Kodi Development  20.0
for Binary and Script based Add-Ons
Library - xbmcdrm

Detailed Description

Kodi's DRM class.

Offers classes and functions that allow a developer to work with DRM-protected contents like Widevine.

This type of functionality is closely related to the type of DRM used and the service to be implemented.

Using the CryptoSession constructor allow you to have access to a DRM session. With a DRM session you can read and write the DRM properties GetPropertyString, SetPropertyString and establish session keys with GetKeyRequest and ProvideKeyResponse, or resume previous session keys with RestoreKeys.

When the session keys are established you can use these methods to perform various operations: Encrypt / Decrypt for data encryption / decryption, Sign / Verify for make or verify data-signature. Useful for example to implement encrypted communication between a client and the server.

An example where such functionality is useful is the Message Security Layer (MSL) transmission protocol used in some VOD applications. This protocol (or rather framework) is used to increase the level of security in the exchange of messages (such as licences, manifests or other data), which defines a security extension / layer on top of the HTTP protocol.


Constructor for DRM crypto session

Class: xbmcdrm.CryptoSession(UUID, cipherAlgorithm, macAlgorithm)

Parameters
UUIDstring - 16 byte UUID of the DRM system to use
cipherAlgorithmstring - Algorithm used for encryption / decryption ciphers
macAlgorithmstring - Algorithm used for sign / verify
Exceptions
RuntimeExceptionIf the session can not be established

v18 Python API changes:
New class added.

Example:

..
uuid_widevine = 'edef8ba9-79d6-4ace-a3c8-27dcd51d21ed'
crypto_session = xbmcdrm.CryptoSession(uuid_widevine, 'AES/CBC/NoPadding', 'HmacSHA256')
..

Function Documentation

◆ GetKeyRequest()

GetKeyRequest (   ...)

Function: GetKeyRequest(init, mimeType, offlineKey, optionalParameters)


Generate a key request

Generate a key request, used for request/response exchange between the app and a license server to obtain or release keys used to decrypt encrypted content. After the app has received the key request response from the license server, it should deliver to the response to the DRM instance using the method ProvideKeyResponse, to activate the keys.

Parameters
initbyte - Initialization bytes container-specific data, its meaning is interpreted based on the mime type provided in the mimeType parameter. It could contain, for example, the content ID, key ID or other data required in generating the key request.
mimeTypestring - Type of media which is exchanged (e.g. "application/xml", "video/mp4")
offlineKeybool - Specifies the type of the request. The request may be to acquire keys for Streaming or Offline content
optionalParameters[opt] map - Will be included in the key request message to allow a client application to provide additional message parameters to the server
Returns
byte - The opaque key request data (challenge) which is send to key server

v18 Python API changes:
New function added.
v19 Python API changes:
With python 3 the init param must be a bytearray instead of byte.

◆ GetPropertyString()

GetPropertyString (   ...)

Function: GetPropertyString(name)


Request a system specific property value of the DRM system.

Parameters
Namestring - Name of the property to query
Returns
Value of the requested property

v18 Python API changes:
New function added.

◆ ProvideKeyResponse()

ProvideKeyResponse (   ...)

Function: ProvideKeyResponse(response)


Provide a key response

When a key response is received from the license server, must be sent to the DRM instance by using provideKeyResponse. See also GetKeyRequest.

Parameters
responsebyte - Key data returned from the license server
Returns
A keySetId if the response is for an offline key requests which can be used later with restoreKeys, else return empty for streaming key requests.

v18 Python API changes:
New function added.
v19 Python API changes:
With python 3 the response argument must be a bytearray instead of byte.

◆ RemoveKeys()

RemoveKeys (   ...)

Function: RemoveKeys()


Removes all keys currently loaded in a session.


v18 Python API changes:
New function added.

◆ RestoreKeys()

RestoreKeys (   ...)

Function: RestoreKeys(keySetId)


Restores session keys stored during previous ProvideKeyResponse call.

Parameters
keySetIdstring - Identifies the saved key set to restore. This value must never be null.

v18 Python API changes:
New function added.

◆ SetPropertyString()

SetPropertyString (   ...)

Function: SetPropertyString(name, value)


Set a system specific property value in the DRM system.

Parameters
namestring - Name of the property. This value must never be null.
valuestring - Value of the property to set. This value must never be null.

v18 Python API changes:
New function added.

◆ Decrypt()

Decrypt (   ...)

Function: Decrypt(cipherKeyId, input, iv)


Decrypt an encrypted data by using session keys.

Parameters
cipherKeyIdbyte - Encryption key id (provided from a service handshake)
inputbyte - Cipher text to decrypt
ivbyte - Initialization vector of cipher text
Returns
Decrypted input data

v18 Python API changes:
New function added.
v19 Python API changes:
With python 3 all arguments need to be of type bytearray instead of byte.

◆ Encrypt()

Encrypt (   ...)

Function: Encrypt(cipherKeyId, input, iv)


Encrypt data by using session keys.

Parameters
cipherKeyIdbyte - Encryption key id (provided from a service handshake)
inputbyte - Encrypted text
ivbyte - Initialization vector of encrypted text
Returns
byte - Encrypted input data

v18 Python API changes:
New function added.
v19 Python API changes:
With python 3 all arguments need to be of type bytearray instead of byte.

◆ Sign()

Sign (   ...)

Function: Sign(macKeyId, message)


Generate a DRM encrypted signature for a text message.

Parameters
macKeyIdbyte - HMAC key id (provided from a service handshake)
messagebyte - Message text on which to base the signature
Returns
byte - Signature

v18 Python API changes:
New function added.
v19 Python API changes:
With python 3 all arguments need to be of type bytearray instead of byte.

◆ Verify()

Verify (   ...)

Function: Verify(macKeyId, message, signature)


Verify the validity of a DRM signature of a text message.

Parameters
macKeyIdbyte - HMAC key id (provided from a service handshake)
messagebyte - Message text on which the signature is based
signaturebyte - The signature to verify
Returns
true when the signature is valid

v18 Python API changes:
New function added.
v19 Python API changes:
With python 3 for all arguments is needed to pass bytearray instead of byte.