1f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// Copyright 2013 The Chromium Authors. All rights reserved.
2f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be
3f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// found in the LICENSE file.
4f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)
5f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#ifndef MEDIA_CDM_JSON_WEB_KEY_H_
6f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#define MEDIA_CDM_JSON_WEB_KEY_H_
7f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)
8f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include <string>
9f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include <utility>
10f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include <vector>
11f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)
12f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "base/basictypes.h"
13f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "media/base/media_export.h"
1403b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)#include "media/base/media_keys.h"
15f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)
16f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)namespace media {
17f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)
1803b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// The ClearKey license request format (ref:
1903b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// https://dvcs.w3.org/hg/html-media/raw-file/default/encrypted-media/encrypted-media.html#clear-key)
2003b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// is a JSON object containing the following members:
2103b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)//   "kids" : An array of key IDs. Each element of the array is the base64url
2203b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)//            encoding of the octet sequence containing the key ID value.
2303b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)//   "type" : The requested SessionType.
2403b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// An example:
2503b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)//   { "kids":["67ef0gd8pvfd0","77ef0gd8pvfd0"], "type":"temporary" }
2603b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)
2703b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// The ClearKey license format is a JSON Web Key (JWK) Set containing
2803b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// representation of the symmetric key to be used for decryption.
2903b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// For each JWK in the set, the parameter values are as follows:
3003b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)//   "kty" (key type)  : "oct" (octet sequence)
3103b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)//   "alg" (algorithm) : "A128KW" (AES key wrap using a 128-bit key)
3203b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)//   "k" (key value)   : The base64url encoding of the octet sequence
3303b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)//                       containing the symmetric key value.
3403b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)//   "kid" (key ID)    : The base64url encoding of the octet sequence
3503b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)//                       containing the key ID value.
3603b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// The JSON object may have an optional "type" member value, which may be
3703b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// any of the SessionType values. If not specified, the default value of
3803b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// "temporary" is used.
39f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// A JSON Web Key Set looks like the following in JSON:
4003b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)//   { "keys": [ JWK1, JWK2, ... ], "type":"temporary" }
41f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// A symmetric keys JWK looks like the following in JSON:
42f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)//   { "kty":"oct",
4303b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)//     "alg":"A128KW",
44f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)//     "kid":"AQIDBAUGBwgJCgsMDQ4PEA",
45f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)//     "k":"FBUWFxgZGhscHR4fICEiIw" }
4603b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)
47f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// There may be other properties specified, but they are ignored.
48f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// Ref: http://tools.ietf.org/html/draft-ietf-jose-json-web-key and:
49f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// http://tools.ietf.org/html/draft-jones-jose-json-private-and-symmetric-key
50f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)
51f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// Vector of [key_id, key_value] pairs. Values are raw binary data, stored in
52f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// strings for convenience.
53f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)typedef std::pair<std::string, std::string> KeyIdAndKeyPair;
54f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)typedef std::vector<KeyIdAndKeyPair> KeyIdAndKeyPairs;
55f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)
56f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// Converts a single |key|, |key_id| pair to a JSON Web Key Set.
57f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)MEDIA_EXPORT std::string GenerateJWKSet(const uint8* key, int key_length,
58f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)                                        const uint8* key_id, int key_id_length);
59f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)
60f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// Extracts the JSON Web Keys from a JSON Web Key Set. If |input| looks like
6103b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// a valid JWK Set, then true is returned and |keys| and |session_type| are
6203b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// updated to contain the values found. Otherwise return false.
63f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)MEDIA_EXPORT bool ExtractKeysFromJWKSet(const std::string& jwk_set,
6403b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)                                        KeyIdAndKeyPairs* keys,
6503b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)                                        MediaKeys::SessionType* session_type);
6603b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)
6703b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// Create a license request message for the |key_id| and |session_type|
6803b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// specified. Currently ClearKey generates a message for each key individually,
6903b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// so no need to take a list of |key_id|'s. |license| is updated to contain the
7003b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// resulting JSON string.
7103b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)MEDIA_EXPORT void CreateLicenseRequest(const uint8* key_id,
7203b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)                                       int key_id_length,
7303b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)                                       MediaKeys::SessionType session_type,
7403b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)                                       std::vector<uint8>* license);
7503b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)
7603b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// Extract the first key from the license request message. Returns true if
7703b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// |license| is a valid license request and contains at least one key,
7803b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)// otherwise false and |first_key| is not touched.
7903b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)MEDIA_EXPORT bool ExtractFirstKeyIdFromLicenseRequest(
8003b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)    const std::vector<uint8>& license,
8103b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)    std::vector<uint8>* first_key);
82f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)
83f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)}  // namespace media
84f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)
85f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#endif  // MEDIA_CDM_JSON_WEB_KEY_H_
86