"cenc" Initialization Data Format

W3C Group Note

More details about this document
This version:
https://www.w3.org/TR/2024/NOTE-eme-initdata-cenc-20240718/
Latest published version:
https://www.w3.org/TR/eme-initdata-cenc/
Latest editor's draft:
https://w3c.github.io/encrypted-media/format-registry/initdata/cenc.html
History:
https://www.w3.org/standards/history/eme-initdata-cenc/
Commit history
Editors:
Joey Parrish (Google Inc.)
Greg Freedman (Netflix Inc.)
Former editors:
Mark Watson (Netflix Inc.) (Until September 2019)
David Dorwin (Google Inc.) (Until September 2017)
Jerry Smith (Microsoft Corporation) (Until September 2017)
Adrian Bateman (Microsoft Corporation) (Until May 2014)
Feedback:
GitHub w3c/encrypted-media (pull requests, new issue, open issues)
[email protected] with subject line [eme-initdata-cenc] … message topic … (archives)

Abstract

This specification defines the "cenc" initialization data format for use with the Encrypted Media Extensions [ENCRYPTED-MEDIA]. This format is commonly used with the ISO Common Encryption ('cenc') Protection Scheme for ISO Base Media File Format Stream Format [EME-STREAM-REGISTRY].

This specification also defines a common SystemID and PSSH box format for use with Encrypted Media Extensions.

Note

This format's initialization data type string "cenc" refers to the [CENC] spec that defines the PSSH boxes that comprise the format. It does not relate to or imply a stream format, including the use of the 'cenc' protection scheme. Stream formats are indicated by the content types as defined in the Encrypted Media Extensions Stream Format Registry [EME-STREAM-REGISTRY].

Status of This Document

This section describes the status of this document at the time of its publication. A list of current W3C publications and the latest revision of this technical report can be found in the W3C technical reports index at https://www.w3.org/TR/.

This document was published by the Media Working Group as a Group Note using the Note track.

This Group Note is endorsed by the Media Working Group, but is not endorsed by W3C itself nor its Members.

This is a draft document and may be updated, replaced or obsoleted by other documents at any time. It is inappropriate to cite this document as other than work in progress.

The W3C Patent Policy does not carry any licensing requirements or commitments on this document.

This document is governed by the 03 November 2023 W3C Process Document.

1. Format

The format is one or more concatenated Protection System Specific Header ('pssh') boxes [CENC], each for a unique SystemID. One of the concatenated 'pssh' boxes SHOULD use the Common SystemID and PSSH Box Format.

Note

[CENC] also specifies storage of a 'pssh' box base64-encoded in an XML element of the form <cenc:pssh (base64 'pssh')>. For example, [MPEGDASH] manifests may provide 'pssh' boxes in this format, each contained in a ContentProtection Descriptor element identified by a SystemID. These 'pssh' boxes may be decoded and concatenated by an application to provide equivalent Initialization Data to that stored in movie or movie fragment boxes.

2. Processing

When such Initialization Data is provided by the application, an implementation (the user agent and/or CDM) MUST:

  1. Examine the series of 'pssh' boxes to find the first 'pssh' box that the CDM instance supports. This includes checking the SystemID, box version, and system-specific values.

  2. If no such supported box is found, the provided data SHALL be considered "not supported by the CDM."

3. Use with Clear Key

When Initialization data is provided with initDataType "cenc", Clear Key implementations MUST look for and use the PSSH box with the Common SystemID.

4. Common SystemID and PSSH Box Format

This section defines a common open SystemID and PSSH box format. Key System implementations supporting the "cenc" Initialization Data Format MUST support this SystemID and format. Media resources for use with Encrypted Media Extensions SHOULD contain appropriate PSSH box(es) for this SystemID.

Note

Use of this SystemID is RECOMMENDED for applications, packagers, and implementors. Use of other SystemIDs with the Encrypted Media Extensions APIs is discouraged. 'pssh' box(es) for this SystemID SHOULD be included in all new or repackaged content so that the content can be used with any compliant Key System. For existing content, applications may alternatively obtain a 'pssh' box containing this SystemID or another Initialization Data Type (e.g., "keyids" Initialization Data Format [EME-STREAM-REGISTRY]) from another source.

Note

Implementations MAY support other SystemIDs for backwards compatibility with existing streams.

4.1 Definition

The SystemID is 1077efec-c0b2-4d02-ace3-3c1e52e2fb4b.

The PSSH box format is as follows. It follows version 1 of the 'pssh' box as defined in [CENC].

version
1
KID and KID_count
The key ID(s) represented by the PSSH box. For example, those key ID(s) used by the Movie ('moov') or Movie Fragment ('moof').
Data and DataSize
Reserved for future use. DataSize SHALL be set to 0 when constructing this box. When processing, if dataSize is non-zero the Data field SHALL be ignored.

4.2 Example

This section is non-normative.

The following example contains two key IDs.

var pssh = [
    0x00, 0x00, 0x00, 0x44, 0x70, 0x73, 0x73, 0x68, // BMFF box header (68 bytes, 'pssh')
    0x01, 0x00, 0x00, 0x00,                         // Full box header (version = 1, flags = 0)
    0x10, 0x77, 0xef, 0xec, 0xc0, 0xb2, 0x4d, 0x02, // SystemID
    0xac, 0xe3, 0x3c, 0x1e, 0x52, 0xe2, 0xfb, 0x4b,
    0x00, 0x00, 0x00, 0x02,                         // KID_count (2)
    0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, // First KID ("0123456789012345")
    0x38, 0x39, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35,
    0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, // Second KID ("ABCDEFGHIJKLMNOP")
    0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50,
    0x00, 0x00, 0x00, 0x00,                         // Size of Data (0)
];

5. Conformance

As well as sections marked as non-normative, all authoring guidelines, diagrams, examples, and notes in this specification are non-normative. Everything else in this specification is normative.

The key words MAY, MUST, RECOMMENDED, SHALL, and SHOULD in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.

A. References

A.1 Normative references

[CENC]
ISO/IEC 23001-7:2016, Information technology — MPEG systems technologies — Part 7: Common encryption in ISO base media file format files. ISO/IEC. International Standard. URL: https://www.iso.org/obp/ui/#iso:std:iso-iec:23001:-7:ed-3:v1:en
[encrypted-media]
Encrypted Media Extensions. David Dorwin; Jerry Smith; Mark Watson; Adrian Bateman. W3C. 18 September 2017. W3C Recommendation. URL: https://www.w3.org/TR/encrypted-media/
[RFC2119]
Key words for use in RFCs to Indicate Requirement Levels. S. Bradner. IETF. March 1997. Best Current Practice. URL: https://www.rfc-editor.org/rfc/rfc2119
[RFC8174]
Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words. B. Leiba. IETF. May 2017. Best Current Practice. URL: https://www.rfc-editor.org/rfc/rfc8174

A.2 Informative references

[EME-INITDATA-KEYIDS]
"keyids" Initialization Data Format. David Dorwin; Adrian Bateman; Mark Watson. W3C. 15 September 2016. W3C Working Group Note. URL: https://www.w3.org/TR/eme-initdata-keyids/
[EME-STREAM-MP4]
ISO Common Encryption ('cenc') Protection Scheme for ISO Base Media File Format Stream Format. David Dorwin; Adrian Bateman; Mark Watson; Jerry Smith. W3C. 15 September 2016. W3C Working Group Note. URL: https://www.w3.org/TR/eme-stream-mp4/
[EME-STREAM-REGISTRY]
Encrypted Media Extensions Stream Format Registry. David Dorwin; Adrian Bateman; Mark Watson. W3C. 15 September 2016. W3C Working Group Note. URL: https://www.w3.org/TR/eme-stream-registry/
[MPEGDASH]
Information technology — Dynamic adaptive streaming over HTTP (DASH) — Part 1: Media presentation description and segment formats. ISO/IEC. Under development. URL: https://www.iso.org/standard/89027.html