its max pixels per frame is higher
than <em>max_hd_pixels</em>, but no higher than <em>max_uhd1_pixels</em>. Otherwise it is
UHD2. Default: 8847360 (4096 x 2160).</p>
</dd>
<dt><kbd><span class="option">--signer <var>&lt;signer&gt;</var></span></kbd></dt>
<dd><p>The name of the signer.</p>
</dd>
<dt><kbd><span class="option">--aes_signing_key <var>&lt;hex&gt;</var></span></kbd></dt>
<dd><p>AES signing key in hex string. <em>aes_signing_iv</em> is required if
<em>aes_signing_key</em> is specified. This option is exclusive with
<em>rsa_signing_key_path</em>.</p>
</dd>
<dt><kbd><span class="option">--aes_signing_iv <var>&lt;hex&gt;</var></span></kbd></dt>
<dd><p>AES signing iv in hex string.</p>
</dd>
<dt><kbd><span class="option">--rsa_signing_key_path <var>&lt;file path&gt;</var></span></kbd></dt>
<dd><p>Path to the file containing PKCS#1 RSA private key for request signing.
This option is exclusive with <em>aes_signing_key</em>.</p>
</dd>
<dt><kbd><span class="option">--crypto_period_duration <var>&lt;seconds&gt;</var></span></kbd></dt>
<dd><p>Defines how often key rotates. If it is non-zero, key rotation is enabled.</p>
</dd>
<dt><kbd><span class="option">--group_id <var>&lt;hex&gt;</var></span></kbd></dt>
<dd><p>Identifier for a group of licenses.</p>
</dd>
</dl>
</section>
<section id="raw-key-encryption-options">
<h3>Raw key encryption options<a class="headerlink" href="#raw-key-encryption-options" title="Permalink to this headline"></a></h3>
<dl class="option-list">
<dt><kbd><span class="option">--enable_raw_key_encryption</span></kbd></dt>
<dd><p>Enable encryption with raw key (keys provided in command line)). This
generates <a class="reference external" href="https://goo.gl/s8RIhr">Common protection system</a> if neither
pssh nor protection_systems is specified. Use pssh to provide custom
protection systems or use protection_systems to generate protection
systems automatically.</p>
</dd>
<dt><kbd><span class="option">--enable_raw_key_decryption</span></kbd></dt>
<dd><p>Enable decryption with raw key (keys provided in command line).</p>
</dd>
<dt><kbd><span class="option">--keys <var>&lt;key_info_string[,key_info_string][,key_info_string]…&gt;</var></span></kbd></dt>
<dd><p><strong>key_info_string</strong> is of the form:</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">label</span><span class="o">=&lt;</span><span class="n">label</span><span class="o">&gt;</span><span class="p">:</span><span class="n">key_id</span><span class="o">=&lt;</span><span class="n">key_id</span><span class="o">&gt;</span><span class="p">:</span><span class="n">key</span><span class="o">=&lt;</span><span class="n">key</span><span class="o">&gt;</span><span class="p">[:</span><span class="n">iv</span><span class="o">=&lt;</span><span class="n">initialization_vector</span><span class="o">&gt;</span><span class="p">]</span>
</pre></div>
</div>
<p><em>label</em> can be an arbitrary string or a predefined DRM label like AUDIO,
SD, HD, etc. Label with an empty string indicates the default key and
key_id. The <em>drm_label</em> in <a class="reference internal" href="../options/stream_descriptors.html"><span class="doc">Stream descriptors</span></a>,
which can be implicit, determines which key info is applied to the stream
by matching the <em>drm_label</em> with the <em>label</em> in key info.</p>
<p><em>key_id</em> and <em>key</em> should be 32-digit hex strings.</p>
<p><em>initialization_vector</em> is an optional IV with the same format and semantics
as the parameter for the <em>iv</em> option below. This is mutually exclusive with
that option.</p>
</dd>
<dt><kbd><span class="option">--iv <var>&lt;16-digit or 32-digit hex string&gt;</var></span></kbd></dt>
<dd><p>IV in hex string format. If not specified, a random IV will be generated.
This flag should only be used for testing. IV must be either 8 bytes
(16 digits HEX) or 16 bytes (32 digits in HEX).</p>
</dd>
<dt><kbd><span class="option">--pssh <var>&lt;hex string&gt;</var></span></kbd></dt>
<dd><p>One or more concatenated PSSH boxes in hex string format. If neither this
flag nor protection_systems is specified, a
<a class="reference external" href="https://goo.gl/s8RIhr">v1 common PSSH box</a> will be generated.</p>
</dd>
</dl>
</section>
</section>
</section>
<div class="clearer"></div>
</div>
</div>
</div>
<div class="sphinxsidebar" role="navigation" aria-label="main navigation">
<div class="sphinxsidebarwrapper">
<h3><a href="../index.html">Table of Contents</a></h3>
<ul>
<li><a class="reference internal" href="#">DRM</a><ul>
<li><a class="reference internal" href="#configuration-options">Configuration options</a><ul>
<li><a class="reference internal" href="#drm-related-stream-descriptor-fields">DRM related Stream descriptor fields</a></li>
<li><a class="reference internal" href="#general-encryption-options">General encryption options</a></li>
<li><a class="reference internal" href="#widevine-encryption-options">Widevine encryption options</a></li>
<li><a class="reference internal" href="#raw-key-encryption-options">Raw key encryption options</a></li>
</ul>
</li>
</ul>
</li>
</ul>
<h4>Previous topic</h4>
<p class="topless"><a href="live.html"
title="previous chapter">Live</a></p>
<h4>Next topic</h4>
<p class="topless"><a href="widevine.html"
title="next chapter">Using Widevine Key Server</a></p>
<div role="note" aria-label="source link">
<h3>This Page</h3>
<ul class="this-page-menu">
<li><a href="../_sources/tutorials/drm.rst.txt"
rel="nofollow">Show Source</a></li>
</ul>
</div>
<div id="searchbox" style="display: none" role="search">
<h3 id="searchlabel">Quick search</h3>
<div class="searchformwrapper">
<form class="search" action="../search.html" method="get">
<input type="text" name="q" aria-labelledby="searchlabel" />
<input type="submit" value="Go" />
</form>
</div>
</div>
<script>$('#searchbox').show(0);</script>
</div>
</div>
<div class="clearer"></div>
</div>
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="../genindex.html" title="General Index"
>index</a></li>
<li class="right" >
<a href="widevine.html" title="Using Widevine Key Server"
>next</a> |</li>
<li class="right" >
<a href="live.html" title="Live"
>previous</a> |</li>
<li class="nav-item nav-item-0"><a href="../index.html">Shaka Packager documentation</a> &#187;</li>
<li class="nav-item nav-item-1"><a href="tutorials.html" >Tutorials</a> &#187;</li>
<li class="nav-item nav-item-this"><a href="">DRM</a></li>
</ul>
</div>
<div class="footer" role="contentinfo">
&#169; Copyright 2017, Google.
Created using <a href="https://www.sphinx-doc.org/">Sphinx</a> 4.0.2.
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink