แก้ไข

แชร์ผ่าน


How to Determine What Features a Client Supports

Starting with PlayReady Device Porting Kit Version 4.4, the client sends information about what features it supports to the License Server as part of its license acquisition challenge. This includes both the Rich Execution Environment (REE) features and the Trusted Execution Environment (TEE) features.

Starting with PlayReady Server SDK Version 4.4, this information is made publically available to an application via the LicenseChallenge class. (Previous versions of the PlayReady Server SDK will ignore this information if present in the license acquisition challenge.) This page describes how to use this feature to make decisions in a server application based on what functionality the client has implemented.

Features are exposed through the LicenseChallenge class in three different catagories: TEE Properties, TEE APIs, and REE Features. In order to access an individual catagory of client features, you can use the properties of the License Challenge to get either a list of enums corresponding to each feature or access the raw XML containing feature information sent within the license challenge. The features exposed in the LicenseChallenge class as of version 4.4 are listed below with their corresponding enum values.

TeePropertyList:
SUPPORTS_HEVC_HW_DECODING
SUPPORTS_REMOTE_PROVISIONING
SUPPORTS_PRE_PROCESS_ENCRYPTED_DATA
REQUIRES_PRE_PROCESS_ENCRYPTED_DATA_WITH_FULL_FRAMES
REQUIRES_SAMPLE_PROTECTION
SUPPORTS_SECURE_CLOCK
SUPPORTS_SECURE_STOP
SUPPORTS_SECURE_HDCP_TYPE_1
REQUIRES_PREPARE_POLICY_INFO
SUPPORTS_DEBUG_TRACING
REQUIRES_MINIMAL_REVOCATION_DATA
SUPPORTS_OPTIMIZED_CONTENT_KEY2

TeeApiList:
DRM_TEE_BASE_AllocTEEContext
DRM_TEE_BASE_FreeTEEContext
DRM_TEE_BASE_SignDataWithSecureStoreKey
DRM_TEE_BASE_CheckDeviceKeys
DRM_TEE_BASE_GetDebugInformation
DRM_TEE_BASE_GenerateNonce
DRM_TEE_BASE_GetSystemTime
DRM_TEE_LPROV_GenerateDeviceKeys
DRM_TEE_RPROV_GenerateBootstrapChallenge
DRM_TEE_RPROV_ProcessBootstrapResponse
DRM_TEE_RPROV_GenerateProvisioningRequest
DRM_TEE_RPROV_ProcessProvisioningResponse
DRM_TEE_LICPREP_PackageKey
DRM_TEE_SAMPLEPROT_PrepareSampleProtectionKey
DRM_TEE_DECRYPT_PreparePolicyInfo
DRM_TEE_DECRYPT_PrepareToDecrypt
DRM_TEE_DECRYPT_CreateOEMBlobFromCDKB
DRM_TEE_AES128CTR_DecryptContent
DRM_TEE_SIGN_SignHash
DRM_TEE_DOM_PackageKeys
DRM_TEE_RESERVED_20
DRM_TEE_RESERVED_21
DRM_TEE_RESERVED_22
DRM_TEE_RESERVED_23
DRM_TEE_REVOCATION_IngestRevocationInfo
DRM_TEE_LICGEN_CompleteLicense
DRM_TEE_LICGEN_AES128CTR_EncryptContent
DRM_TEE_RESERVED_27
DRM_TEE_RESERVED_28
DRM_TEE_RESERVED_29
DRM_TEE_RESERVED_30
DRM_TEE_RESERVED_31
DRM_TEE_RESERVED_32
DRM_TEE_RESERVED_33
DRM_TEE_H264_PreProcessEncryptedData
DRM_TEE_SECURESTOP_GetGenerationID
DRM_TEE_AES128CTR_DecryptAudioContentMultiple
DRM_TEE_SECURETIME_GenerateChallengeData
DRM_TEE_SECURETIME_ProcessResponseData
DRM_TEE_AES128CTR_DecryptContentMultiple
DRM_TEE_AES128CBC_DecryptContentMultiple
DRM_TEE_SECURESTOP2_GetSigningKeyBlob
DRM_TEE_SECURESTOP2_SignChallenge
DRM_TEE_BASE_GetFeatureInformation

ReeFeatureList:
Assembly
PersistentStorePrealloc
ECCProfiling
ForceAlign
InlineDwordCopy
FileLocking
MultiThreading
Native64BitTypes
PrecomputedECCGlobalTable
Tracing
PersistentStoreWriteThrough
AddLicenseWriteThrough
NoOptimizations
DebugBuild
Profiling
Activation
AntirollbackClock
CDMI
CleanStore
ErrorCodeContract
PKCRT
DeviceAssets
Domains
EmbeddedLicenseStore
PersistentStore
PersistentStoreBlockHeaderCache
CDMIPersistentStore
ContentKeyGeneration
LocalLicenseGeneration
MeteringCertificateRevocation
Metering
ModelCertificateRevocation
InMemoryOnlyLicenses
Performance
Reactivation
Revocation
SecureDelete
SecureStop
SecureStop2
SecureTime
StructuredSerialization
XmlParsingCache
LicenseAcquisition
LegacyXmlCertificates
AESCBCS

There are a few common states that the LicenseChallenge class can be in with respect to the client feature set exposed.

  • If the TeePropertyList, TeeApiList, and ReeFeatureList are all empty, then it means that the client is running a version of the PK older than 4.4.
  • If the ReeFeatureList is non-empty and the TeePropertyList and TeeApiList are both empty, then it can mean one of two things.
    • On Windows clients, the client is either running in Software DRM or the client's TEE is older than PK version 4.4.
    • On non-Windows clients, the client's REE is running PK version 4.4+ but the client's TEE is older than PK version 4.4.
  • If the TeePropertyList, TeeApiList, and ReeFeatureList are all non-empty, then the client is running PK version 4.4+ for all components.
    • Note: The TeePropertyList and TeeApiList are provided by the client's TEE and can be trusted to its security level.