static public void AddOpenAuthorizationPolicy(IContentKey contentKey) { // Create ContentKeyAuthorizationPolicy with Open restrictions and create authorization policy IContentKeyAuthorizationPolicy policy = context.ContentKeyAuthorizationPolicies.CreateAsync("Open Authorization Policy").Result; List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction>(); ContentKeyAuthorizationPolicyRestriction restriction = new ContentKeyAuthorizationPolicyRestriction { Name = "HLS Open Authorization Policy", KeyRestrictionType = (int)ContentKeyRestrictionType.Open, Requirements = null // no requirements needed for HLS }; restrictions.Add(restriction); IContentKeyAuthorizationPolicyOption policyOption = context.ContentKeyAuthorizationPolicyOptions.Create( "policy", ContentKeyDeliveryType.BaselineHttp, restrictions, ""); policy.Options.Add(policyOption); // Add ContentKeyAutorizationPolicy to ContentKey contentKey.AuthorizationPolicyId = policy.Id; IContentKey updatedKey = contentKey.UpdateAsync().Result; }
static public IContentKey CreateEnvelopeTypeContentKey(IAsset asset) { // Create envelope encryption content key Guid keyId = Guid.NewGuid(); byte[] contentKey = GetRandomBuffer(16); IContentKey key = context.ContentKeys.Create( keyId, contentKey, "ContentKey", ContentKeyType.EnvelopeEncryption); // Associate the key with the asset. asset.ContentKeys.Add(key); return(key); }
public void ProcessPolicyAndEncryption(IAsset asset) { IContentKey key = CreateEnvelopeTypeContentKey(asset); if (useAESRestriction) { // AES restriction AddTokenRestrictedAuthorizationPolicy(key); } else { // No restriction AddOpenAuthorizationPolicy(key); } // Set asset delivery policy CreateAssetDeliveryPolicy(asset, key); }
public static string AddTokenRestrictedAuthorizationPolicy(IContentKey contentKey) { string tokenTemplateString = GenerateTokenRequirements(); IContentKeyAuthorizationPolicy policy = context. ContentKeyAuthorizationPolicies. CreateAsync("HLS token restricted authorization policy").Result; List <ContentKeyAuthorizationPolicyRestriction> restrictions = new List <ContentKeyAuthorizationPolicyRestriction>(); ContentKeyAuthorizationPolicyRestriction restriction = new ContentKeyAuthorizationPolicyRestriction { Name = "Token Authorization Policy", KeyRestrictionType = (int)ContentKeyRestrictionType.TokenRestricted, Requirements = tokenTemplateString }; restrictions.Add(restriction); //You could have multiple options IContentKeyAuthorizationPolicyOption policyOption = context.ContentKeyAuthorizationPolicyOptions.Create( "Token option for HLS", ContentKeyDeliveryType.BaselineHttp, restrictions, null // no key delivery data is needed for HLS ); policy.Options.Add(policyOption); // Add ContentKeyAutorizationPolicy to ContentKey contentKey.AuthorizationPolicyId = policy.Id; IContentKey updatedKey = contentKey.UpdateAsync().Result; return(tokenTemplateString); }
static public void CreateAssetDeliveryPolicy(IAsset asset, IContentKey key) { Uri keyAcquisitionUri = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp); string envelopeEncryptionIV = Convert.ToBase64String(GetRandomBuffer(16)); // The following policy configuration specifies: key url that will have KID=<Guid> appended to the envelope and // the Initialization Vector (IV) to use for the envelope encryption. Dictionary <AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration = new Dictionary <AssetDeliveryPolicyConfigurationKey, string> { { AssetDeliveryPolicyConfigurationKey.EnvelopeKeyAcquisitionUrl, keyAcquisitionUri.ToString() } }; IAssetDeliveryPolicy assetDeliveryPolicy = context.AssetDeliveryPolicies.Create( "AssetDeliveryPolicy", AssetDeliveryPolicyType.DynamicEnvelopeEncryption, AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.HLS | AssetDeliveryProtocol.Dash, assetDeliveryPolicyConfiguration); // Add AssetDelivery Policy to the asset asset.DeliveryPolicies.Add(assetDeliveryPolicy); }