public void ShouldCreateEncryptedInitilizedAsset()
{
IAsset asset = _mediaContext.Assets.Create("Test", AssetCreationOptions.StorageEncrypted);
Assert.IsNotNull(asset, "Asset should be non null");
Assert.AreNotEqual(Guid.Empty, asset.Id, "Asset ID shuold not be null");
Assert.AreEqual(0, asset.AssetFiles.Count(), "Asset has files");
Assert.AreEqual(AssetState.Initialized, asset.State, "Expecting initilized state");
IAccessPolicy policy = _mediaContext.AccessPolicies.Create("temp", TimeSpan.FromMinutes(10), AccessPermissions.Write);
ILocator locator = _mediaContext.Locators.CreateSasLocator(asset, policy);
IAssetFile file = asset.AssetFiles.Create(Path.GetFileName(_smallWmv));
Task task = file.UploadAsync(_smallWmv,
_mediaContext.MediaServicesClassFactory.GetBlobTransferClient(),
locator,
CancellationToken.None);
task.Wait();
Assert.IsTrue(task.IsCompleted);
Assert.IsTrue(!task.IsFaulted);
locator.Delete();
policy.Delete();
IAsset refreshedAsset = _mediaContext.Assets.Where(c => c.Id == asset.Id).FirstOrDefault();
Assert.AreEqual(asset.Name, refreshedAsset.Name);
Assert.AreEqual(AssetState.Initialized, refreshedAsset.State);
Assert.AreEqual(1, refreshedAsset.AssetFiles.Count(), "file count wrong");
VerifyAndDownloadAsset(refreshedAsset, 1, false);
ContentKeyTests.VerifyFileAndContentKeyMetadataForStorageEncryption(refreshedAsset, _mediaContext);
}
public static IContentKey CreateTestKey(CloudMediaContext mediaContext, ContentKeyType contentKeyType, out byte[] key, string name = "")
{
key = ContentKeyTests.GetRandomBuffer(16);
IContentKey contentKey = mediaContext.ContentKeys.Create(Guid.NewGuid(), key, name, contentKeyType);
return(contentKey);
}
private void SetupCommonPolicy(IAsset asset, AssetDeliveryProtocol protocol)
{
IContentKey key = _mediaContext.ContentKeys.Create(Guid.NewGuid(), ContentKeyTests.GetRandomBuffer(16), "Common Encryption Key", ContentKeyType.CommonEncryption);
asset.ContentKeys.Add(key);
Dictionary <AssetDeliveryPolicyConfigurationKey, string> config = new Dictionary <AssetDeliveryPolicyConfigurationKey, string>()
{
{ AssetDeliveryPolicyConfigurationKey.PlayReadyLicenseAcquisitionUrl, "https://fakeKeyDeliveryurl.com/PlayReady" }
};
IAssetDeliveryPolicy policy = _mediaContext.AssetDeliveryPolicies.Create("Clear Policy", AssetDeliveryPolicyType.DynamicCommonEncryption, protocol, config);
asset.DeliveryPolicies.Add(policy);
}
private void SetupEnvelopePolicy(IAsset asset, AssetDeliveryProtocol protocol)
{
IContentKey key = _mediaContext.ContentKeys.Create(Guid.NewGuid(), ContentKeyTests.GetRandomBuffer(16), "Envelope Encryption Key", ContentKeyType.EnvelopeEncryption);
asset.ContentKeys.Add(key);
Dictionary <AssetDeliveryPolicyConfigurationKey, string> config = new Dictionary <AssetDeliveryPolicyConfigurationKey, string>()
{
{ AssetDeliveryPolicyConfigurationKey.EnvelopeBaseKeyAcquisitionUrl, "https://fakeKeyDeliveryurl.com/" },
{ AssetDeliveryPolicyConfigurationKey.EnvelopeEncryptionIVAsBase64, Convert.ToBase64String(Guid.NewGuid().ToByteArray()) } // TODO: Remove this once no IV is supported
};
IAssetDeliveryPolicy policy = _mediaContext.AssetDeliveryPolicies.Create("Clear Policy", AssetDeliveryPolicyType.DynamicEnvelopeEncryption, protocol, config);
asset.DeliveryPolicies.Add(policy);
}
public void ShouldCreateEncryptedInitilizedAsset()
{
IAsset asset = _dataContext.Assets.Create("Test", AssetCreationOptions.StorageEncrypted);
Assert.IsNotNull(asset, "Asset should be non null");
Assert.AreNotEqual(Guid.Empty, asset.Id, "Asset ID shuold not be null");
Assert.AreEqual(0, asset.AssetFiles.Count(), "Asset has files");
Assert.AreEqual(AssetState.Initialized, asset.State, "Expecting initilized state");
IAccessPolicy policy = _dataContext.AccessPolicies.Create("temp", TimeSpan.FromMinutes(10), AccessPermissions.Write);
ILocator locator = _dataContext.Locators.CreateSasLocator(asset, policy);
IAssetFile file = asset.AssetFiles.Create(Path.GetFileName(_smallWmv));
Task task = file.UploadAsync(_smallWmv,
new BlobTransferClient
{
NumberOfConcurrentTransfers = 10,
ParallelTransferThreadCount = 10
},
locator,
CancellationToken.None);
task.Wait();
Assert.IsTrue(task.IsCompleted);
Assert.IsTrue(!task.IsFaulted);
locator.Delete();
policy.Delete();
IAsset refreshedAsset = _dataContext.Assets.Where(c => c.Id == asset.Id).FirstOrDefault();
Assert.AreEqual(asset.Name, refreshedAsset.Name);
Assert.AreEqual(AssetState.Initialized, refreshedAsset.State);
Assert.AreEqual(1, refreshedAsset.AssetFiles.Count(), "file count wrong");
// TODO: Task 27827: Design and implement a KeyOracle Role to hold the Private key or keys used to protect content keys
//VerifyAndDownloadAsset(refreshedAsset);
ContentKeyTests.VerifyFileAndContentKeyMetadataForStorageEncryption(refreshedAsset, _dataContext);
}
private IAsset CreatePlayReadyProtectedSmoothAsset(IAsset clearSmoothAssetToProtect)
{
Guid keyId = Guid.NewGuid();
byte[] keyValue = ContentKeyTests.GetRandomBuffer(16);
string encryptionConfiguration = File.ReadAllText(WindowsAzureMediaServicesTestConfiguration.PlayReadyConfigWithContentKey);
encryptionConfiguration = JobTests.UpdatePlayReadyConfigurationXML(keyId, keyValue, new Uri("http://www.fakeurl.com"), encryptionConfiguration);
IJob job = _mediaContext.Jobs.Create("Add PlayReady Protection Job");
IMediaProcessor mediaProcessor = JobTests.GetMediaProcessor(_mediaContext, WindowsAzureMediaServicesTestConfiguration.MpEncryptorName);
ITask task = job.Tasks.AddNew("PlayReady Encryption Task", mediaProcessor, encryptionConfiguration, TaskOptions.ProtectedConfiguration);
task.InputAssets.Add(clearSmoothAssetToProtect);
task.OutputAssets.AddNew("PlayReady Protected Smooth", AssetCreationOptions.CommonEncryptionProtected);
job.Submit();
job.GetExecutionProgressTask(CancellationToken.None).Wait();
job.Refresh();
return(job.OutputMediaAssets[0]);
}
public void TestGetEncryptionState()
{
IAsset asset = JobTests.CreateSmoothAsset(_mediaContext, _filePaths, AssetCreationOptions.None);
AssetDeliveryProtocol protocolsToSet = AssetDeliveryProtocol.HLS | AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.Dash;
Dictionary <AssetDeliveryPolicyConfigurationKey, string> configuration = new Dictionary <AssetDeliveryPolicyConfigurationKey, string>()
{
{ AssetDeliveryPolicyConfigurationKey.EnvelopeBaseKeyAcquisitionUrl, "https://www.test.com/" },
{ AssetDeliveryPolicyConfigurationKey.EnvelopeEncryptionIVAsBase64, Convert.ToBase64String(ContentKeyTests.GetRandomBuffer(16)) }
};
IAssetDeliveryPolicy policy = _mediaContext.AssetDeliveryPolicies.Create("Test Policy", AssetDeliveryPolicyType.DynamicEnvelopeEncryption, protocolsToSet, configuration);
IContentKey key = _mediaContext.ContentKeys.Create(Guid.NewGuid(), ContentKeyTests.GetRandomBuffer(16), "Test key", ContentKeyType.EnvelopeEncryption);
asset.ContentKeys.Add(key);
asset.DeliveryPolicies.Add(policy);
AssetEncryptionState state = asset.GetEncryptionState(protocolsToSet);
Assert.AreEqual(AssetEncryptionState.DynamicEnvelopeEncryption, state);
state = asset.GetEncryptionState(AssetDeliveryProtocol.Dash | AssetDeliveryProtocol.Hds);
Assert.AreEqual(AssetEncryptionState.NoSinglePolicyApplies, state);
state = asset.GetEncryptionState(AssetDeliveryProtocol.Hds);
Assert.AreEqual(AssetEncryptionState.BlockedByPolicy, state);
CleanupAsset(asset);
}