Skip to content

Widevine Key Exchange

Wesley Miaw edited this page Jul 1, 2014 · 1 revision

Google Widevine provides a secure key exchange mechanism. When requested the Widevine component will issue a one-time use key request. The Widevine server library can be used to authenticate the request and return randomly generated symmetric keys in a protected key response bound to the request and Widevine client library. The key response also specifies the key identities, types and their permitted usage.

The Widevine key request also contains a model identifier and a unique device identifier with an expectation of long-term persistence. These values are available from the Widevine client library and can be retrieved from the key request by the Widevine server library.

The Widevine client library will protect the returned keys from inspection or misuse.

This scheme is identified by the string WIDEVINE.

Clone this wiki locally