private static void CreatePlayReadyAndWidevineAssetDeliveryPolicy(IAsset asset, IContentKey key)
{
// Get the PlayReady license service URL.
Uri acquisitionUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense);
// GetKeyDeliveryUrl for Widevine attaches the KID to the URL.
// For example: https://amsaccount1.keydelivery.mediaservices.windows.net/Widevine/?KID=268a6dcb-18c8-4648-8c95-f46429e4927c.
// The WidevineBaseLicenseAcquisitionUrl (used below) also tells Dynamaic Encryption
// to append /? KID =< keyId > to the end of the url when creating the manifest.
// As a result Widevine license aquisition URL will have KID appended twice,
// so we need to remove the KID that in the URL when we call GetKeyDeliveryUrl.
Uri widevineUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.Widevine);
UriBuilder uriBuilder = new UriBuilder(widevineUrl);
uriBuilder.Query = String.Empty;
widevineUrl = uriBuilder.Uri;
Dictionary <AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration =
new Dictionary <AssetDeliveryPolicyConfigurationKey, string>
{
{ AssetDeliveryPolicyConfigurationKey.PlayReadyLicenseAcquisitionUrl, acquisitionUrl.ToString() },
{ AssetDeliveryPolicyConfigurationKey.WidevineBaseLicenseAcquisitionUrl, widevineUrl.ToString() }
};
var assetDeliveryPolicy = _context.AssetDeliveryPolicies.Create(
"PlayReady and Widevine AssetDeliveryPolicy",
AssetDeliveryPolicyType.DynamicCommonEncryption,
AssetDeliveryProtocol.Dash | AssetDeliveryProtocol.SmoothStreaming,
assetDeliveryPolicyConfiguration);
// Add AssetDelivery Policy to the asset
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
}
static void Main(string[] args)
{
VerifyCerts();
var credentials = new MediaServicesCredentials(_wamsAccount, _wamsAccountKey)
{
AcsBaseAddress = _wamsAcsBaseAddress,
Scope = _wamsAcsScope
};
_mediaContext = new CloudMediaContext(_wamsEndpoint, credentials);
IAsset asset = CreateAsset();
IContentKey key = CreateKeyWithPolicy(asset);
IAssetDeliveryPolicy assetDeliveryPolicy = CreateAssetDeliveryPolicy(asset, key);
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
Console.WriteLine("Asset Delivery Policy Added");
ILocator streamingLocator = CreateLocator(asset);
IStreamingEndpoint origin = GetOrigin(recreate: false);
Uri uri = GetManifestUrl(origin, asset, streamingLocator);
string keyDeliveryUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.FairPlay).ToString();
Console.WriteLine("ism: {0}\nkey delivery: {1}", uri, keyDeliveryUrl);
Console.ReadKey();
}
static public IAssetDeliveryPolicy CreateAssetDeliveryPolicyAES(IAsset asset, IContentKey key, AssetDeliveryProtocol assetdeliveryprotocol, string name, CloudMediaContext _context, Uri keyAcquisitionUri)
{
// if user does not specify a custom LA URL, let's use the AES key server from Azure Media Services
if (keyAcquisitionUri == null)
{
keyAcquisitionUri = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
}
string envelopeEncryptionIV = Convert.ToBase64String(GetRandomBuffer(16));
// The following policy configuration specifies:
// key url that will have KID=<Guid> appended to the envelope and
// the Initialization Vector (IV) to use for the envelope encryption.
Dictionary <AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration =
new Dictionary <AssetDeliveryPolicyConfigurationKey, string>
{
{ AssetDeliveryPolicyConfigurationKey.EnvelopeKeyAcquisitionUrl, keyAcquisitionUri.ToString() },
{ AssetDeliveryPolicyConfigurationKey.EnvelopeEncryptionIVAsBase64, envelopeEncryptionIV }
};
IAssetDeliveryPolicy assetDeliveryPolicy =
_context.AssetDeliveryPolicies.Create(
name,
AssetDeliveryPolicyType.DynamicEnvelopeEncryption,
assetdeliveryprotocol,
assetDeliveryPolicyConfiguration);
// Add AssetDelivery Policy to the asset
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
return(assetDeliveryPolicy);
}
private static void CreateFairPlayAssetDeliveryPolicy(IAsset asset, IContentKey key)
{
var kdPolicy = _context.ContentKeyAuthorizationPolicies.Where(p => p.Id == key.AuthorizationPolicyId).Single();
var kdOption = kdPolicy.Options.Single(o => o.KeyDeliveryType == ContentKeyDeliveryType.FairPlay);
FairPlayConfiguration configFP = JsonConvert.DeserializeObject <FairPlayConfiguration>(kdOption.KeyDeliveryConfiguration);
// Get the FairPlay license service URL.
Uri acquisitionUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.FairPlay);
Dictionary <AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration =
new Dictionary <AssetDeliveryPolicyConfigurationKey, string>
{
{ AssetDeliveryPolicyConfigurationKey.FairPlayLicenseAcquisitionUrl, acquisitionUrl.ToString() },
{ AssetDeliveryPolicyConfigurationKey.CommonEncryptionIVForCbcs, configFP.ContentEncryptionIV }
};
var assetDeliveryPolicy = _context.AssetDeliveryPolicies.Create(
"FairPlay AssetDeliveryPolicy",
AssetDeliveryPolicyType.DynamicCommonEncryptionCbcs,
AssetDeliveryProtocol.HLS,
assetDeliveryPolicyConfiguration);
// Add AssetDelivery Policy to the asset
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
}
static public void CreateAssetDeliveryPolicy(IAsset asset, IContentKey key)
{
Uri keyAcquisitionUri = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
string envelopeEncryptionIV = Convert.ToBase64String(GetRandomBuffer(16));
// The following policy configuration specifies:
// key url that will have KID=<Guid> appended to the envelope and
// the Initialization Vector (IV) to use for the envelope encryption.
Dictionary <AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration =
new Dictionary <AssetDeliveryPolicyConfigurationKey, string>
{
{ AssetDeliveryPolicyConfigurationKey.EnvelopeKeyAcquisitionUrl, keyAcquisitionUri.ToString() }
};
IAssetDeliveryPolicy assetDeliveryPolicy =
_context.AssetDeliveryPolicies.Create(
"AssetDeliveryPolicy",
AssetDeliveryPolicyType.DynamicEnvelopeEncryption,
AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.HLS | AssetDeliveryProtocol.Dash,
assetDeliveryPolicyConfiguration);
// Add AssetDelivery Policy to the asset
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
Console.WriteLine();
Console.WriteLine("Adding Asset Delivery Policy: " +
assetDeliveryPolicy.AssetDeliveryPolicyType);
}
public static IAssetDeliveryPolicy CreateFairplayAssetDeliveryPolicy(string hexIv, out IContentKey contentKey)
{
MediaServicesCredentials amsCredentials = new MediaServicesCredentials();
AzureAdTokenCredentials tokenCredentials = new AzureAdTokenCredentials(amsCredentials.AmsAadTenantDomain,
new AzureAdClientSymmetricKey(amsCredentials.AmsClientId, amsCredentials.AmsClientSecret),
AzureEnvironments.AzureCloudEnvironment);
AzureAdTokenProvider tokenProvider = new AzureAdTokenProvider(tokenCredentials);
CloudMediaContext context = new CloudMediaContext(amsCredentials.AmsRestApiEndpoint, tokenProvider);
contentKey = MakeContentKey(context, ContentKeyType.CommonEncryptionCbcs);
Uri acquisitionUrl = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.FairPlay);
Dictionary <AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration =
new Dictionary <AssetDeliveryPolicyConfigurationKey, string>
{
{ AssetDeliveryPolicyConfigurationKey.FairPlayBaseLicenseAcquisitionUrl, acquisitionUrl.ToString() },
{ AssetDeliveryPolicyConfigurationKey.CommonEncryptionIVForCbcs, hexIv },
};
return(context.AssetDeliveryPolicies.Create(
"FairPlay AssetDeliveryPolicy",
AssetDeliveryPolicyType.DynamicCommonEncryptionCbcs,
AssetDeliveryProtocol.HLS,
assetDeliveryPolicyConfiguration));
}
public void EnsureEnvelopeKeyDeliveryUrlForCommonKeyFails()
{
IContentKey contentKey = null;
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null;
IContentKeyAuthorizationPolicyOption policyOption = null;
PlayReadyLicenseResponseTemplate responseTemplate = new PlayReadyLicenseResponseTemplate();
responseTemplate.LicenseTemplates.Add(new PlayReadyLicenseTemplate());
string licenseTemplate = MediaServicesLicenseTemplateSerializer.Serialize(responseTemplate);
try
{
contentKey = CreateTestKey(_mediaContext, ContentKeyType.CommonEncryption);
policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, String.Empty, ContentKeyDeliveryType.PlayReadyLicense, null, licenseTemplate, ContentKeyRestrictionType.Open);
List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption>
{
policyOption
};
contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey);
Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
}
finally
{
CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption);
}
}
public void EnsureNoneKeyDeliveryUrlFails()
{
IContentKey contentKey = null;
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null;
IContentKeyAuthorizationPolicyOption policyOption = null;
try
{
contentKey = CreateTestKey(_mediaContext, ContentKeyType.EnvelopeEncryption);
policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, String.Empty, ContentKeyDeliveryType.BaselineHttp, null, null, ContentKeyRestrictionType.Open);
List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption>
{
policyOption
};
contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey);
Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.None);
}
finally
{
CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption);
}
}
public void GetPlayReadyLicenseDeliveryUrl()
{
IContentKey contentKey = null;
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null;
IContentKeyAuthorizationPolicyOption policyOption = null;
try
{
contentKey = CreateTestKey(_mediaContext, ContentKeyType.CommonEncryption);
PlayReadyLicenseResponseTemplate responseTemplate = new PlayReadyLicenseResponseTemplate();
responseTemplate.LicenseTemplates.Add(new PlayReadyLicenseTemplate());
string licenseTemplate = MediaServicesLicenseTemplateSerializer.Serialize(responseTemplate);
policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, String.Empty, ContentKeyDeliveryType.PlayReadyLicense, null, licenseTemplate, ContentKeyRestrictionType.Open);
List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption>
{
policyOption
};
contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey);
Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense);
Assert.IsNotNull(keyDeliveryServiceUri);
Assert.IsTrue(0 == String.Compare(keyDeliveryServiceUri.AbsolutePath, "/PlayReady/", StringComparison.OrdinalIgnoreCase));
}
finally
{
CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption);
}
}
static public void CreateAssetDeliveryPolicyCencCbcs(IAsset asset, IContentKey key)
{
var kdPolicy = _context.ContentKeyAuthorizationPolicies.Where(p => p.Id == key.AuthorizationPolicyId).Single();
var kdOption = kdPolicy.Options.Single(o => o.KeyDeliveryType == ContentKeyDeliveryType.FairPlay);
FairPlayConfiguration configFP = JsonConvert.DeserializeObject <FairPlayConfiguration>(kdOption.KeyDeliveryConfiguration);
// Get the FairPlay license service URL.
Uri acquisitionUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.FairPlay);
// The reason the below code replaces "https://" with "skd://" is because
// in the IOS player sample code which you obtained in Apple developer account,
// the player only recognizes a Key URL that starts with skd://.
// However, if you are using a customized player,
// you can choose whatever protocol you want.
// For example, "https".
Dictionary <AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration =
new Dictionary <AssetDeliveryPolicyConfigurationKey, string>
{
{ AssetDeliveryPolicyConfigurationKey.FairPlayLicenseAcquisitionUrl, acquisitionUrl.ToString().Replace("https://", "skd://") },
{ AssetDeliveryPolicyConfigurationKey.CommonEncryptionIVForCbcs, configFP.ContentEncryptionIV }
};
var assetDeliveryPolicy = _context.AssetDeliveryPolicies.Create(
"AssetDeliveryPolicy CommonEncryptionCbcs (HLS)",
AssetDeliveryPolicyType.DynamicCommonEncryptionCbcs,
AssetDeliveryProtocol.HLS,
assetDeliveryPolicyConfiguration);
// Add AssetDelivery Policy to the asset
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
}
public static void ClassInit(TestContext context)
{
//CreateCounters();
_mediaContext = WindowsAzureMediaServicesTestConfiguration.CreateCloudMediaContext();
IContentKeyAuthorizationPolicyOption policyOption = null;
for (int i = 0; i < 10; i++)
{
byte[] expectedKey = null;
IContentKey contentKey = GetKeyDeliveryUrlTests.CreateTestKey(_mediaContext, ContentKeyType.EnvelopeEncryption, out expectedKey);
policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, String.Empty, ContentKeyDeliveryType.BaselineHttp, null, null, ContentKeyRestrictionType.Open);
List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption>
{
policyOption
};
GetKeyDeliveryUrlTests.CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey);
Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
Assert.IsNotNull(keyDeliveryServiceUri);
string rawkey = EncryptionUtils.GetKeyIdAsGuid(contentKey.Id).ToString();
_testData.Add(new Tuple <Uri, string, string>(keyDeliveryServiceUri, TokenServiceClient.GetAuthTokenForKey(rawkey), GetKeyDeliveryUrlTests.GetString(expectedKey)));
}
}
public static IAssetDeliveryPolicy CreateAssetDeliveryPolicy(CloudMediaContext objCloudMediaContext, IContentKey objIContentKey)
{
Uri keyAcquisitionUri = objIContentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
string envelopeEncryptionIV = Convert.ToBase64String(CryptoUtils.GenerateCryptographicallyStrongRandomBytes(16));
// The following policy configuration specifies:
// key url that will have KID=<Guid> appended to the envelope and
// the Initialization Vector (IV) to use for the envelope encryption.
Dictionary <AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration = new Dictionary <AssetDeliveryPolicyConfigurationKey, string>
{
{ AssetDeliveryPolicyConfigurationKey.EnvelopeKeyAcquisitionUrl, keyAcquisitionUri.ToString() },
{ AssetDeliveryPolicyConfigurationKey.EnvelopeEncryptionIVAsBase64, envelopeEncryptionIV }
};
IAssetDeliveryPolicy objIAssetDeliveryPolicy = objCloudMediaContext.AssetDeliveryPolicies.Create(
"SmoothHLSDynamicEncryptionAssetDeliveryPolicy",
AssetDeliveryPolicyType.DynamicEnvelopeEncryption,
AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.HLS | AssetDeliveryProtocol.Dash,
assetDeliveryPolicyConfiguration);
// Add AssetDelivery Policy to the asset
//objIAsset.DeliveryPolicies.Add(objIAssetDeliveryPolicy);
Console.WriteLine();
Console.WriteLine("Adding Asset Delivery Policy: " + objIAssetDeliveryPolicy.AssetDeliveryPolicyType);
Console.WriteLine("Key Delivery URL = {0}", keyAcquisitionUri.ToString());
return(objIAssetDeliveryPolicy);
}
private static IAssetDeliveryPolicy CreateAssetDeliveryPolicy(IAsset asset, IContentKey key)
{
var policy = asset.DeliveryPolicies
.Where(p => p.AssetDeliveryProtocol == AssetDeliveryProtocol.HLS)
.SingleOrDefault();
if (policy != null)
{
policy.Delete();
}
Uri keyUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.Widevine);
var configuration = new Dictionary <AssetDeliveryPolicyConfigurationKey, string>();
configuration.Add(AssetDeliveryPolicyConfigurationKey.WidevineLicenseAcquisitionUrl, keyUrl.ToString());
policy = _mediaContext.AssetDeliveryPolicies.Create(
"WidevineDeliveryPolicy",
AssetDeliveryPolicyType.DynamicCommonEncryption,
AssetDeliveryProtocol.Dash,
configuration);
return(policy);
}
static void Main(string[] args)
{
// Create and cache the Media Services credentials in a static class variable.
_cachedCredentials = new MediaServicesCredentials(
_mediaServicesAccountName,
_mediaServicesAccountKey);
// Used the cached credentials to create CloudMediaContext.
_context = new CloudMediaContext(_cachedCredentials);
bool tokenRestriction = false;
string tokenTemplateString = null;
IContentKey key = CreateCommonTypeContentKey();
// Print out the key ID and Key in base64 string format
Console.WriteLine("Created key {0} with key value {1} ", key.Id, System.Convert.ToBase64String(key.GetClearKeyValue()));
Console.WriteLine("PlayReady License Key delivery URL: {0}", key.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense));
if (tokenRestriction)
{
tokenTemplateString = AddTokenRestrictedAuthorizationPolicy(key);
}
else
{
AddOpenAuthorizationPolicy(key);
}
Console.WriteLine("Added authorization policy: {0}", key.AuthorizationPolicyId);
Console.WriteLine();
Console.ReadLine();
}
static void Main(string[] args)
{
//
// Get all of the values we need from the App.Config
//
string mediaServicesAccountName = ConfigurationManager.AppSettings["MediaServiceAccountName"];
string mediaServicesAccountKey = ConfigurationManager.AppSettings["MediaServiceAccountKey"];
string clientId = ConfigurationManager.AppSettings["AcsAccountName"];
string clientSecret = ConfigurationManager.AppSettings["AcsAccountKey"];
string issuerString = ConfigurationManager.AppSettings["AcsEndpoint"];
string scopeString = ConfigurationManager.AppSettings["AcsScope"];
string signingKeyString = ConfigurationManager.AppSettings["AcsSigningKey"];
byte[] signingKey = Convert.FromBase64String(signingKeyString);
//
// Create the context to talk to Azure Media Services
//
MediaServicesCredentials creds = new MediaServicesCredentials(mediaServicesAccountName, mediaServicesAccountKey);
CloudMediaContext context = new CloudMediaContext(creds);
//
// Setup Media Services for Key Delivery of an Envelope Content Key with a Token Restriction.
// The GetTokenRestriction method has all of the details on how the ACS parameters from the App.Config
// are used to configure the token validation logic associated with delivering the content key.
//
List <ContentKeyAuthorizationPolicyRestriction> restrictions = GetTokenRestriction("Token Restriction using token from ACS", issuerString, scopeString, signingKey);
IContentKey contentKey = SetupContentKey(context, restrictions);
//
// Now simulate a client downloading the content key to use for playback by
// using ACS to get an authentication token and using the token to download
// the Envelope key from the Key Delivery service.
//
string authToken = GetToken(clientId, clientSecret, scopeString, issuerString);
Uri keyUrl = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
using (WebClient client = new WebClient())
{
Console.WriteLine("Token=Bearer " + authToken);
client.Headers["Authorization"] = "Bearer " + authToken;
byte[] downloadedKeyValue;
try
{
downloadedKeyValue = client.DownloadData(keyUrl);
Console.ForegroundColor = ConsoleColor.Green;
Console.WriteLine("\nContent Key acquired successfully!");
}
catch (Exception ex)
{
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("\nKey acquisition failed.\n{0}", ex.Message);
}
}
Console.ResetColor();
Console.ReadLine();
}
private static Dictionary <AssetDeliveryPolicyConfigurationKey, String> CreateDeliveryPolicyConfiguration(List <string> assetDeliveryPolicyContentProtectionNames, IContentKeyAuthorizationPolicyOption fairplayPolicyOpiton)
{
Dictionary <AssetDeliveryPolicyConfigurationKey, String> configKeys = new Dictionary <AssetDeliveryPolicyConfigurationKey, String>();
foreach (var c in assetDeliveryPolicyContentProtectionNames)
{
MediaServicesHelper.AssetDeliveryContentProtection cp = MediaServicesHelper.AMSAssetDeliveryContentProtection[c];
switch (cp)
{
case MediaServicesHelper.AssetDeliveryContentProtection.AESClearKey:
// Get the Key Delivery Base Url by removing the Query parameter.
// The Dynamic Encryption service will automatically add the correct key identifier to the url
// when it generates the Envelope encrypted content manifest. Omitting the IV will also cause
// the Dynamice Encryption service to generate a deterministic IV for the content automatically.
// By using the EnvelopeBaseKeyAcquisitionUrl and omitting the IV, this allows the AssetDelivery
// policy to be reused by more than one asset.
IContentKey dummyKey1 = CreateDummyContentKey(ContentKeyType.EnvelopeEncryption);
Uri aesKeyAcquisitionUri = dummyKey1.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
UriBuilder uriBuilder1 = new UriBuilder(aesKeyAcquisitionUri);
uriBuilder1.Query = String.Empty;
aesKeyAcquisitionUri = uriBuilder1.Uri;
// The following policy configuration specifies:
// key url that will have KID=<Guid> appended to the envelope and
// the Initialization Vector (IV) to use for the envelope encryption.
configKeys.Add(AssetDeliveryPolicyConfigurationKey.EnvelopeBaseKeyAcquisitionUrl, aesKeyAcquisitionUri.ToString());
dummyKey1.Delete();
break;
case MediaServicesHelper.AssetDeliveryContentProtection.PlayReady:
IContentKey dummyKey2 = CreateDummyContentKey(ContentKeyType.CommonEncryption);
Uri playreadyKeyAcquisitionUrl = dummyKey2.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense);
configKeys.Add(AssetDeliveryPolicyConfigurationKey.PlayReadyLicenseAcquisitionUrl, playreadyKeyAcquisitionUrl.ToString());
dummyKey2.Delete();
break;
case MediaServicesHelper.AssetDeliveryContentProtection.Widevine:
IContentKey dummyKey3 = CreateDummyContentKey(ContentKeyType.CommonEncryption);
Uri widevineKeyAcquisitionUrl = dummyKey3.GetKeyDeliveryUrl(ContentKeyDeliveryType.Widevine);
UriBuilder uriBuilder3 = new UriBuilder(widevineKeyAcquisitionUrl);
uriBuilder3.Query = String.Empty;
widevineKeyAcquisitionUrl = uriBuilder3.Uri;
configKeys.Add(AssetDeliveryPolicyConfigurationKey.WidevineLicenseAcquisitionUrl, widevineKeyAcquisitionUrl.ToString());
dummyKey3.Delete();
break;
case MediaServicesHelper.AssetDeliveryContentProtection.FairPlay:
IContentKey dummyKey4 = CreateDummyContentKey(ContentKeyType.CommonEncryption);
Uri fairplayKeyAcquisitionUrl = dummyKey4.GetKeyDeliveryUrl(ContentKeyDeliveryType.FairPlay);
configKeys.Add(AssetDeliveryPolicyConfigurationKey.FairPlayLicenseAcquisitionUrl, fairplayKeyAcquisitionUrl.ToString().Replace("https://", "skd://"));
dummyKey4.Delete();
FairPlayConfiguration fairplayConfig = JsonConvert.DeserializeObject <FairPlayConfiguration>(fairplayPolicyOpiton.KeyDeliveryConfiguration);
configKeys.Add(AssetDeliveryPolicyConfigurationKey.CommonEncryptionIVForCbcs, fairplayConfig.ContentEncryptionIV);
break;
}
}
return(configKeys);
}
private void FetchKeyWithSWTToken(string audience, string issuer)
{
IContentKey contentKey = null;
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null;
IContentKeyAuthorizationPolicyOption policyOption = null;
try
{
byte[] expectedKey = null;
contentKey = CreateTestKey(_mediaContext, ContentKeyType.EnvelopeEncryption, out expectedKey);
var contentKeyId = Guid.Parse(contentKey.Id.Replace("nb:kid:UUID:", String.Empty));
TokenRestrictionTemplate tokenRestrictionTemplate = new TokenRestrictionTemplate(TokenType.SWT);
tokenRestrictionTemplate.PrimaryVerificationKey = new SymmetricVerificationKey();
// the default constructor automatically generates a random key
tokenRestrictionTemplate.Audience = audience;
tokenRestrictionTemplate.Issuer = issuer;
tokenRestrictionTemplate.TokenType = TokenType.SWT;
tokenRestrictionTemplate.RequiredClaims.Add(new TokenClaim(TokenClaim.ContentKeyIdentifierClaimType,
contentKeyId.ToString()));
string optionName = "GetHlsKeyDeliveryUrlAndFetchKeyWithSWTAuthentication";
string requirements = TokenRestrictionTemplateSerializer.Serialize(tokenRestrictionTemplate);
ContentKeyRestrictionType restrictionType = ContentKeyRestrictionType.TokenRestricted;
var _testOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, optionName,
ContentKeyDeliveryType.BaselineHttp, requirements, null, restrictionType);
List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption>
{
_testOption
};
contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey);
Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
Assert.IsNotNull(keyDeliveryServiceUri);
Assert.IsTrue(keyDeliveryServiceUri.Host.StartsWith(_mediaContext.Credentials.ClientId));
KeyDeliveryServiceClient keyClient = new KeyDeliveryServiceClient(RetryPolicy.DefaultFixed);
string swtTokenString = TokenRestrictionTemplateSerializer.GenerateTestToken(tokenRestrictionTemplate,
tokenRestrictionTemplate.PrimaryVerificationKey, contentKeyId, DateTime.Now.AddDays(2));
byte[] key = keyClient.AcquireHlsKeyWithBearerHeader(keyDeliveryServiceUri, swtTokenString);
string expectedString = GetString(expectedKey);
string fetchedString = GetString(key);
Assert.AreEqual(expectedString, fetchedString);
}
finally
{
CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption);
}
}
private void FetchKeyWithJWTAuth(string audience, string issuer)
{
IContentKey contentKey = null;
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null;
IContentKeyAuthorizationPolicyOption policyOption = null;
try
{
byte[] expectedKey = null;
contentKey = CreateTestKey(_mediaContext, ContentKeyType.EnvelopeEncryption, out expectedKey);
var templatex509Certificate2 = new X509Certificate2("amscer.pfx", "AMSGIT");
SigningCredentials cred = new X509SigningCredentials(templatex509Certificate2);
TokenRestrictionTemplate tokenRestrictionTemplate = new TokenRestrictionTemplate(TokenType.JWT);
tokenRestrictionTemplate.PrimaryVerificationKey = new X509CertTokenVerificationKey(templatex509Certificate2);
tokenRestrictionTemplate.Audience = audience;
tokenRestrictionTemplate.Issuer = issuer;
string optionName = "GetHlsKeyDeliveryUrlAndFetchKeyWithJWTAuthentication";
string requirements = TokenRestrictionTemplateSerializer.Serialize(tokenRestrictionTemplate);
policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, optionName,
ContentKeyDeliveryType.BaselineHttp, requirements, null, ContentKeyRestrictionType.TokenRestricted);
JwtSecurityToken token = new JwtSecurityToken(issuer: tokenRestrictionTemplate.Issuer,
audience: tokenRestrictionTemplate.Audience, notBefore: DateTime.Now.AddMinutes(-5),
expires: DateTime.Now.AddMinutes(5), signingCredentials: cred);
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
string jwtTokenString = handler.WriteToken(token);
List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption>
{
policyOption
};
contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey);
Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
Assert.IsNotNull(keyDeliveryServiceUri);
// Enable once all accounts are enabled for per customer Key Delivery Urls
//Assert.IsTrue(keyDeliveryServiceUri.Host.StartsWith(_mediaContext.Credentials.ClientId));
KeyDeliveryServiceClient keyClient = new KeyDeliveryServiceClient(RetryPolicy.DefaultFixed);
byte[] key = keyClient.AcquireHlsKeyWithBearerHeader(keyDeliveryServiceUri, jwtTokenString);
string expectedString = GetString(expectedKey);
string fetchedString = GetString(key);
Assert.AreEqual(expectedString, fetchedString);
}
finally
{
CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption);
}
}
public static void ApplyMultiDrmAuthorizationPolicyToAsset(string id)
{
IAsset asset = _context.Assets.Where(a => a.Id == id).FirstOrDefault();
if (asset == null)
{
Console.WriteLine("Error: Asset {0} Not Found", id);
}
else
{
System.Console.WriteLine("Asset Name = {0}", asset.Name);
DeleteMultiDrmAuthorizationPolicyToAsset(id);
IContentKey keyCENC = CreateContentKeyCommonType(asset);
Console.WriteLine("Created CENC key {0} for the asset {1} ", keyCENC.Id, asset.Id);
Console.WriteLine("PlayReady License Key delivery URL: {0}", keyCENC.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense));
Console.WriteLine("Widevine License Key delivery URL: {0}", keyCENC.GetKeyDeliveryUrl(ContentKeyDeliveryType.Widevine));
IContentKey keyCENCcbcs = CreateContentKeyCommonCBCType(asset);
Console.WriteLine("Created CENC-cbcs key {0} for the asset {1} ", keyCENCcbcs.Id, asset.Id);
Console.WriteLine("FairPlay License Key delivery URL: {0}", keyCENCcbcs.GetKeyDeliveryUrl(ContentKeyDeliveryType.FairPlay));
Console.WriteLine();
IContentKeyAuthorizationPolicy policyCENC = CreateMultiDrmAuthorizationPolicyCommonType();
keyCENC.AuthorizationPolicyId = policyCENC.Id;
keyCENC = keyCENC.UpdateAsync().Result;
Console.WriteLine("Added authorization policy to CENC Key: {0}", keyCENC.AuthorizationPolicyId);
IContentKeyAuthorizationPolicy policyCENCcbcs = CreateMultiDrmAuthorizationPolicyCommonCBCType();
keyCENCcbcs.AuthorizationPolicyId = policyCENCcbcs.Id;
keyCENCcbcs = keyCENCcbcs.UpdateAsync().Result;
Console.WriteLine("Added authorization policy to CENC-cbcs Key: {0}", keyCENCcbcs.AuthorizationPolicyId);
Console.WriteLine();
CreateAssetDeliveryPolicyCenc(asset, keyCENC);
CreateAssetDeliveryPolicyCencCbcs(asset, keyCENCcbcs);
Console.WriteLine("Created asset delivery policy.\n");
string url = GetStreamingOriginLocator(asset);
Console.WriteLine("Created locator.");
Console.WriteLine("Encrypted Smooth+PlayReady URL: {0}/manifest", url);
Console.WriteLine("Encrypted MPEG-DASH URL: {0}/manifest(format=mpd-time-csf)", url);
Console.WriteLine("Encrypted HLS+FairPlay URL: {0}/manifest(format=m3u8-aapl)", url);
}
}
static void Main(string[] args)
{
AzureAdTokenCredentials tokenCredentials =
new AzureAdTokenCredentials(_AADTenantDomain,
new AzureAdClientSymmetricKey(_AMSClientId, _AMSClientSecret),
AzureEnvironments.AzureCloudEnvironment);
var tokenProvider = new AzureAdTokenProvider(tokenCredentials);
_context = new CloudMediaContext(new Uri(_RESTAPIEndpoint), tokenProvider);
bool tokenRestriction = true;
string tokenTemplateString = null;
IContentKey key = CreateCommonTypeContentKey();
// Print out the key ID and Key in base64 string format
Console.WriteLine("Created key {0} with key value {1} ",
key.Id, System.Convert.ToBase64String(key.GetClearKeyValue()));
Console.WriteLine("PlayReady License Key delivery URL: {0}",
key.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense));
Console.WriteLine("Widevine License Key delivery URL: {0}",
key.GetKeyDeliveryUrl(ContentKeyDeliveryType.Widevine));
if (tokenRestriction)
{
tokenTemplateString = AddTokenRestrictedAuthorizationPolicy(key);
}
else
{
AddOpenAuthorizationPolicy(key);
}
Console.WriteLine("Added authorization policy: {0}",
key.AuthorizationPolicyId);
Console.WriteLine();
Console.ReadLine();
}
static public IAssetDeliveryPolicy CreateAssetDeliveryPolicyCENC(IAsset asset, IContentKey key, AssetDeliveryProtocol assetdeliveryprotocol, string name, CloudMediaContext _context, Uri playreadyAcquisitionUrl = null, bool playreadyEncodeLAURLForSilverlight = false, string playreadyCustomAttributes = null, string widevineAcquisitionUrl = null)
{
string stringacquisitionUrl;
if (playreadyEncodeLAURLForSilverlight && playreadyAcquisitionUrl != null)
{
stringacquisitionUrl = playreadyAcquisitionUrl.ToString().Replace("&", "%26");
}
else
{
if (playreadyAcquisitionUrl == null)
{
playreadyAcquisitionUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense);
}
stringacquisitionUrl = System.Security.SecurityElement.Escape(playreadyAcquisitionUrl.ToString());
}
Dictionary <AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration = new Dictionary <AssetDeliveryPolicyConfigurationKey, string>
{
{
AssetDeliveryPolicyConfigurationKey.PlayReadyLicenseAcquisitionUrl, stringacquisitionUrl
},
};
if (playreadyCustomAttributes != null) // let's add custom attributes
{
assetDeliveryPolicyConfiguration.Add(AssetDeliveryPolicyConfigurationKey.PlayReadyCustomAttributes, playreadyCustomAttributes);
}
// Widevine
if (widevineAcquisitionUrl != null) // let's add Widevine
{
assetDeliveryPolicyConfiguration.Add(AssetDeliveryPolicyConfigurationKey.WidevineLicenseAcquisitionUrl, widevineAcquisitionUrl);
}
var assetDeliveryPolicy = _context.AssetDeliveryPolicies.Create(
name,
AssetDeliveryPolicyType.DynamicCommonEncryption,
assetdeliveryprotocol,
assetDeliveryPolicyConfiguration);
// Add AssetDelivery Policy to the asset
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
return(assetDeliveryPolicy);
}
public void GetWidevineKeyDeliveryUrlAndFetchLicense()
{
IContentKey contentKey = null;
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null;
IContentKeyAuthorizationPolicyOption policyOption = null;
try
{
byte[] expectedKey = null;
contentKey = CreateTestKey(_mediaContext, ContentKeyType.CommonEncryption, out expectedKey);
policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, String.Empty, ContentKeyDeliveryType.Widevine, null, "{}", ContentKeyRestrictionType.Open);
List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption>
{
policyOption
};
contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey);
Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.Widevine);
Assert.IsNotNull(keyDeliveryServiceUri);
KeyDeliveryServiceClient keyClient = new KeyDeliveryServiceClient(RetryPolicy.DefaultFixed);
string rawkey = EncryptionUtils.GetKeyIdAsGuid(contentKey.Id).ToString();
string payload = "CAEShAEKTAgAEkgAAAACAAAQWPXbhtb/q43f3SfuC2VP3q0jeAECW3emQkWn2wXCYVOnvlWPDNqh8VVIB4GmsNA8eVVFigXkQWIGN0GlgMKjpUESLAoqChQIARIQJMPCzl2bViyMQEtyK/gtmRABGhAyNWY3ODMzMTcyMmJjM2EyGAEgv5iQkAUaIC3ON1zVgeV0rP7w2VmVLGorqClcMQO4BdbHPyk3GsnY";
byte[] license = keyClient.AcquireWidevineLicenseWithBearerHeader(
keyDeliveryServiceUri,
TokenServiceClient.GetAuthTokenForKey(rawkey),
Convert.FromBase64String(payload));
string expectedString = Convert.ToBase64String(license);
Assert.AreEqual("CAIS", expectedString.Substring(0, 4));
}
finally
{
CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption);
}
}
//configure dynamic PlayReady protection of an IAsset using an IContentkey
static public void CreateAssetDeliveryPolicy(CloudMediaContext objCloudMediaContext, IAsset objIAsset, IContentKey objIContentKey)
{
Uri acquisitionUrl = objIContentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense);
Dictionary <AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration = new Dictionary <AssetDeliveryPolicyConfigurationKey, string>
{
{ AssetDeliveryPolicyConfigurationKey.PlayReadyLicenseAcquisitionUrl, acquisitionUrl.ToString() },
};
var assetDeliveryPolicy = objCloudMediaContext.AssetDeliveryPolicies.Create(
"AssetDeliveryPolicy",
AssetDeliveryPolicyType.DynamicCommonEncryption,
AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.Dash,
assetDeliveryPolicyConfiguration);
// Add AssetDelivery Policy to the asset
objIAsset.DeliveryPolicies.Add(assetDeliveryPolicy);
Console.WriteLine("Adding Asset Delivery Policy: " + assetDeliveryPolicy.AssetDeliveryPolicyType);
}
static public IAssetDeliveryPolicy CreateAssetDeliveryPolicyCENC(IAsset asset, IContentKey key, AssetDeliveryProtocol assetdeliveryprotocol, string name, CloudMediaContext _context)
{
Uri acquisitionUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense);
Dictionary <AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration = new Dictionary <AssetDeliveryPolicyConfigurationKey, string>
{
{ AssetDeliveryPolicyConfigurationKey.PlayReadyLicenseAcquisitionUrl, acquisitionUrl.ToString() },
};
var assetDeliveryPolicy = _context.AssetDeliveryPolicies.Create(
name,
AssetDeliveryPolicyType.DynamicCommonEncryption,
assetdeliveryprotocol,
assetDeliveryPolicyConfiguration);
// Add AssetDelivery Policy to the asset
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
return(assetDeliveryPolicy);
}
public void GetHlsKeyDeliveryUrlAndFetchKey()
{
IContentKey contentKey = null;
IContentKeyAuthorizationPolicy contentKeyAuthorizationPolicy = null;
IContentKeyAuthorizationPolicyOption policyOption = null;
try
{
byte[] expectedKey = null;
contentKey = CreateTestKey(_mediaContext, ContentKeyType.EnvelopeEncryption, out expectedKey);
policyOption = ContentKeyAuthorizationPolicyOptionTests.CreateOption(_mediaContext, String.Empty, ContentKeyDeliveryType.BaselineHttp, null, null, ContentKeyRestrictionType.Open);
List <IContentKeyAuthorizationPolicyOption> options = new List <IContentKeyAuthorizationPolicyOption>
{
policyOption
};
contentKeyAuthorizationPolicy = CreateTestPolicy(_mediaContext, String.Empty, options, ref contentKey);
Uri keyDeliveryServiceUri = contentKey.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
Assert.IsNotNull(keyDeliveryServiceUri);
// Enable once all accounts are enabled for per customer Key Delivery Urls
//Assert.IsTrue(keyDeliveryServiceUri.Host.StartsWith(_mediaContext.Credentials.ClientId));
KeyDeliveryServiceClient keyClient = new KeyDeliveryServiceClient(RetryPolicy.DefaultFixed);
string rawkey = EncryptionUtils.GetKeyIdAsGuid(contentKey.Id).ToString();
byte[] key = keyClient.AcquireHlsKey(keyDeliveryServiceUri, TokenServiceClient.GetAuthTokenForKey(rawkey));
string expectedString = GetString(expectedKey);
string fetchedString = GetString(key);
Assert.AreEqual(expectedString, fetchedString);
}
finally
{
CleanupKeyAndPolicy(contentKey, contentKeyAuthorizationPolicy, policyOption);
}
}
private static IAssetDeliveryPolicy CreateAssetDeliveryPolicy(IAsset asset, IContentKey key)
{
var policy = asset.DeliveryPolicies
.Where(p => p.AssetDeliveryProtocol == AssetDeliveryProtocol.HLS)
.SingleOrDefault();
if (policy != null)
{
policy.Delete();
}
Uri keyUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.FairPlay);
var configuration = new Dictionary <AssetDeliveryPolicyConfigurationKey, string>();
AssetDeliveryPolicyType policyType;
var kdUrl = keyUrl.ToString().Replace("https://", "skd://");
configuration.Add(AssetDeliveryPolicyConfigurationKey.FairPlayLicenseAcquisitionUrl, kdUrl);
var kdPolicy = _mediaContext.ContentKeyAuthorizationPolicies.Where(p => p.Id == key.AuthorizationPolicyId).Single();
var kdOption = kdPolicy.Options.Single(o => o.KeyDeliveryType == ContentKeyDeliveryType.FairPlay);
FairPlayConfiguration configFP = JsonConvert.DeserializeObject <FairPlayConfiguration>(kdOption.KeyDeliveryConfiguration);
configuration.Add(AssetDeliveryPolicyConfigurationKey.CommonEncryptionIVForCbcs, configFP.ContentEncryptionIV);
policyType = AssetDeliveryPolicyType.DynamicCommonEncryptionCbcs;
policy = _mediaContext.AssetDeliveryPolicies.Create(
"FairPlayDeliveryPolicy",
policyType,
AssetDeliveryProtocol.HLS,
configuration);
return(policy);
}
static public IAssetDeliveryPolicy CreateAssetDeliveryPolicyAES(IAsset asset, IContentKey key, AssetDeliveryProtocol assetdeliveryprotocol, string name, CloudMediaContext _context, Uri keyAcquisitionUri)
{
// if user does not specify a custom LA URL, let's use the AES key server from Azure Media Services
if (keyAcquisitionUri == null)
{
keyAcquisitionUri = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
}
// let's key the url with the key id parameter
UriBuilder uriBuilder = new UriBuilder(keyAcquisitionUri);
uriBuilder.Query = String.Empty;
keyAcquisitionUri = uriBuilder.Uri;
// Removed in March 2016. In order to use EnvelopeBaseKeyAcquisitionUrl and reuse the same policy for several assets
//string envelopeEncryptionIV = Convert.ToBase64String(GetRandomBuffer(16));
// The following policy configuration specifies:
// key url that will have KID=<Guid> appended to the envelope and
// the Initialization Vector (IV) to use for the envelope encryption.
Dictionary <AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration =
new Dictionary <AssetDeliveryPolicyConfigurationKey, string>
{
{ AssetDeliveryPolicyConfigurationKey.EnvelopeBaseKeyAcquisitionUrl, keyAcquisitionUri.ToString() }
//{AssetDeliveryPolicyConfigurationKey.EnvelopeKeyAcquisitionUrl, keyAcquisitionUri.ToString()},
//{AssetDeliveryPolicyConfigurationKey.EnvelopeEncryptionIVAsBase64, envelopeEncryptionIV}
};
IAssetDeliveryPolicy assetDeliveryPolicy =
_context.AssetDeliveryPolicies.Create(
name,
AssetDeliveryPolicyType.DynamicEnvelopeEncryption,
assetdeliveryprotocol,
assetDeliveryPolicyConfiguration);
// Add AssetDelivery Policy to the asset
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
return(assetDeliveryPolicy);
}
private void buttonAzureSettings_Click(object sender, EventArgs e)
{
IContentKey key = _context.ContentKeys.Where(k => k.ContentKeyType == ContentKeyType.CommonEncryption).FirstOrDefault();
if (key != null)
{
try
{
Uri myUri = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense);
if (myUri != null)
{
textBoxLAurl.Text = myUri.ToString();
}
}
catch
{
}
}
textBoxkeyseed.Text = string.Empty;
textBoxkeyid.Text = Guid.NewGuid().ToString();
textBoxcontentkey.Text = Convert.ToBase64String(DynamicEncryption.GetRandomBuffer(16));
}
private static void CreateAssetDeliveryPolicy(IAsset asset, IContentKey key)
{
var keyAcquisitionUri = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
var envelopeEncryptionInitializationVector = Convert.ToBase64String(GetCryptoStrongSequence(16));
// The following policy configuration specifies:
// key url that will have KID=<Guid> appended to the envelope and
// the Initialization Vector (IV) to use for the envelope encryption
var assetDeliveryPolicyConfiguration =
new Dictionary <AssetDeliveryPolicyConfigurationKey, string>
{
{ AssetDeliveryPolicyConfigurationKey.EnvelopeKeyAcquisitionUrl, keyAcquisitionUri.ToString() },
{ AssetDeliveryPolicyConfigurationKey.EnvelopeEncryptionIVAsBase64, envelopeEncryptionInitializationVector }
};
var assetDeliveryPolicy = _context.AssetDeliveryPolicies.
Create("Asset Delivery Policy",
AssetDeliveryPolicyType.DynamicEnvelopeEncryption,
AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.HLS,
assetDeliveryPolicyConfiguration);
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
}
public static void CreateAssetDeliveryPolicy(IAsset asset, IContentKey key)
{
// Get the PlayReady license service URL.
Uri acquisitionUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense);
// GetKeyDeliveryUrl for Widevine attaches the KID to the URL.
// For example: https://amsaccount1.keydelivery.mediaservices.windows.net/Widevine/?KID=268a6dcb-18c8-4648-8c95-f46429e4927c.
// The WidevineBaseLicenseAcquisitionUrl (used below) also tells Dynamaic Encryption
// to append /? KID =< keyId > to the end of the url when creating the manifest.
// As a result Widevine license aquisition URL will have KID appended twice,
// so we need to remove the KID that in the URL when we call GetKeyDeliveryUrl.
Uri widevineUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.Widevine);
UriBuilder uriBuilder = new UriBuilder(widevineUrl);
uriBuilder.Query = String.Empty;
widevineUrl = uriBuilder.Uri;
Dictionary<AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration =
new Dictionary<AssetDeliveryPolicyConfigurationKey, string>
{
{AssetDeliveryPolicyConfigurationKey.PlayReadyLicenseAcquisitionUrl, acquisitionUrl.ToString()},
{AssetDeliveryPolicyConfigurationKey.WidevineBaseLicenseAcquisitionUrl, widevineUrl.ToString()}
};
var assetDeliveryPolicy = _context.AssetDeliveryPolicies.Create(
"AssetDeliveryPolicy",
AssetDeliveryPolicyType.DynamicCommonEncryption,
AssetDeliveryProtocol.Dash,
assetDeliveryPolicyConfiguration);
// Add AssetDelivery Policy to the asset
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
}
static public IAssetDeliveryPolicy CreateAssetDeliveryPolicyAES(IAsset asset, IContentKey key, AssetDeliveryProtocol assetdeliveryprotocol, string name, CloudMediaContext _context, Uri keyAcquisitionUri)
{
// if user does not specify a custom LA URL, let's use the AES key server from Azure Media Services
if (keyAcquisitionUri == null)
{
keyAcquisitionUri = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
}
// let's key the url with the key id parameter
UriBuilder uriBuilder = new UriBuilder(keyAcquisitionUri);
uriBuilder.Query = String.Empty;
keyAcquisitionUri = uriBuilder.Uri;
// Removed in March 2016. In order to use EnvelopeBaseKeyAcquisitionUrl and reuse the same policy for several assets
//string envelopeEncryptionIV = Convert.ToBase64String(GetRandomBuffer(16));
// The following policy configuration specifies:
// key url that will have KID=<Guid> appended to the envelope and
// the Initialization Vector (IV) to use for the envelope encryption.
Dictionary<AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration =
new Dictionary<AssetDeliveryPolicyConfigurationKey, string>
{
{AssetDeliveryPolicyConfigurationKey.EnvelopeBaseKeyAcquisitionUrl, keyAcquisitionUri.ToString()}
//{AssetDeliveryPolicyConfigurationKey.EnvelopeKeyAcquisitionUrl, keyAcquisitionUri.ToString()},
//{AssetDeliveryPolicyConfigurationKey.EnvelopeEncryptionIVAsBase64, envelopeEncryptionIV}
};
IAssetDeliveryPolicy assetDeliveryPolicy =
_context.AssetDeliveryPolicies.Create(
name,
AssetDeliveryPolicyType.DynamicEnvelopeEncryption,
assetdeliveryprotocol,
assetDeliveryPolicyConfiguration);
// Add AssetDelivery Policy to the asset
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
return assetDeliveryPolicy;
}
static public IAssetDeliveryPolicy CreateAssetDeliveryPolicyCENC(IAsset asset, IContentKey key, AddDynamicEncryptionFrame1 form1, string name, CloudMediaContext _context, Uri playreadyAcquisitionUrl = null, bool playreadyEncodeLAURLForSilverlight = false, string widevineAcquisitionUrl = null)
{
Dictionary<AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration = new Dictionary<AssetDeliveryPolicyConfigurationKey, string>();
// PlayReady
if (form1.PlayReadyPackaging)
{
string stringPRacquisitionUrl;
if (playreadyEncodeLAURLForSilverlight && playreadyAcquisitionUrl != null)
{
stringPRacquisitionUrl = playreadyAcquisitionUrl.ToString().Replace("&", "%26");
}
else
{
if (playreadyAcquisitionUrl == null)
{
playreadyAcquisitionUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense);
}
stringPRacquisitionUrl = System.Security.SecurityElement.Escape(playreadyAcquisitionUrl.ToString());
}
assetDeliveryPolicyConfiguration.Add(AssetDeliveryPolicyConfigurationKey.PlayReadyLicenseAcquisitionUrl, stringPRacquisitionUrl);
if (form1.PlayReadyCustomAttributes != null) // let's add custom attributes
{
assetDeliveryPolicyConfiguration.Add(AssetDeliveryPolicyConfigurationKey.PlayReadyCustomAttributes, form1.PlayReadyCustomAttributes);
}
}
// Widevine
if (form1.WidevinePackaging) // let's add Widevine
{
if (widevineAcquisitionUrl == null)
{
widevineAcquisitionUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.Widevine).ToString();
}
// let's get the url without the key id parameter
UriBuilder uriBuilder = new UriBuilder(widevineAcquisitionUrl);
uriBuilder.Query = String.Empty;
widevineAcquisitionUrl = uriBuilder.Uri.ToString();
assetDeliveryPolicyConfiguration.Add(AssetDeliveryPolicyConfigurationKey.WidevineBaseLicenseAcquisitionUrl, widevineAcquisitionUrl);
}
// let's check the protocol: DASH only if only Widevine packaging
var protocol = form1.GetAssetDeliveryProtocol;
if (!form1.PlayReadyPackaging && form1.WidevinePackaging)
{
protocol = AssetDeliveryProtocol.Dash;
}
var assetDeliveryPolicy = _context.AssetDeliveryPolicies.Create(
name,
AssetDeliveryPolicyType.DynamicCommonEncryption,
protocol,
assetDeliveryPolicyConfiguration
);
// Add AssetDelivery Policy to the asset
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
return assetDeliveryPolicy;
}
static public IAssetDeliveryPolicy CreateAssetDeliveryPolicyAES(IAsset asset, IContentKey key, AssetDeliveryProtocol assetdeliveryprotocol, string name, CloudMediaContext _context, Uri keyAcquisitionUri)
{
// if user does not specify a custom LA URL, let's use the AES key server from Azure Media Services
if (keyAcquisitionUri == null)
keyAcquisitionUri = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
string envelopeEncryptionIV = Convert.ToBase64String(GetRandomBuffer(16));
// The following policy configuration specifies:
// key url that will have KID=<Guid> appended to the envelope and
// the Initialization Vector (IV) to use for the envelope encryption.
Dictionary<AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration =
new Dictionary<AssetDeliveryPolicyConfigurationKey, string>
{
{AssetDeliveryPolicyConfigurationKey.EnvelopeKeyAcquisitionUrl, keyAcquisitionUri.ToString()},
{AssetDeliveryPolicyConfigurationKey.EnvelopeEncryptionIVAsBase64, envelopeEncryptionIV}
};
IAssetDeliveryPolicy assetDeliveryPolicy =
_context.AssetDeliveryPolicies.Create(
name,
AssetDeliveryPolicyType.DynamicEnvelopeEncryption,
assetdeliveryprotocol,
assetDeliveryPolicyConfiguration);
// Add AssetDelivery Policy to the asset
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
return assetDeliveryPolicy;
}
static public IAssetDeliveryPolicy CreateAssetDeliveryPolicyCENC(IAsset asset, IContentKey key, AssetDeliveryProtocol assetdeliveryprotocol, string name, CloudMediaContext _context, Uri playreadyAcquisitionUrl = null, bool playreadyEncodeLAURLForSilverlight = false, string playreadyCustomAttributes = null, string widevineAcquisitionUrl = null)
{
string stringacquisitionUrl;
if (playreadyEncodeLAURLForSilverlight && playreadyAcquisitionUrl != null)
{
stringacquisitionUrl = playreadyAcquisitionUrl.ToString().Replace("&", "%26");
}
else
{
if (playreadyAcquisitionUrl == null) playreadyAcquisitionUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense);
stringacquisitionUrl = System.Security.SecurityElement.Escape(playreadyAcquisitionUrl.ToString());
}
Dictionary<AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration = new Dictionary<AssetDeliveryPolicyConfigurationKey, string>
{
{
AssetDeliveryPolicyConfigurationKey.PlayReadyLicenseAcquisitionUrl, stringacquisitionUrl
},
};
if (playreadyCustomAttributes != null) // let's add custom attributes
{
assetDeliveryPolicyConfiguration.Add(AssetDeliveryPolicyConfigurationKey.PlayReadyCustomAttributes, playreadyCustomAttributes);
}
// Widevine
if (widevineAcquisitionUrl != null) // let's add Widevine
{
assetDeliveryPolicyConfiguration.Add(AssetDeliveryPolicyConfigurationKey.WidevineLicenseAcquisitionUrl, widevineAcquisitionUrl);
}
var assetDeliveryPolicy = _context.AssetDeliveryPolicies.Create(
name,
AssetDeliveryPolicyType.DynamicCommonEncryption,
assetdeliveryprotocol,
assetDeliveryPolicyConfiguration);
// Add AssetDelivery Policy to the asset
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
return assetDeliveryPolicy;
}
static public IAssetDeliveryPolicy CreateAssetDeliveryPolicyCENC(IAsset asset, IContentKey key, AddDynamicEncryptionFrame1 form1, string name, CloudMediaContext _context, Uri playreadyAcquisitionUrl = null, bool playreadyEncodeLAURLForSilverlight = false, string widevineAcquisitionUrl = null)
{
Dictionary <AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration = new Dictionary <AssetDeliveryPolicyConfigurationKey, string>();
// PlayReady
if (form1.PlayReadyPackaging)
{
string stringPRacquisitionUrl;
if (playreadyEncodeLAURLForSilverlight && playreadyAcquisitionUrl != null)
{
stringPRacquisitionUrl = playreadyAcquisitionUrl.ToString().Replace("&", "%26");
}
else
{
if (playreadyAcquisitionUrl == null)
{
playreadyAcquisitionUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense);
}
stringPRacquisitionUrl = System.Security.SecurityElement.Escape(playreadyAcquisitionUrl.ToString());
}
assetDeliveryPolicyConfiguration.Add(AssetDeliveryPolicyConfigurationKey.PlayReadyLicenseAcquisitionUrl, stringPRacquisitionUrl);
if (form1.PlayReadyCustomAttributes != null) // let's add custom attributes
{
assetDeliveryPolicyConfiguration.Add(AssetDeliveryPolicyConfigurationKey.PlayReadyCustomAttributes, form1.PlayReadyCustomAttributes);
}
}
// Widevine
if (form1.WidevinePackaging) // let's add Widevine
{
if (widevineAcquisitionUrl == null)
{
widevineAcquisitionUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.Widevine).ToString();
}
assetDeliveryPolicyConfiguration.Add(AssetDeliveryPolicyConfigurationKey.WidevineLicenseAcquisitionUrl, widevineAcquisitionUrl);
}
// let's check the protocol: DASH only if only Widevine packaging
var protocol = form1.GetAssetDeliveryProtocol;
if (!form1.PlayReadyPackaging && form1.WidevinePackaging)
{
protocol = AssetDeliveryProtocol.Dash;
}
var assetDeliveryPolicy = _context.AssetDeliveryPolicies.Create(
name,
AssetDeliveryPolicyType.DynamicCommonEncryption,
protocol,
assetDeliveryPolicyConfiguration
);
// Add AssetDelivery Policy to the asset
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
return(assetDeliveryPolicy);
}
static public void CreateAssetDeliveryPolicy(IAsset asset, IContentKey key)
{
Uri acquisitionUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense);
Dictionary<AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration =
new Dictionary<AssetDeliveryPolicyConfigurationKey, string>
{
{AssetDeliveryPolicyConfigurationKey.PlayReadyLicenseAcquisitionUrl, acquisitionUrl.ToString()},
};
var assetDeliveryPolicy = _context.AssetDeliveryPolicies.Create(
"AssetDeliveryPolicy",
AssetDeliveryPolicyType.DynamicCommonEncryption,
AssetDeliveryProtocol.SmoothStreaming,
assetDeliveryPolicyConfiguration);
// Add AssetDelivery Policy to the asset
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
Console.WriteLine();
Console.WriteLine("Adding Asset Delivery Policy: " +
assetDeliveryPolicy.AssetDeliveryPolicyType);
}
private static void CreateAssetDeliveryPolicy(MediaContextBase context, IAsset asset, IContentKey key)
{
Uri keyAcquisitionUri = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp);
string envelopeEncryptionIV = Convert.ToBase64String(GetRandomBuffer(16));
// The following policy configuration specifies:
// key url that will have KID=<Guid> appended to the envelope and
// the Initialization Vector (IV) to use for the envelope encryption.
Dictionary<AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration = new Dictionary<AssetDeliveryPolicyConfigurationKey, string>
{
{ AssetDeliveryPolicyConfigurationKey.EnvelopeKeyAcquisitionUrl, keyAcquisitionUri.ToString() },
{ AssetDeliveryPolicyConfigurationKey.EnvelopeEncryptionIVAsBase64, envelopeEncryptionIV }
};
IAssetDeliveryPolicy assetDeliveryPolicy = context.AssetDeliveryPolicies.Create(
"AssetDeliveryPolicy",
AssetDeliveryPolicyType.DynamicEnvelopeEncryption,
AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.HLS | AssetDeliveryProtocol.Dash,
assetDeliveryPolicyConfiguration);
// Add AssetDelivery Policy to the asset
asset.DeliveryPolicies.Add(assetDeliveryPolicy);
}
