public void ValidateEffectiveEncryptionStatusOfSmooth() { IAsset asset = JobTests.CreateSmoothAsset(_mediaContext, _filePaths, AssetCreationOptions.None); Assert.AreEqual(true, asset.IsStreamable); Assert.AreEqual(AssetType.SmoothStreaming, asset.AssetType); Assert.AreEqual(AssetCreationOptions.None, asset.Options); AssetDeliveryProtocol protocolsToTest = AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.Dash | AssetDeliveryProtocol.HLS | AssetDeliveryProtocol.Hds; List <TestCase> testCases = GetTestsCasesForProtocolCombination(protocolsToTest, AssetEncryptionState.ClearOutput); ValidateAssetEncryptionState(asset, testCases); SetupCommonPolicy(asset, AssetDeliveryProtocol.HLS | AssetDeliveryProtocol.Dash | AssetDeliveryProtocol.SmoothStreaming); UpdateTestCasesForAddedPolicy(testCases, asset.DeliveryPolicies); ValidateAssetEncryptionState(asset, testCases); CleanupAsset(asset); }
public void ValidateEffectiveEncryptionStatusOfSimulatedLiveStream() { IAsset asset = AssetTests.CreateAsset(_mediaContext, WindowsAzureMediaServicesTestConfiguration.SmallIsm, AssetCreationOptions.None); Assert.IsTrue(asset.IsStreamable); Assert.AreEqual(AssetType.SmoothStreaming, asset.AssetType); Assert.AreEqual(AssetCreationOptions.None, asset.Options); AssetDeliveryProtocol protocolsToTest = AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.Dash | AssetDeliveryProtocol.HLS | AssetDeliveryProtocol.Hds; List <TestCase> testCases = GetTestsCasesForProtocolCombination(protocolsToTest, AssetEncryptionState.ClearOutput); ValidateAssetEncryptionState(asset, testCases); SetupCommonPolicy(asset, AssetDeliveryProtocol.HLS | AssetDeliveryProtocol.Dash | AssetDeliveryProtocol.SmoothStreaming); UpdateTestCasesForAddedPolicy(testCases, asset.DeliveryPolicies); ValidateAssetEncryptionState(asset, testCases); CleanupAsset(asset); }
public void ValidateEffectiveEncryptionStatusOfStorageEncryptedSimulatedLiveStream() { IAsset asset = AssetTests.CreateAsset(_mediaContext, WindowsAzureMediaServicesTestConfiguration.SmallIsm, AssetCreationOptions.StorageEncrypted); Assert.IsTrue(asset.IsStreamable); Assert.AreEqual(AssetType.SmoothStreaming, asset.AssetType); Assert.AreEqual(AssetCreationOptions.StorageEncrypted, asset.Options); // There is no asset delivery policy so streaming should be blocked AssetDeliveryProtocol protocolsToTest = AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.Dash | AssetDeliveryProtocol.HLS | AssetDeliveryProtocol.Hds; List <TestCase> testCases = GetTestsCasesForProtocolCombination(protocolsToTest, AssetEncryptionState.StorageEncryptedWithNoDeliveryPolicy); ValidateAssetEncryptionState(asset, testCases); SetupEnvelopePolicy(asset, AssetDeliveryProtocol.HLS); UpdateTestCasesForAddedPolicy(testCases, asset.DeliveryPolicies); ValidateAssetEncryptionState(asset, testCases); SetupCommonPolicy(asset, AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.Dash); UpdateTestCasesForAddedPolicy(testCases, asset.DeliveryPolicies); ValidateAssetEncryptionState(asset, testCases); CleanupAsset(asset); }
/// <summary> /// Asynchronously creates an <see cref="IAssetDeliveryPolicy"/>. /// </summary> /// <param name="name">Friendly name for the policy.</param> /// <param name="policyType">Type of the policy.</param> /// <param name="deliveryProtocol">Delivery protocol.</param> /// <param name="configuration">Configuration.</param> /// <returns>An <see cref="IAssetDeliveryPolicy"/>.</returns> public Task <IAssetDeliveryPolicy> CreateAsync( string name, AssetDeliveryPolicyType policyType, AssetDeliveryProtocol deliveryProtocol, Dictionary <AssetDeliveryPolicyConfigurationKey, string> configuration) { IMediaDataServiceContext dataContext = this.MediaContext.MediaServicesClassFactory.CreateDataServiceContext(); var policy = new AssetDeliveryPolicyData { Name = name, }; ((IAssetDeliveryPolicy)policy).AssetDeliveryPolicyType = policyType; ((IAssetDeliveryPolicy)policy).AssetDeliveryProtocol = deliveryProtocol; ((IAssetDeliveryPolicy)policy).AssetDeliveryConfiguration = configuration; policy.SetMediaContext(this.MediaContext); dataContext.AddObject(DeliveryPolicySet, policy); MediaRetryPolicy retryPolicy = this.MediaContext.MediaServicesClassFactory.GetSaveChangesRetryPolicy(dataContext as IRetryPolicyAdapter); return(retryPolicy.ExecuteAsync <IMediaDataServiceResponse>(() => dataContext.SaveChangesAsync(policy)) .ContinueWith <IAssetDeliveryPolicy>( t => { t.ThrowIfFaulted(); return (AssetDeliveryPolicyData)t.Result.AsyncState; }, TaskContinuationOptions.ExecuteSynchronously)); }
public void TestGetEncryptionState() { IAsset asset = JobTests.CreateSmoothAsset(_mediaContext, _filePaths, AssetCreationOptions.None); AssetDeliveryProtocol protocolsToSet = AssetDeliveryProtocol.HLS | AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.Dash; Dictionary <AssetDeliveryPolicyConfigurationKey, string> configuration = new Dictionary <AssetDeliveryPolicyConfigurationKey, string>() { { AssetDeliveryPolicyConfigurationKey.EnvelopeBaseKeyAcquisitionUrl, "https://www.test.com/" }, { AssetDeliveryPolicyConfigurationKey.EnvelopeEncryptionIVAsBase64, Convert.ToBase64String(ContentKeyTests.GetRandomBuffer(16)) } }; IAssetDeliveryPolicy policy = _mediaContext.AssetDeliveryPolicies.Create("Test Policy", AssetDeliveryPolicyType.DynamicEnvelopeEncryption, protocolsToSet, configuration); IContentKey key = _mediaContext.ContentKeys.Create(Guid.NewGuid(), ContentKeyTests.GetRandomBuffer(16), "Test key", ContentKeyType.EnvelopeEncryption); asset.ContentKeys.Add(key); asset.DeliveryPolicies.Add(policy); AssetEncryptionState state = asset.GetEncryptionState(protocolsToSet); Assert.AreEqual(AssetEncryptionState.DynamicEnvelopeEncryption, state); state = asset.GetEncryptionState(AssetDeliveryProtocol.Dash | AssetDeliveryProtocol.Hds); Assert.AreEqual(AssetEncryptionState.NoSinglePolicyApplies, state); state = asset.GetEncryptionState(AssetDeliveryProtocol.Hds); Assert.AreEqual(AssetEncryptionState.BlockedByPolicy, state); CleanupAsset(asset); }
private AssetDeliveryProtocol GetDeliveryProtocols(ContentKeyDeliveryType[] deliveryTypes) { AssetDeliveryProtocol deliveryProtocols = AssetDeliveryProtocol.None; foreach (ContentKeyDeliveryType deliveryType in deliveryTypes) { switch (deliveryType) { case ContentKeyDeliveryType.BaselineHttp: deliveryProtocols = deliveryProtocols | Constant.Media.DeliveryProtocol.Aes; break; case ContentKeyDeliveryType.PlayReadyLicense: deliveryProtocols = deliveryProtocols | Constant.Media.DeliveryProtocol.DrmPlayReady; break; case ContentKeyDeliveryType.Widevine: deliveryProtocols = deliveryProtocols | Constant.Media.DeliveryProtocol.DrmWidevine; break; case ContentKeyDeliveryType.FairPlay: deliveryProtocols = deliveryProtocols | Constant.Media.DeliveryProtocol.DrmFairPlay; break; } } return(deliveryProtocols); }
public void ValidateEffectiveEncryptionStatusOfStorageEncryptedHls() { IAsset smoothAsset = JobTests.CreateSmoothAsset(_mediaContext, _filePaths, AssetCreationOptions.None); IAsset playReadyProtectedSmoothAsset = CreatePlayReadyProtectedSmoothAsset(smoothAsset); IAsset storageEncryptedHls = CreateHlsFromSmoothAsset(smoothAsset, AssetCreationOptions.StorageEncrypted); CleanupAsset(smoothAsset); Assert.AreEqual(true, storageEncryptedHls.IsStreamable); Assert.AreEqual(AssetType.MediaServicesHLS, storageEncryptedHls.AssetType); Assert.AreEqual(AssetCreationOptions.StorageEncrypted, storageEncryptedHls.Options); AssetDeliveryProtocol protocolsToTest = AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.Dash | AssetDeliveryProtocol.HLS | AssetDeliveryProtocol.Hds; List <TestCase> testCases = GetTestsCasesForProtocolCombination(protocolsToTest, AssetEncryptionState.StorageEncryptedWithNoDeliveryPolicy); ValidateAssetEncryptionState(storageEncryptedHls, testCases); SetupClearPolicy(storageEncryptedHls, AssetDeliveryProtocol.HLS); UpdateTestCasesForAddedPolicy(testCases, storageEncryptedHls.DeliveryPolicies); ValidateAssetEncryptionState(storageEncryptedHls, testCases); CleanupAsset(storageEncryptedHls); }
private void AddTestDeliveryPolicies(IAsset asset, AssetDeliveryProtocol protocol, AssetDeliveryPolicyType deliveryType) { if (deliveryType != AssetDeliveryPolicyType.None) { IAssetDeliveryPolicy policy = _mediaContext.AssetDeliveryPolicies.Create("Test Asset Delivery Policy", deliveryType, protocol, null); asset.DeliveryPolicies.Add(policy); } }
private IAssetDeliveryPolicy GetDeliveryPolicy(AssetDeliveryPolicyType policyType, Dictionary <AssetDeliveryPolicyConfigurationKey, string> policyConfig, string policyName, ContentKeyDeliveryType deliveryType) { IAssetDeliveryPolicy deliveryPolicy = GetEntityByName(MediaEntity.DeliveryPolicy, policyName, true) as IAssetDeliveryPolicy; if (deliveryPolicy == null) { AssetDeliveryProtocol policyProtocols = GetDeliveryProtocols(deliveryType); deliveryPolicy = _media.AssetDeliveryPolicies.Create(policyName, policyType, policyProtocols, policyConfig); } return(deliveryPolicy); }
private List <TestCase> GetTestsCasesForProtocolCombination(AssetDeliveryProtocol protocols, AssetEncryptionState expectedState) { List <TestCase> testCases = new List <TestCase>(); List <AssetDeliveryProtocol> combinationList = GetAllCombinationsOfDeliveryProtocol(protocols); foreach (AssetDeliveryProtocol combination in combinationList) { testCases.Add(new TestCase(combination, expectedState)); } return(testCases); }
private void SetupCommonPolicy(IAsset asset, AssetDeliveryProtocol protocol) { IContentKey key = _mediaContext.ContentKeys.Create(Guid.NewGuid(), ContentKeyTests.GetRandomBuffer(16), "Common Encryption Key", ContentKeyType.CommonEncryption); asset.ContentKeys.Add(key); Dictionary <AssetDeliveryPolicyConfigurationKey, string> config = new Dictionary <AssetDeliveryPolicyConfigurationKey, string>() { { AssetDeliveryPolicyConfigurationKey.PlayReadyLicenseAcquisitionUrl, "https://fakeKeyDeliveryurl.com/PlayReady" } }; IAssetDeliveryPolicy policy = _mediaContext.AssetDeliveryPolicies.Create("Clear Policy", AssetDeliveryPolicyType.DynamicCommonEncryption, protocol, config); asset.DeliveryPolicies.Add(policy); }
private void SetupEnvelopePolicy(IAsset asset, AssetDeliveryProtocol protocol) { IContentKey key = _mediaContext.ContentKeys.Create(Guid.NewGuid(), ContentKeyTests.GetRandomBuffer(16), "Envelope Encryption Key", ContentKeyType.EnvelopeEncryption); asset.ContentKeys.Add(key); Dictionary <AssetDeliveryPolicyConfigurationKey, string> config = new Dictionary <AssetDeliveryPolicyConfigurationKey, string>() { { AssetDeliveryPolicyConfigurationKey.EnvelopeBaseKeyAcquisitionUrl, "https://fakeKeyDeliveryurl.com/" }, { AssetDeliveryPolicyConfigurationKey.EnvelopeEncryptionIVAsBase64, Convert.ToBase64String(Guid.NewGuid().ToByteArray()) } // TODO: Remove this once no IV is supported }; IAssetDeliveryPolicy policy = _mediaContext.AssetDeliveryPolicies.Create("Clear Policy", AssetDeliveryPolicyType.DynamicEnvelopeEncryption, protocol, config); asset.DeliveryPolicies.Add(policy); }
/// <summary> /// Creates a delivery policy. /// </summary> /// <param name="name">Friendly name for the policy.</param> /// <param name="policyType">Type of the policy.</param> /// <param name="deliveryProtocol">Delivery protocol.</param> /// <param name="configuration">Configuration.</param> /// <returns>An <see cref="IAssetDeliveryPolicy"/>.</returns> public IAssetDeliveryPolicy Create( string name, AssetDeliveryPolicyType policyType, AssetDeliveryProtocol deliveryProtocol, Dictionary <AssetDeliveryPolicyConfigurationKey, string> configuration) { try { Task <IAssetDeliveryPolicy> task = this.CreateAsync(name, policyType, deliveryProtocol, configuration); task.Wait(); return(task.Result); } catch (AggregateException exception) { throw exception.InnerException; } }
public void ValidateEffectiveEncryptionStatusOfStorageEncryptedWmv() { IAsset asset = AssetTests.CreateAsset(_mediaContext, WindowsAzureMediaServicesTestConfiguration.SmallWmv, AssetCreationOptions.StorageEncrypted); Assert.AreEqual(false, asset.IsStreamable); Assert.AreEqual(AssetType.Unknown, asset.AssetType); Assert.AreEqual(AssetCreationOptions.StorageEncrypted, asset.Options); AssetDeliveryProtocol protocolsToTest = AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.Dash | AssetDeliveryProtocol.HLS | AssetDeliveryProtocol.Hds; List <TestCase> testCases = GetTestsCasesForProtocolCombination(protocolsToTest, AssetEncryptionState.Unsupported); ValidateAssetEncryptionState(asset, testCases); CleanupAsset(asset); }
internal static List <AssetDeliveryProtocol> GetIndividualProtocols(AssetDeliveryProtocol protocolsToSplit) { List <AssetDeliveryProtocol> protocolList = new List <AssetDeliveryProtocol>(); foreach (AssetDeliveryProtocol protocol in _allValues) { if ((protocol == AssetDeliveryProtocol.None) || (protocol == AssetDeliveryProtocol.All)) { continue; } if (protocolsToSplit.HasFlag(protocol)) { protocolList.Add(protocol); } } return(protocolList); }
private List <AssetDeliveryProtocol> GetAllCombinationsOfDeliveryProtocol(AssetDeliveryProtocol protocols) { // // Split the flags enumeration into single flag values. Meaning if they pass in (AssetDeliveryProtocol.Dash | AssetDeliveryProtocol.HLS) // then return a list with two entries ([0] = AssetDeliveryProtocol.Dash, [1] = AssetDeliveryProtocol.HLS). Used as input to create // all of the combinations with // List <AssetDeliveryProtocol> protocolsToCombineList = GetIndividualProtocols(protocols); Stack <AssetDeliveryProtocol> workingStack = new Stack <AssetDeliveryProtocol>(); List <AssetDeliveryProtocol> returnValue = new List <AssetDeliveryProtocol>(); for (int x = 1; x <= protocolsToCombineList.Count; x++) { AddCombinations(returnValue, protocolsToCombineList, workingStack, 0, x); } return(returnValue); }
private AssetDeliveryProtocol GetDeliveryProtocols(ContentKeyDeliveryType deliveryType) { AssetDeliveryProtocol deliveryProtocols = AssetDeliveryProtocol.None; switch (deliveryType) { case ContentKeyDeliveryType.BaselineHttp: deliveryProtocols = Constants.Media.DeliveryProtocol.Aes; break; case ContentKeyDeliveryType.PlayReadyLicense: deliveryProtocols = Constants.Media.DeliveryProtocol.DrmPlayReady; break; case ContentKeyDeliveryType.Widevine: deliveryProtocols = Constants.Media.DeliveryProtocol.DrmWidevine; break; } return(deliveryProtocols); }
public void ValidateEffectiveEncryptionStatusOfStorageEncryptedMultiBitRateMP4() { IAsset asset = CreateMbrMp4Asset(AssetCreationOptions.StorageEncrypted); Assert.AreEqual(true, asset.IsStreamable); Assert.AreEqual(AssetType.MultiBitrateMP4, asset.AssetType); Assert.AreEqual(AssetCreationOptions.StorageEncrypted, asset.Options); // There is no asset delivery policy so streaming should be blocked AssetDeliveryProtocol protocolsToTest = AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.Dash | AssetDeliveryProtocol.HLS | AssetDeliveryProtocol.Hds; List <TestCase> testCases = GetTestsCasesForProtocolCombination(protocolsToTest, AssetEncryptionState.StorageEncryptedWithNoDeliveryPolicy); ValidateAssetEncryptionState(asset, testCases); // now add a clear policy for Dash and retest SetupClearPolicy(asset, AssetDeliveryProtocol.Dash); UpdateTestCasesForAddedPolicy(testCases, asset.DeliveryPolicies); ValidateAssetEncryptionState(asset, testCases); // now add a clear policy for Hls and retest SetupEnvelopePolicy(asset, AssetDeliveryProtocol.HLS); UpdateTestCasesForAddedPolicy(testCases, asset.DeliveryPolicies); ValidateAssetEncryptionState(asset, testCases); // now add a clear policy for Smooth and retest SetupCommonPolicy(asset, AssetDeliveryProtocol.SmoothStreaming); UpdateTestCasesForAddedPolicy(testCases, asset.DeliveryPolicies); ValidateAssetEncryptionState(asset, testCases); CleanupAsset(asset); }
public void ValidateEffectiveEncryptionStatusOfPlayReadyProtectedSmooth() { IAsset asset = JobTests.CreateSmoothAsset(_mediaContext, _filePaths, AssetCreationOptions.None); IAsset playReadyProtectedSmoothAsset = CreatePlayReadyProtectedSmoothAsset(asset); Assert.AreEqual(true, playReadyProtectedSmoothAsset.IsStreamable); Assert.AreEqual(AssetType.SmoothStreaming, playReadyProtectedSmoothAsset.AssetType); Assert.AreEqual(AssetCreationOptions.CommonEncryptionProtected, playReadyProtectedSmoothAsset.Options); Assert.AreEqual(1, playReadyProtectedSmoothAsset.ContentKeys.Count); AssetDeliveryProtocol protocolsToTest = AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.Dash | AssetDeliveryProtocol.HLS; Assert.AreEqual(ContentKeyType.CommonEncryption, playReadyProtectedSmoothAsset.ContentKeys[0].ContentKeyType); ValidateAssetEncryptionState(playReadyProtectedSmoothAsset, protocolsToTest, AssetEncryptionState.StaticCommonEncryption); CleanupAsset(playReadyProtectedSmoothAsset); CleanupAsset(asset); }
private void AddCombinations(List <AssetDeliveryProtocol> output, List <AssetDeliveryProtocol> protocolsToCombineList, Stack <AssetDeliveryProtocol> workingStack, int offset, int length) { if (length == 0) { AssetDeliveryProtocol valueToAdd = AssetDeliveryProtocol.None; foreach (AssetDeliveryProtocol protocol in workingStack.ToList()) { valueToAdd |= protocol; } output.Add(valueToAdd); } else { for (int i = offset; i <= protocolsToCombineList.Count - length; ++i) { workingStack.Push(protocolsToCombineList[i]); AddCombinations(output, protocolsToCombineList, workingStack, i + 1, length - 1); workingStack.Pop(); } } }
public void ValidateEffectiveEncryptionStatusOfStorageEncryptedSmooth() { IAsset asset = JobTests.CreateSmoothAsset(_mediaContext, _filePaths, AssetCreationOptions.StorageEncrypted); // There is no asset delivery policy so streaming should be blocked AssetDeliveryProtocol protocolsToTest = AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.Dash | AssetDeliveryProtocol.HLS | AssetDeliveryProtocol.Hds; List <TestCase> testCases = GetTestsCasesForProtocolCombination(protocolsToTest, AssetEncryptionState.StorageEncryptedWithNoDeliveryPolicy); ValidateAssetEncryptionState(asset, testCases); SetupEnvelopePolicy(asset, AssetDeliveryProtocol.HLS); UpdateTestCasesForAddedPolicy(testCases, asset.DeliveryPolicies); ValidateAssetEncryptionState(asset, testCases); SetupCommonPolicy(asset, AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.Dash); UpdateTestCasesForAddedPolicy(testCases, asset.DeliveryPolicies); ValidateAssetEncryptionState(asset, testCases); CleanupAsset(asset); }
public void ValidateEffectiveEncryptionStatusOfMultiBitRateMP4() { IAsset asset = CreateMbrMp4Asset(AssetCreationOptions.None); Assert.AreEqual(true, asset.IsStreamable); Assert.AreEqual(AssetType.MultiBitrateMP4, asset.AssetType); Assert.AreEqual(AssetCreationOptions.None, asset.Options); AssetDeliveryProtocol protocolsToTest = AssetDeliveryProtocol.SmoothStreaming | AssetDeliveryProtocol.Dash | AssetDeliveryProtocol.HLS | AssetDeliveryProtocol.Hds; List <TestCase> testCases = GetTestsCasesForProtocolCombination(protocolsToTest, AssetEncryptionState.ClearOutput); ValidateAssetEncryptionState(asset, testCases); SetupEnvelopePolicy(asset, AssetDeliveryProtocol.HLS | AssetDeliveryProtocol.Dash | AssetDeliveryProtocol.SmoothStreaming); UpdateTestCasesForAddedPolicy(testCases, asset.DeliveryPolicies); ValidateAssetEncryptionState(asset, testCases); CleanupAsset(asset); }
private AssetEncryptionState DecideBetweenBlockedOrMultiplePolicies(AssetDeliveryProtocol protocolsToCheck, IList <IAssetDeliveryPolicy> policies) { List <AssetDeliveryProtocol> individualProtocols = GetIndividualProtocols(protocolsToCheck); bool partialMatch = false; foreach (AssetDeliveryProtocol protocol in individualProtocols) { if (policies.Any(p => p.AssetDeliveryProtocol.HasFlag(protocol))) { partialMatch = true; break; } } if (partialMatch) { return(AssetEncryptionState.NoSinglePolicyApplies); } else { return(AssetEncryptionState.BlockedByPolicy); } }
static public IAssetDeliveryPolicy CreateAssetDeliveryPolicyAES(IAsset asset, IContentKey key, AssetDeliveryProtocol assetdeliveryprotocol, string name, CloudMediaContext _context, Uri keyAcquisitionUri) { // if user does not specify a custom LA URL, let's use the AES key server from Azure Media Services if (keyAcquisitionUri == null) { keyAcquisitionUri = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp); } // let's key the url with the key id parameter UriBuilder uriBuilder = new UriBuilder(keyAcquisitionUri); uriBuilder.Query = String.Empty; keyAcquisitionUri = uriBuilder.Uri; // Removed in March 2016. In order to use EnvelopeBaseKeyAcquisitionUrl and reuse the same policy for several assets //string envelopeEncryptionIV = Convert.ToBase64String(GetRandomBuffer(16)); // The following policy configuration specifies: // key url that will have KID=<Guid> appended to the envelope and // the Initialization Vector (IV) to use for the envelope encryption. Dictionary <AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration = new Dictionary <AssetDeliveryPolicyConfigurationKey, string> { { AssetDeliveryPolicyConfigurationKey.EnvelopeBaseKeyAcquisitionUrl, keyAcquisitionUri.ToString() } //{AssetDeliveryPolicyConfigurationKey.EnvelopeKeyAcquisitionUrl, keyAcquisitionUri.ToString()}, //{AssetDeliveryPolicyConfigurationKey.EnvelopeEncryptionIVAsBase64, envelopeEncryptionIV} }; IAssetDeliveryPolicy assetDeliveryPolicy = _context.AssetDeliveryPolicies.Create( name, AssetDeliveryPolicyType.DynamicEnvelopeEncryption, assetdeliveryprotocol, assetDeliveryPolicyConfiguration); // Add AssetDelivery Policy to the asset asset.DeliveryPolicies.Add(assetDeliveryPolicy); return(assetDeliveryPolicy); }
static public IAssetDeliveryPolicy CreateAssetDeliveryPolicyNoDynEnc(IAsset asset, AssetDeliveryProtocol assetdeliveryprotocol, CloudMediaContext _context) { IAssetDeliveryPolicy assetDeliveryPolicy = _context.AssetDeliveryPolicies.Create( "AssetDeliveryPolicy NoDynEnc", AssetDeliveryPolicyType.NoDynamicEncryption, assetdeliveryprotocol, null); // no dyn enc then no need for configuration // Add AssetDelivery Policy to the asset asset.DeliveryPolicies.Add(assetDeliveryPolicy); return assetDeliveryPolicy; }
static public IAssetDeliveryPolicy CreateAssetDeliveryPolicyAES(IAsset asset, IContentKey key, AssetDeliveryProtocol assetdeliveryprotocol, string name, CloudMediaContext _context, Uri keyAcquisitionUri) { // if user does not specify a custom LA URL, let's use the AES key server from Azure Media Services if (keyAcquisitionUri == null) keyAcquisitionUri = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp); string envelopeEncryptionIV = Convert.ToBase64String(GetRandomBuffer(16)); // The following policy configuration specifies: // key url that will have KID=<Guid> appended to the envelope and // the Initialization Vector (IV) to use for the envelope encryption. Dictionary<AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration = new Dictionary<AssetDeliveryPolicyConfigurationKey, string> { {AssetDeliveryPolicyConfigurationKey.EnvelopeKeyAcquisitionUrl, keyAcquisitionUri.ToString()}, {AssetDeliveryPolicyConfigurationKey.EnvelopeEncryptionIVAsBase64, envelopeEncryptionIV} }; IAssetDeliveryPolicy assetDeliveryPolicy = _context.AssetDeliveryPolicies.Create( name, AssetDeliveryPolicyType.DynamicEnvelopeEncryption, assetdeliveryprotocol, assetDeliveryPolicyConfiguration); // Add AssetDelivery Policy to the asset asset.DeliveryPolicies.Add(assetDeliveryPolicy); return assetDeliveryPolicy; }
private AssetEncryptionState DecideBetweenBlockedOrMultiplePolicies(AssetDeliveryProtocol protocolsToCheck, IList<IAssetDeliveryPolicy> policies) { List<AssetDeliveryProtocol> individualProtocols = GetIndividualProtocols(protocolsToCheck); bool partialMatch = false; foreach (AssetDeliveryProtocol protocol in individualProtocols) { if (policies.Any(p => p.AssetDeliveryProtocol.HasFlag(protocol))) { partialMatch = true; break; } } if (partialMatch) { return AssetEncryptionState.NoSinglePolicyApplies; } else { return AssetEncryptionState.BlockedByPolicy; } }
static public IAssetDeliveryPolicy CreateAssetDeliveryPolicyCENC(IAsset asset, IContentKey key, AssetDeliveryProtocol assetdeliveryprotocol, string name, CloudMediaContext _context) { Uri acquisitionUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense); Dictionary <AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration = new Dictionary <AssetDeliveryPolicyConfigurationKey, string> { { AssetDeliveryPolicyConfigurationKey.PlayReadyLicenseAcquisitionUrl, acquisitionUrl.ToString() }, }; var assetDeliveryPolicy = _context.AssetDeliveryPolicies.Create( name, AssetDeliveryPolicyType.DynamicCommonEncryption, assetdeliveryprotocol, assetDeliveryPolicyConfiguration); // Add AssetDelivery Policy to the asset asset.DeliveryPolicies.Add(assetDeliveryPolicy); return(assetDeliveryPolicy); }
static public IAssetDeliveryPolicy CreateAssetDeliveryPolicyAES(IAsset asset, IContentKey key, AssetDeliveryProtocol assetdeliveryprotocol, string name, CloudMediaContext _context, Uri keyAcquisitionUri) { // if user does not specify a custom LA URL, let's use the AES key server from Azure Media Services if (keyAcquisitionUri == null) { keyAcquisitionUri = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp); } // let's key the url with the key id parameter UriBuilder uriBuilder = new UriBuilder(keyAcquisitionUri); uriBuilder.Query = String.Empty; keyAcquisitionUri = uriBuilder.Uri; // Removed in March 2016. In order to use EnvelopeBaseKeyAcquisitionUrl and reuse the same policy for several assets //string envelopeEncryptionIV = Convert.ToBase64String(GetRandomBuffer(16)); // The following policy configuration specifies: // key url that will have KID=<Guid> appended to the envelope and // the Initialization Vector (IV) to use for the envelope encryption. Dictionary<AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration = new Dictionary<AssetDeliveryPolicyConfigurationKey, string> { {AssetDeliveryPolicyConfigurationKey.EnvelopeBaseKeyAcquisitionUrl, keyAcquisitionUri.ToString()} //{AssetDeliveryPolicyConfigurationKey.EnvelopeKeyAcquisitionUrl, keyAcquisitionUri.ToString()}, //{AssetDeliveryPolicyConfigurationKey.EnvelopeEncryptionIVAsBase64, envelopeEncryptionIV} }; IAssetDeliveryPolicy assetDeliveryPolicy = _context.AssetDeliveryPolicies.Create( name, AssetDeliveryPolicyType.DynamicEnvelopeEncryption, assetdeliveryprotocol, assetDeliveryPolicyConfiguration); // Add AssetDelivery Policy to the asset asset.DeliveryPolicies.Add(assetDeliveryPolicy); return assetDeliveryPolicy; }
public void RunAllGetEffectiveDeliveryPolicyTestCases() { string testCaseDataFilePath = WindowsAzureMediaServicesTestConfiguration.GetVideoSampleFilePath(TestContext, c_TestCaseDataFile); string[] testCases = File.ReadAllLines(testCaseDataFilePath); Assert.IsNotNull(testCases); Assert.AreEqual(401, testCases.Length); // ensure we have the expected number of cases int failureCount = 0; StringBuilder builder = new StringBuilder(); builder.Append(testCases[0]); builder.Append(",ActualAssetType,ActualIsStreamable,ActualEffectiveEncryptionState"); builder.AppendLine(); for (int i = 1; i < testCases.Length; i++) { string[] parameters = testCases[i].Split(','); AssetCreationOptions options = (AssetCreationOptions)Enum.Parse(typeof(AssetCreationOptions), parameters[0]); AssetType assetType = (AssetType)Enum.Parse(typeof(AssetType), parameters[1]); AssetDeliveryProtocol assetDeliveryProtocol = (AssetDeliveryProtocol)Enum.Parse(typeof(AssetDeliveryProtocol), parameters[2]); AssetDeliveryPolicyType assetDeliveryPolicyType = (AssetDeliveryPolicyType)Enum.Parse(typeof(AssetDeliveryPolicyType), parameters[3]); AssetEncryptionState expectedEncryptionState = (AssetEncryptionState)Enum.Parse(typeof(AssetEncryptionState), parameters[4]); bool expectedIsStreamable = bool.Parse(parameters[5]); AssetType expectedAssetType = (AssetType)Enum.Parse(typeof(AssetType), parameters[6]); IAsset asset = GetTestAsset(options, assetType, assetDeliveryProtocol, assetDeliveryPolicyType); AssetEncryptionState actualEncryptionState = asset.GetEncryptionState(assetDeliveryProtocol); if (false == ((expectedAssetType == asset.AssetType) && (expectedIsStreamable == asset.IsStreamable) && (expectedEncryptionState == actualEncryptionState) ) ) { // We had a failure so increase our failed count and then save the details of the test case and where it failed failureCount++; builder.Append(testCases[i]); builder.Append(","); builder.Append(asset.AssetType.ToString()); builder.Append(","); builder.Append(asset.IsStreamable.ToString()); builder.Append(","); builder.Append(actualEncryptionState.ToString()); builder.AppendLine(); } } if (failureCount > 0) { Assert.Fail("Some RunAllGetEffectiveDeliveryPolicyTestCases failed"); // If there are a lot of failures the best way to debug then is to dump // failed test case input and output data to a csv file for more detailed // analysis //File.WriteAllText("output.csv", builder.ToString()); } }
private void ValidateAssetEncryptionState(IAsset asset, AssetDeliveryProtocol protocolsToTest, AssetEncryptionState expectedState) { AssetEncryptionState actualState = asset.GetEncryptionState(protocolsToTest); Assert.AreEqual(expectedState, actualState); }
public TestCase(AssetDeliveryProtocol protocolsToTest, AssetEncryptionState expectedState) { ProtocolsToTest = protocolsToTest; ExpectedState = expectedState; }
private void SetupCommonPolicy(IAsset asset, AssetDeliveryProtocol protocol) { IContentKey key = _mediaContext.ContentKeys.Create(Guid.NewGuid(), ContentKeyTests.GetRandomBuffer(16), "Common Encryption Key", ContentKeyType.CommonEncryption); asset.ContentKeys.Add(key); Dictionary<AssetDeliveryPolicyConfigurationKey, string> config = new Dictionary<AssetDeliveryPolicyConfigurationKey, string>() { {AssetDeliveryPolicyConfigurationKey.PlayReadyLicenseAcquisitionUrl, "https://fakeKeyDeliveryurl.com/PlayReady"} }; IAssetDeliveryPolicy policy = _mediaContext.AssetDeliveryPolicies.Create("Clear Policy", AssetDeliveryPolicyType.DynamicCommonEncryption, protocol, config); asset.DeliveryPolicies.Add(policy); }
private void SetupEnvelopePolicy(IAsset asset, AssetDeliveryProtocol protocol) { IContentKey key = _mediaContext.ContentKeys.Create(Guid.NewGuid(), ContentKeyTests.GetRandomBuffer(16), "Envelope Encryption Key", ContentKeyType.EnvelopeEncryption); asset.ContentKeys.Add(key); Dictionary<AssetDeliveryPolicyConfigurationKey, string> config = new Dictionary<AssetDeliveryPolicyConfigurationKey, string>() { {AssetDeliveryPolicyConfigurationKey.EnvelopeBaseKeyAcquisitionUrl, "https://fakeKeyDeliveryurl.com/"}, {AssetDeliveryPolicyConfigurationKey.EnvelopeEncryptionIVAsBase64, Convert.ToBase64String(Guid.NewGuid().ToByteArray())} // TODO: Remove this once no IV is supported }; IAssetDeliveryPolicy policy = _mediaContext.AssetDeliveryPolicies.Create("Clear Policy", AssetDeliveryPolicyType.DynamicEnvelopeEncryption, protocol, config); asset.DeliveryPolicies.Add(policy); }
private void SetupClearPolicy(IAsset asset, AssetDeliveryProtocol protocol) { IAssetDeliveryPolicy policy = _mediaContext.AssetDeliveryPolicies.Create("Clear Policy", AssetDeliveryPolicyType.NoDynamicEncryption, protocol, null); asset.DeliveryPolicies.Add(policy); }
private List<TestCase> GetTestsCasesForProtocolCombination(AssetDeliveryProtocol protocols, AssetEncryptionState expectedState) { List<TestCase> testCases = new List<TestCase>(); List<AssetDeliveryProtocol> combinationList = GetAllCombinationsOfDeliveryProtocol(protocols); foreach(AssetDeliveryProtocol combination in combinationList) { testCases.Add(new TestCase(combination, expectedState)); } return testCases; }
private List<AssetDeliveryProtocol> GetAllCombinationsOfDeliveryProtocol(AssetDeliveryProtocol protocols) { // // Split the flags enumeration into single flag values. Meaning if they pass in (AssetDeliveryProtocol.Dash | AssetDeliveryProtocol.HLS) // then return a list with two entries ([0] = AssetDeliveryProtocol.Dash, [1] = AssetDeliveryProtocol.HLS). Used as input to create // all of the combinations with // List<AssetDeliveryProtocol> protocolsToCombineList = GetIndividualProtocols(protocols); Stack<AssetDeliveryProtocol> workingStack = new Stack<AssetDeliveryProtocol>(); List<AssetDeliveryProtocol> returnValue = new List<AssetDeliveryProtocol>(); for (int x = 1; x <= protocolsToCombineList.Count; x++) { AddCombinations(returnValue, protocolsToCombineList, workingStack, 0, x); } return returnValue; }
static public IAssetDeliveryPolicy CreateAssetDeliveryPolicyAES(IAsset asset, IContentKey key, AssetDeliveryProtocol assetdeliveryprotocol, string name, CloudMediaContext _context, Uri keyAcquisitionUri) { // if user does not specify a custom LA URL, let's use the AES key server from Azure Media Services if (keyAcquisitionUri == null) { keyAcquisitionUri = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.BaselineHttp); } string envelopeEncryptionIV = Convert.ToBase64String(GetRandomBuffer(16)); // The following policy configuration specifies: // key url that will have KID=<Guid> appended to the envelope and // the Initialization Vector (IV) to use for the envelope encryption. Dictionary <AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration = new Dictionary <AssetDeliveryPolicyConfigurationKey, string> { { AssetDeliveryPolicyConfigurationKey.EnvelopeKeyAcquisitionUrl, keyAcquisitionUri.ToString() }, { AssetDeliveryPolicyConfigurationKey.EnvelopeEncryptionIVAsBase64, envelopeEncryptionIV } }; IAssetDeliveryPolicy assetDeliveryPolicy = _context.AssetDeliveryPolicies.Create( name, AssetDeliveryPolicyType.DynamicEnvelopeEncryption, assetdeliveryprotocol, assetDeliveryPolicyConfiguration); // Add AssetDelivery Policy to the asset asset.DeliveryPolicies.Add(assetDeliveryPolicy); return(assetDeliveryPolicy); }
static public IAssetDeliveryPolicy CreateAssetDeliveryPolicyCENC(IAsset asset, IContentKey key, AssetDeliveryProtocol assetdeliveryprotocol, string name, CloudMediaContext _context, Uri playreadyAcquisitionUrl = null, bool playreadyEncodeLAURLForSilverlight = false, string playreadyCustomAttributes = null, string widevineAcquisitionUrl = null) { string stringacquisitionUrl; if (playreadyEncodeLAURLForSilverlight && playreadyAcquisitionUrl != null) { stringacquisitionUrl = playreadyAcquisitionUrl.ToString().Replace("&", "%26"); } else { if (playreadyAcquisitionUrl == null) playreadyAcquisitionUrl = key.GetKeyDeliveryUrl(ContentKeyDeliveryType.PlayReadyLicense); stringacquisitionUrl = System.Security.SecurityElement.Escape(playreadyAcquisitionUrl.ToString()); } Dictionary<AssetDeliveryPolicyConfigurationKey, string> assetDeliveryPolicyConfiguration = new Dictionary<AssetDeliveryPolicyConfigurationKey, string> { { AssetDeliveryPolicyConfigurationKey.PlayReadyLicenseAcquisitionUrl, stringacquisitionUrl }, }; if (playreadyCustomAttributes != null) // let's add custom attributes { assetDeliveryPolicyConfiguration.Add(AssetDeliveryPolicyConfigurationKey.PlayReadyCustomAttributes, playreadyCustomAttributes); } // Widevine if (widevineAcquisitionUrl != null) // let's add Widevine { assetDeliveryPolicyConfiguration.Add(AssetDeliveryPolicyConfigurationKey.WidevineLicenseAcquisitionUrl, widevineAcquisitionUrl); } var assetDeliveryPolicy = _context.AssetDeliveryPolicies.Create( name, AssetDeliveryPolicyType.DynamicCommonEncryption, assetdeliveryprotocol, assetDeliveryPolicyConfiguration); // Add AssetDelivery Policy to the asset asset.DeliveryPolicies.Add(assetDeliveryPolicy); return assetDeliveryPolicy; }
static public IAssetDeliveryPolicy CreateAssetDeliveryPolicyNoDynEnc(IAsset asset, AssetDeliveryProtocol assetdeliveryprotocol, CloudMediaContext _context) { IAssetDeliveryPolicy assetDeliveryPolicy = _context.AssetDeliveryPolicies.Create( "AssetDeliveryPolicy NoDynEnc", AssetDeliveryPolicyType.NoDynamicEncryption, assetdeliveryprotocol, null); // no dyn enc then no need for configuration // Add AssetDelivery Policy to the asset asset.DeliveryPolicies.Add(assetDeliveryPolicy); return(assetDeliveryPolicy); }
private void AddTestDeliveryPolicies(IAsset asset, AssetDeliveryProtocol protocol, AssetDeliveryPolicyType deliveryType) { if (deliveryType != AssetDeliveryPolicyType.None) { IAssetDeliveryPolicy policy = _mediaContext.AssetDeliveryPolicies.Create("Test Asset Delivery Policy", deliveryType, protocol, null); asset.DeliveryPolicies.Add(policy); } }
private IAsset GetTestAsset(AssetCreationOptions options, AssetType assetType, AssetDeliveryProtocol protocol, AssetDeliveryPolicyType deliveryType) { IAsset asset = _mediaContext.Assets.Create("Test", options); AddTestAssetFiles(asset, assetType); AddTestDeliveryPolicies(asset, protocol, deliveryType); return(asset); }
private IAsset GetTestAsset(AssetCreationOptions options, AssetType assetType, AssetDeliveryProtocol protocol, AssetDeliveryPolicyType deliveryType) { IAsset asset = _mediaContext.Assets.Create("Test", options); AddTestAssetFiles(asset, assetType); AddTestDeliveryPolicies(asset, protocol, deliveryType); return asset; }
public static async Task <object> Run([HttpTrigger(WebHookType = "genericJson")] HttpRequestMessage req, TraceWriter log) { log.Info($"AMS v2 Function - CreateAssetDeliveryPolicy was triggered!"); string jsonContent = await req.Content.ReadAsStringAsync(); dynamic data = JsonConvert.DeserializeObject(jsonContent); // Validate input objects if (data.assetDeliveryPolicyName == null) { return(req.CreateResponse(HttpStatusCode.BadRequest, new { error = "Please pass assetDeliveryPolicyName in the input object" })); } if (data.assetDeliveryPolicyType == null) { return(req.CreateResponse(HttpStatusCode.BadRequest, new { error = "Please pass assetDeliveryPolicyType in the input object" })); } if (data.assetDeliveryPolicyProtocol == null) { return(req.CreateResponse(HttpStatusCode.BadRequest, new { error = "Please pass assetDeliveryPolicyProtocol in the input object" })); } string assetDeliveryPolicyName = data.assetDeliveryPolicyName; string assetDeliveryPolicyType = data.assetDeliveryPolicyType; if (!MediaServicesHelper.AMSAssetDeliveryPolicyType.ContainsKey(assetDeliveryPolicyType)) { return(req.CreateResponse(HttpStatusCode.BadRequest, new { error = "Please pass a valid assetDeliveryPolicyType in the input object" })); } List <string> assetDeliveryPolicyProtocol = ((JArray)data.assetDeliveryPolicyProtocol).ToObject <List <string> >(); foreach (var p in assetDeliveryPolicyProtocol) { if (!MediaServicesHelper.AMSAssetDeliveryProtocol.ContainsKey(p)) { return(req.CreateResponse(HttpStatusCode.BadRequest, new { error = "Please pass a valid assetDeliveryPolicyProtocol in the input object" })); } } List <string> assetDeliveryPolicyContentProtectionNames = null; string fairPlayPolicyId = null; if (data.assetDeliveryPolicyContentProtection != null) { assetDeliveryPolicyContentProtectionNames = ((JArray)data.assetDeliveryPolicyContentProtection).ToObject <List <string> >(); foreach (var p in assetDeliveryPolicyContentProtectionNames) { if (!MediaServicesHelper.AMSAssetDeliveryContentProtection.ContainsKey(p)) { return(req.CreateResponse(HttpStatusCode.BadRequest, new { error = "Please pass a valid assetDeliveryPolicyContentProtection in the input object" })); } if (MediaServicesHelper.AMSAssetDeliveryContentProtection[p] == MediaServicesHelper.AssetDeliveryContentProtection.FairPlay) { if (fairPlayPolicyId == null) { return(req.CreateResponse(HttpStatusCode.BadRequest, new { error = "Please pass fairPlayContentKeyAuthorizationPolicyOptionId in the input object" })); } fairPlayPolicyId = data.fairPlayContentKeyAuthorizationPolicyOptionId; } } } MediaServicesCredentials amsCredentials = new MediaServicesCredentials(); IAssetDeliveryPolicy policy = null; try { // Load AMS account context log.Info($"Using AMS v2 REST API Endpoint : {amsCredentials.AmsRestApiEndpoint.ToString()}"); AzureAdTokenCredentials tokenCredentials = new AzureAdTokenCredentials(amsCredentials.AmsAadTenantDomain, new AzureAdClientSymmetricKey(amsCredentials.AmsClientId, amsCredentials.AmsClientSecret), AzureEnvironments.AzureCloudEnvironment); AzureAdTokenProvider tokenProvider = new AzureAdTokenProvider(tokenCredentials); _context = new CloudMediaContext(amsCredentials.AmsRestApiEndpoint, tokenProvider); AssetDeliveryPolicyType assetDeliveryPolicyTypeValue = MediaServicesHelper.AMSAssetDeliveryPolicyType[assetDeliveryPolicyType]; AssetDeliveryProtocol assetDeliveryPolicyProtocolValue = AssetDeliveryProtocol.None; foreach (var p in assetDeliveryPolicyProtocol) { assetDeliveryPolicyProtocolValue |= MediaServicesHelper.AMSAssetDeliveryProtocol[p]; } Dictionary <AssetDeliveryPolicyConfigurationKey, String> assetDeliveryPolicyConfigurationValue = null; if (assetDeliveryPolicyContentProtectionNames != null) { IContentKeyAuthorizationPolicyOption fairplayPolicyOpiton = null; if (fairPlayPolicyId != null) { fairplayPolicyOpiton = _context.ContentKeyAuthorizationPolicyOptions.Where(p => p.Id == fairPlayPolicyId).Single(); if (fairplayPolicyOpiton == null) { return(req.CreateResponse(HttpStatusCode.BadRequest, new { error = "FairPlay ContentKeyAuthorizationPolicyOption not found" })); } } assetDeliveryPolicyConfigurationValue = CreateDeliveryPolicyConfiguration(assetDeliveryPolicyContentProtectionNames, fairplayPolicyOpiton); } policy = _context.AssetDeliveryPolicies.Create(assetDeliveryPolicyName, assetDeliveryPolicyTypeValue, assetDeliveryPolicyProtocolValue, assetDeliveryPolicyConfigurationValue); } catch (Exception e) { log.Info($"ERROR: Exception {e}"); return(req.CreateResponse(HttpStatusCode.BadRequest)); } return(req.CreateResponse(HttpStatusCode.OK, new { assetDeliveryPolicyId = policy.Id })); }
internal static List<AssetDeliveryProtocol> GetIndividualProtocols(AssetDeliveryProtocol protocolsToSplit) { List<AssetDeliveryProtocol> protocolList = new List<AssetDeliveryProtocol>(); foreach (AssetDeliveryProtocol protocol in _allValues) { if ((protocol == AssetDeliveryProtocol.None) || (protocol == AssetDeliveryProtocol.All)) { continue; } if (protocolsToSplit.HasFlag(protocol)) { protocolList.Add(protocol); } } return protocolList; }