1// Copyright 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef MEDIA_CDM_JSON_WEB_KEY_H_
6#define MEDIA_CDM_JSON_WEB_KEY_H_
7
8#include <string>
9#include <utility>
10#include <vector>
11
12#include "base/basictypes.h"
13#include "media/base/media_export.h"
14#include "media/base/media_keys.h"
15
16namespace media {
17
18// The ClearKey license request format (ref:
19// https://dvcs.w3.org/hg/html-media/raw-file/default/encrypted-media/encrypted-media.html#clear-key)
20// is a JSON object containing the following members:
21//   "kids" : An array of key IDs. Each element of the array is the base64url
22//            encoding of the octet sequence containing the key ID value.
23//   "type" : The requested SessionType.
24// An example:
25//   { "kids":["67ef0gd8pvfd0","77ef0gd8pvfd0"], "type":"temporary" }
26
27// The ClearKey license format is a JSON Web Key (JWK) Set containing
28// representation of the symmetric key to be used for decryption.
29// For each JWK in the set, the parameter values are as follows:
30//   "kty" (key type)  : "oct" (octet sequence)
31//   "alg" (algorithm) : "A128KW" (AES key wrap using a 128-bit key)
32//   "k" (key value)   : The base64url encoding of the octet sequence
33//                       containing the symmetric key value.
34//   "kid" (key ID)    : The base64url encoding of the octet sequence
35//                       containing the key ID value.
36// The JSON object may have an optional "type" member value, which may be
37// any of the SessionType values. If not specified, the default value of
38// "temporary" is used.
39// A JSON Web Key Set looks like the following in JSON:
40//   { "keys": [ JWK1, JWK2, ... ], "type":"temporary" }
41// A symmetric keys JWK looks like the following in JSON:
42//   { "kty":"oct",
43//     "alg":"A128KW",
44//     "kid":"AQIDBAUGBwgJCgsMDQ4PEA",
45//     "k":"FBUWFxgZGhscHR4fICEiIw" }
46
47// There may be other properties specified, but they are ignored.
48// Ref: http://tools.ietf.org/html/draft-ietf-jose-json-web-key and:
49// http://tools.ietf.org/html/draft-jones-jose-json-private-and-symmetric-key
50
51// Vector of [key_id, key_value] pairs. Values are raw binary data, stored in
52// strings for convenience.
53typedef std::pair<std::string, std::string> KeyIdAndKeyPair;
54typedef std::vector<KeyIdAndKeyPair> KeyIdAndKeyPairs;
55
56// Converts a single |key|, |key_id| pair to a JSON Web Key Set.
57MEDIA_EXPORT std::string GenerateJWKSet(const uint8* key, int key_length,
58                                        const uint8* key_id, int key_id_length);
59
60// Extracts the JSON Web Keys from a JSON Web Key Set. If |input| looks like
61// a valid JWK Set, then true is returned and |keys| and |session_type| are
62// updated to contain the values found. Otherwise return false.
63MEDIA_EXPORT bool ExtractKeysFromJWKSet(const std::string& jwk_set,
64                                        KeyIdAndKeyPairs* keys,
65                                        MediaKeys::SessionType* session_type);
66
67// Create a license request message for the |key_id| and |session_type|
68// specified. Currently ClearKey generates a message for each key individually,
69// so no need to take a list of |key_id|'s. |license| is updated to contain the
70// resulting JSON string.
71MEDIA_EXPORT void CreateLicenseRequest(const uint8* key_id,
72                                       int key_id_length,
73                                       MediaKeys::SessionType session_type,
74                                       std::vector<uint8>* license);
75
76// Extract the first key from the license request message. Returns true if
77// |license| is a valid license request and contains at least one key,
78// otherwise false and |first_key| is not touched.
79MEDIA_EXPORT bool ExtractFirstKeyIdFromLicenseRequest(
80    const std::vector<uint8>& license,
81    std::vector<uint8>* first_key);
82
83}  // namespace media
84
85#endif  // MEDIA_CDM_JSON_WEB_KEY_H_
86