drm

package module
v0.0.0-...-166a25f Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 24, 2022 License: MIT Imports: 2 Imported by: 0

README

NO DRM IMPLEMENTATION HERE! ONLY ABSTRAT INTERFACE!

What

It's a generalized interface for different types of CDM for WEBDL use. A remote CDM JSON-RPC client/server is included.

Why

Provide a de-facto standard when it comes to CDM business. People with implementations and keys often want to keep them private. A standardized remote CDM interface would help people sharing CDM as a service without giving out keys/implementations.

Contact

CDM implementation will never be published publicly, unless their parent company disclosed the implementation details. Still, it's a hope to have everyone setup their CDM infrastructures securely, so there would be less key leaks and revocations. In order to do that, CDM implementations will be shared through private channels.

To request source code of concrete CDM implementation conforming to this common interface, send your current implementation as a proof that you are in business. Currently Widevine and PlayReady v2 CDM are ready for production use. FairPlay Streaming CDM is in development stage. Helps are welcomed for collaboration on new CDM Reverse Engineering and implementations.

IMPORTANT: NEVER ASK FOR KEYS! WILL BLOCK YOU IF YOU DID!

Email: hexpell@tuta.io

Documentation

Overview

Package drm provides unified interfaces for all concrete CDM implementations.

By unifying the CDM interface we abstract away the complexity in dealing with different underlying CDM implementations. For example, site clients that need access to CDM functions can accept a Session object instead of concrete CDM implementations as its parameter. So the consumer of the client code can choose from available concrete implementations.

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrPermission         = errors.New("permission denied")
	ErrDeviceNotFound     = errors.New("device not found")
	ErrDeviceExists       = errors.New("device already exists")
	ErrInvalidSessionData = errors.New("invalid session data")
	ErrUnknownDRMSystem   = errors.New("unknown DRM system")
	ErrInvalidParams      = errors.New("invalid parameters")
	ErrInvalidLicense     = errors.New("invalid license")
	ErrInvalidInitData    = errors.New("invalid init data")
	ErrInternalFailure    = errors.New("internal failure")
)
View Source 
var SystemID = map[SystemName][]byte{
	WIDEVINE:  {0xED, 0xEF, 0x8B, 0xA9, 0x79, 0xD6, 0x4A, 0xCE, 0xA3, 0xC8, 0x27, 0xDC, 0xD5, 0x1D, 0x21, 0xED},
	FAIRPLAY:  {0x29, 0x70, 0x1F, 0xE4, 0x3C, 0xC7, 0x4A, 0x34, 0x8C, 0x5B, 0xAE, 0x90, 0xC7, 0x43, 0x9A, 0x47},
	PLAYREADY: {0x9A, 0x04, 0xF0, 0x79, 0x98, 0x40, 0x42, 0x86, 0xAB, 0x92, 0xE6, 0x5B, 0xE0, 0x88, 0x5F, 0x95},
}

Functions

This section is empty.

Types

type CDM 

type CDM interface {
	// Generates a license request challenge for the given options.
	GenerateChallenge(ctx context.Context, options *ChallengOptions) (challenge *Challenge, session Session, err error)

	// Get the underlying CDM implementation information.
	Info(ctx context.Context) (info *DeviceInfo, err error)
}

type ChallengOptions 

type ChallengOptions struct {
	// Common values are "cenc" and "webm" but implementation may add more.
	InitDataType string `json:"init_data_type,omitempty"`

	// An array of bytes. This is because license server may accept more than one init data at once, to request
	// licenses for multiple titles in a single license request.
	InitData [][]byte `json:"init_data"`

	LicenseType LicenseType `json:"license_type,omitempty"`

	// Optional. When it's nil, LicenseRequest.ClientId is set. If it's a valid Widevine proxy license server
	// certificate, then LicenseRequest.EncryptedClientId is set to the encrypted version of ClientIdentification.
	// Valid Widevine proxy license server certificate can be either a response wrapped in a SignedMessage structure,
	// usually responded from the license proxy server when issuing the request "CAQ=", which decodes to
	// SERVICE_CERTIFICATE_REQUEST. OR it can be the actual data in SignedDrmCertificate structure, which is usually
	// used in EME function call MediaKeys.setServerCertificate.
	ServerCert []byte `json:"server_cert,omitempty"`

	// If the implementation has VMP support, VMP data is included by default unless this option is set to true.
	DisableVmp bool `json:"disable_vmp"`

	// If ServerCert is set, LicenseRequest.EncryptedClientId is used unless this option is set to true, which will
	// force the implementation to use LicenseRequest.ClientId instead.
	DisableClientIDEncryption bool `json:"disable_client_id_encryption"`

	// If the implementation supports generating device ID, this paramter can be used to deterministically seed the
	// generator to produce fixed device ID. If not set, empty seed is used.
	DeviceIDSeed []byte `json:"device_id_seed,omitempty"`
}

type Challenge 

type Challenge struct {
	Challenge   []byte `json:"challenge"`
	ChallengeId []byte `json:"challenge_id"`
}

type DeviceInfo 

type DeviceInfo struct {
	System                SystemName    `json:"system"`
	Device                string        `json:"device,omitempty"`
	Version               string        `json:"version,omitempty"`
	SecurityLevel         SecurityLevel `json:"security_level,omitempty"`
	SupportRandomDeviceID bool          `json:"support_random_device_id"`
	DeviceData            []byte        `json:"device_data,omitempty"`
}

type Key 

type Key struct {
	Type        KeyType       `json:"type"`
	KID         []byte        `json:"kid"`
	Key         []byte        `json:"key"`
	Permissions []Permissions `json:"permissions"`
}

type KeyType 

type KeyType string
const (
	SIGNING          KeyType = "SIGNING"
	CONTENT          KeyType = "CONTENT"
	KEY_CONTROL      KeyType = "KEY_CONTROL"
	OPERATOR_SESSION KeyType = "OPERATOR_SESSION"
	ENTITLEMENT      KeyType = "ENTITLEMENT"
)

type LicenseType 

type LicenseType string
const (
	STREAMING LicenseType = "STREAMING"
	OFFLINE   LicenseType = "OFFLINE"
)

type Permissions 

type Permissions string
const (
	ALLOW_ENCRYPT          Permissions = "ALLOW_ENCRYPT"
	ALLOW_DECRYPT          Permissions = "ALLOW_DECRYPT"
	ALLOW_SIGN             Permissions = "ALLOW_SIGN"
	ALLOW_SIGNATURE_VERIFY Permissions = "ALLOW_SIGNATURE_VERIFY"
)

type Registry 

type Registry interface {
	Get(ctx context.Context, device string) (CDM, error)
	List(ctx context.Context, devices []string) ([]*DeviceInfo, error)
	Register(ctx context.Context, devices []*DeviceInfo) error
	Remove(ctx context.Context, devices []string) error
}

type SecurityLevel 

type SecurityLevel string
const (
	// Widevine Security Levels
	L1 SecurityLevel = "L1"
	L2 SecurityLevel = "L2"
	L3 SecurityLevel = "L3"

	// PlayReady Security Levels
	SL150  SecurityLevel = "SL150"
	SL2000 SecurityLevel = "SL2000"
	SL3000 SecurityLevel = "SL3000"

	// FairPlay Streaminig Security Levels
	AppleBaseline SecurityLevel = "AppleBaseline"
	AppleMain     SecurityLevel = "AppleMain"
)

type Session 

type Session interface {
	// Updates the session with the provided license.
	ProvideLicense(ctx context.Context, license []byte) (keys []*Key, err error)
}

type StatelessCDM 

type StatelessCDM interface {
	CDM
	// Making the CDM server stateless by allow restoring a session from its internal states.
	RestoreSession(sessionData []byte) (session Session, err error)
}

type StatelessSession 

type StatelessSession interface {
	Session
	// Generate recoverable session data for its internal states.
	Serialize() (sessionData []byte, err error)
}

type SystemName 

type SystemName string
const (
	WIDEVINE  SystemName = "WIDEVINE"
	FAIRPLAY  SystemName = "FAIRPLAY"
	PLAYREADY SystemName = "PLAYREADY"
)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.