public function testBulkIngestEncryptedAsset()
{
// Setup
$asset = new Asset(Asset::OPTIONS_STORAGE_ENCRYPTED);
$asset->setName(TestResources::MEDIA_SERVICES_ASSET_NAME . $this->createSuffix());
$asset = $this->createAsset($asset);
$aesKey = Utilities::generateCryptoKey(32);
$protectionKeyId = $this->restProxy->getProtectionKeyId(ProtectionKeyTypes::X509_CERTIFICATE_THUMBPRINT);
$protectionKey = $this->restProxy->getProtectionKey($protectionKeyId);
$contentKey = new ContentKey();
$contentKey->setContentKey($aesKey, $protectionKey);
$contentKey->setProtectionKeyId($protectionKeyId);
$contentKey->setProtectionKeyType(ProtectionKeyTypes::X509_CERTIFICATE_THUMBPRINT);
$contentKey->setContentKeyType(ContentKeyTypes::STORAGE_ENCRYPTION);
$contentKey = $this->createContentKey($contentKey);
$this->restProxy->linkContentKeyToAsset($asset, $contentKey);
$fileName = TestResources::MEDIA_SERVICES_DUMMY_FILE_NAME;
$otherFileName = TestResources::MEDIA_SERVICES_DUMMY_FILE_NAME_1;
$manifest = new IngestManifest();
$manifest->setName('IngestManifest' . $this->createSuffix());
$manifest = $this->createIngestManifest($manifest);
$manifestAsset = new IngestManifestAsset($manifest->getId());
$manifestAsset = $this->createIngestManifestAsset($manifestAsset, $asset);
$manifestFile1 = new IngestManifestFile($fileName, $manifest->getId(), $manifestAsset->getId());
$manifestFile2 = new IngestManifestFile($otherFileName, $manifest->getId(), $manifestAsset->getId());
$initializationVector1 = base64_encode(Utilities::generateCryptoKey(8));
$initializationVector2 = base64_encode(Utilities::generateCryptoKey(8));
$manifestFile1->setIsEncrypted(true);
$manifestFile1->setEncryptionKeyId($contentKey->getId());
$manifestFile1->setEncryptionScheme(EncryptionSchemes::STORAGE_ENCRYPTION);
$manifestFile1->setEncryptionVersion(Resources::MEDIA_SERVICES_ENCRYPTION_VERSION);
$manifestFile1->setInitializationVector($initializationVector1);
$manifestFile2->setIsEncrypted(true);
$manifestFile2->setEncryptionKeyId($contentKey->getId());
$manifestFile2->setEncryptionScheme(EncryptionSchemes::STORAGE_ENCRYPTION);
$manifestFile2->setEncryptionVersion(Resources::MEDIA_SERVICES_ENCRYPTION_VERSION);
$manifestFile2->setInitializationVector($initializationVector2);
$manifestFile1 = $this->createIngestManifestFile($manifestFile1);
$manifestFile2 = $this->createIngestManifestFile($manifestFile2);
$initialStat = $this->restProxy->getIngestManifest($manifest);
$blobUrl = $manifest->getBlobStorageUriForUpload();
$blobUrlParts = explode('/', $blobUrl);
$blob = array_pop($blobUrlParts);
$blobRestProxy = $this->builder->createBlobService($this->connectionString);
$blobRestProxy->createBlockBlob($blob, $fileName, TestResources::MEDIA_SERVICES_DUMMY_FILE_CONTENT);
$this->waitIngestManifestFinishedFiles($manifest, 1);
$finishedFirstStat = $this->restProxy->getIngestManifest($manifest);
$blobRestProxy->createBlockBlob($blob, $otherFileName, TestResources::MEDIA_SERVICES_DUMMY_FILE_CONTENT_1);
$this->waitIngestManifestFinishedFiles($manifest, 2);
$finishedSecondStat = $this->restProxy->getIngestManifest($manifest);
// Test
// Assert
$contentKeysFromAsset = $this->restProxy->getAssetContentKeys($asset);
$assetFiles = $this->restProxy->getAssetAssetFileList($asset);
$this->assertEquals(0, $initialStat->getStatistics()->getFinishedFilesCount());
$this->assertEquals(1, $finishedFirstStat->getStatistics()->getFinishedFilesCount());
$this->assertEquals(2, $finishedSecondStat->getStatistics()->getFinishedFilesCount());
$this->assertEquals($contentKey->getId(), $contentKeysFromAsset[0]->getId());
$this->assertEquals($contentKey->getId(), $manifestFile1->getEncryptionKeyId());
$this->assertEquals('true', $manifestFile1->getIsEncrypted());
$this->assertEquals(EncryptionSchemes::STORAGE_ENCRYPTION, $manifestFile1->getEncryptionScheme());
$this->assertEquals($initializationVector1, $manifestFile1->getInitializationVector());
$this->assertEquals(Resources::MEDIA_SERVICES_ENCRYPTION_VERSION, $manifestFile1->getEncryptionVersion());
$this->assertEquals($contentKey->getId(), $manifestFile2->getEncryptionKeyId());
$this->assertEquals('true', $manifestFile2->getIsEncrypted());
$this->assertEquals(EncryptionSchemes::STORAGE_ENCRYPTION, $manifestFile2->getEncryptionScheme());
$this->assertEquals($initializationVector2, $manifestFile2->getInitializationVector());
$this->assertEquals(Resources::MEDIA_SERVICES_ENCRYPTION_VERSION, $manifestFile2->getEncryptionVersion());
// Files order is not static, so we don't know the index of each file and need to serve them as a set
$resultFileNames = array($assetFiles[0]->getName(), $assetFiles[1]->getName());
$this->assertContains($otherFileName, $resultFileNames);
$this->assertEquals($asset->getId(), $assetFiles[0]->getParentAssetId());
$this->assertContains($fileName, $resultFileNames);
$this->assertEquals($asset->getId(), $assetFiles[1]->getParentAssetId());
}
/**
* @covers WindowsAzure\MediaServices\MediaServicesRestProxy::removeContentKeyFromAsset
*/
public function testRemoveContentKeyFromAsset()
{
// Setup
$aesKey = Utilities::generateCryptoKey(32);
$protectionKeyId = $this->restProxy->getProtectionKeyId(ContentKeyTypes::COMMON_ENCRYPTION);
$protectionKey = $this->restProxy->getProtectionKey($protectionKeyId);
$contentKey = new ContentKey();
$contentKey->setContentKey($aesKey, $protectionKey);
$contentKey->setProtectionKeyId($protectionKeyId);
$contentKey->setProtectionKeyType(ProtectionKeyTypes::X509_CERTIFICATE_THUMBPRINT);
$contentKey->setContentKeyType(ContentKeyTypes::COMMON_ENCRYPTION);
$contentKey = $this->createContentKey($contentKey);
$asset = new Asset(Asset::OPTIONS_COMMON_ENCRYPTION_PROTECTED);
$asset->setName(TestResources::MEDIA_SERVICES_ASSET_NAME . $this->createSuffix());
$asset = $this->createAsset($asset);
$this->restProxy->linkContentKeyToAsset($asset, $contentKey);
// Test
$this->restProxy->removeContentKeyFromAsset($asset, $contentKey);
// Assert
$contentKeyFromAsset = $this->restProxy->getAssetContentKeys($asset);
$this->assertEmpty($contentKeyFromAsset);
}
function createFairPlayPfxPasswordTypeContentKey($restProxy, $fairPlayPfxPassword)
{
// 3.1 Get the protection key id for ContentKey
$protectionKeyId = $restProxy->getProtectionKeyId(ContentKeyTypes::FAIRPLAY_PFXPASSWORD);
$protectionKey = $restProxy->getProtectionKey($protectionKeyId);
// 3.2 Prepare the content key
$contentKey = new ContentKey();
$contentKey->setContentKey($fairPlayPfxPassword, $protectionKey, TRUE);
$contentKey->setProtectionKeyId($protectionKeyId);
$contentKey->setProtectionKeyType(ProtectionKeyTypes::X509_CERTIFICATE_THUMBPRINT);
$contentKey->setContentKeyType(ContentKeyTypes::FAIRPLAY_PFXPASSWORD);
// 3.3 Create the ContentKey
$contentKey = $restProxy->createContentKey($contentKey);
echo "FairPlay PFX Password Content Key id={$contentKey->getId()}" . PHP_EOL;
return $contentKey;
}
function createEnvelopeTypeContentKey($restProxy, $encodedAsset)
{
// 3.1 Generate a new key
$aesKey = Utilities::generateCryptoKey(16);
// 3.2 Get the protection key id for ContentKey
$protectionKeyId = $restProxy->getProtectionKeyId(ContentKeyTypes::ENVELOPE_ENCRYPTION);
$protectionKey = $restProxy->getProtectionKey($protectionKeyId);
$contentKey = new ContentKey();
$contentKey->setContentKey($aesKey, $protectionKey);
$contentKey->setProtectionKeyId($protectionKeyId);
$contentKey->setProtectionKeyType(ProtectionKeyTypes::X509_CERTIFICATE_THUMBPRINT);
$contentKey->setContentKeyType(ContentKeyTypes::ENVELOPE_ENCRYPTION);
// 3.3 Create the ContentKey
$contentKey = $restProxy->createContentKey($contentKey);
print "Content Key id={$contentKey->getId()}\r\n";
// 3.4 Associate the ContentKey with the Asset
$restProxy->linkContentKeyToAsset($encodedAsset, $contentKey);
return $contentKey;
}
}
print "Job Finished!\r\n";
// 2.4 Get output asset
$outputAssets = $restProxy->getJobOutputMediaAssets($job);
$encodedAsset = $outputAssets[0];
print "Encoded Asset name={$encodedAsset->getName()} id={$encodedAsset->getId()}\r\n";
// Phase 3 - Create Content Key
// 3.1 Generate a new key
$aesKey = Utilities::generateCryptoKey(16);
// 3.2 Get the protection key id for ContentKey
$protectionKeyId = $restProxy->getProtectionKeyId(ContentKeyTypes::ENVELOPE_ENCRYPTION);
$protectionKey = $restProxy->getProtectionKey($protectionKeyId);
$contentKey = new ContentKey();
$contentKey->setContentKey($aesKey, $protectionKey);
$contentKey->setProtectionKeyId($protectionKeyId);
$contentKey->setProtectionKeyType(ProtectionKeyTypes::X509_CERTIFICATE_THUMBPRINT);
$contentKey->setContentKeyType(ContentKeyTypes::ENVELOPE_ENCRYPTION);
// 3.3 Create the ContentKey
$contentKey = $restProxy->createContentKey($contentKey);
print "Content Key id={$contentKey->getId()}\r\n";
// 3.4 Associate the ContentKey with the Asset
$restProxy->linkContentKeyToAsset($encodedAsset, $contentKey);
// Phase 4 - Create the ContentKey Authorization Policy
// 4.1 Create ContentKeyAuthorizationPolicyRestriction (Open)
$restriction = new ContentKeyAuthorizationPolicyRestriction();
$restriction->setName('ContentKey Authorization Policy Restriction');
$restriction->setKeyRestrictionType(ContentKeyRestrictionType::OPEN);
// 4.2 Create ContentKeyAuthorizationPolicyOption (AES)
$option = new ContentKeyAuthorizationPolicyOption();
$option->setName('ContentKey Authorization Policy Option');
$option->setKeyDeliveryType(ContentKeyDeliveryType::BASELINE_HTTP);
/**
* @covers WindowsAzure\MediaServices\Models\ContentKey::getProtectionKeyType
* @covers WindowsAzure\MediaServices\Models\ContentKey::setProtectionKeyType
*/
public function testGetSetProtectionKeyType()
{
// Setup
$contentKey = new ContentKey();
$protectionKeyType = ProtectionKeyTypes::X509_CERTIFICATE_THUMBPRINT;
// Test
$contentKey->setProtectionKeyType($protectionKeyType);
$result = $contentKey->getProtectionKeyType();
// Assert
$this->assertEquals($protectionKeyType, $result);
}