FairPlay Streaming Programming Guide!
Table of Contents
Apple FairPlay Streaming (FPS) securely delivers keys to Apple mobile devices, Apple TV, and Safari on macOS and iOS, which will enable playback of encrypted video content. This content is delivered over the Web using HTTP Live Streaming (HLS) technology. FPS protects the delivery of keys that decrypt streamed audio and video media. An Apple device or computer can securely acquire a key from a content provider's key server. The operating system uses the key to decrypt the media before playback. FPS key delivery offers the following features:
- AES 128-bit content keys are generated by the key server.
- Every key is known only to the key server and to the Apple device.
- When playback is stopped, the key for the iOS device, Apple TV, or Safari on macOS and iOS is permanently discarded from memory.
- The key server can specify the duration of the key's validity for iOS and Apple TV.
- MPEG-2 file formats are supported for protection.
- Manifest URL of the HLS stream.
- Fairplay Application certificate of the content provider.
- Content Identifier.
- Key Server Module or DRM server URL
Now, getting down to how exactly it works on the media player because we need to have a clear understanding of this process.
So, breaking it in steps
- The app asks the the native player to play specific content identified by a URL, here we give the manifest URL to the AVPlayer.
https://videodrmmediaservice-euwe.streaming.media.azure.net/3eb925e7-04fa-4a02-8d3m-2b0d9a864keb/test.ism/manifest(format=m3u8-aapl,encryption=cbcs-aapl)
- The player accesses the content and checks its playlist.
- An attribute in the playlist identifies the content as encrypted by a content key obtainable through FPS.
- The iOS informs the app that the content is encrypted using FPS, (here an implemented AVAssetResourceLoaderDelegate protocol method will be invoked in application code)
- The app asks the iOS to prepare an FPS message that requests the content key.
- The iOS delivers an encrypted Server Playback Context (SPC) message to the app.
- The app sends the SPC to a key server that contains a KSM.
- The KSM decrypts the SPC and gets the requested content key from the key server.
- The KSM wraps the content key inside an encrypted content key context (CKC) message, which it sends to the app.
- The app delivers the CKC to FPS software integrated in the operating system. The CKC is used to decrypt the media content and plays the content.
Distributed under the MIT License.
Mostafa Shuman - @twitter - mostafa.shuman@hotmail.com