Task Preset for Windows Azure Media Encryptor
When you run Windows Azure Media Services processing tasks such as encoding and encryption, you can use task preset files to store configuration settings for the tasks. This topic contains the content of a task configuration file for encrypting on-demand Smooth Streams for use by Microsoft PlayReady. For more information on creating Windows Azure Media Encryptor tasks, see Process Assets with the Media Services SDK for .NET.
In the PlayReady Protection task, Microsoft Smooth Streaming files (.ismv, .isma) are encrypted per the MPEG Common Encryption (CENC) specification (ISO 23001-7:2011) for use by Microsoft PlayReady and the client manifest is updated for use by Smooth Streaming clients.
Windows Azure Media Encryptor Preset
The following configuration xml encrypts on-demand Smooth Streams for use by Microsoft PlayReady and updates the client manifest used by Silverlight clients. Copy the following configuration xml and use it to create a file named MediaEncryptor_PlayReadyProtection.xml on your local computer. Then update the configuration file with the required settings. The configuration file must conform to the syntax rules of a well formed xml file.
 Note |
|---|
| If you do not currently have a PlayReady server to use, you can get settings for testing from the Microsoft PlayReady Test Server site. On the PlayReady test site, there is also a Silverlight client player that you can use to play back media content that you encrypt with PlayReady protection. |
To make the sample configuration file work with a task, provide the following values:
-
A
licenseAcquisitionUrlvalue. Use the license URL of your PlayReady server. -
A
keyIdvalue and acontentKeyvalue. ThekeyIdvalue can be a randomly generated guid (you can generate a guid for akeyIdin code, or by using tools in Visual Studio or Microsoft Expression 4.0). A PlayReady server license provides you with an SDK and a code sample showing how to use akeyIdand a fixed key seed value to generate acontentKeyvalue. After you have thekeyIdand an associatedcontentKey, add both to the configuration file.
Caution As an alternative to using a keyIdand acontentKey, you can add akeySeedValuedirectly in the configuration file. AkeySeedValueis provided with a PlayReady server license, or for testing you can obtain a default value on the PlayReady test site. However, using akeySeedValuein a task configuration file is not recommended for production applications. Because the key seed is used to generate content keys for your PlayReady protected content, there is a security risk involved with storing it in configuration. For production PlayReady applications, the recommended practice is to use akeyIdwith a generatedcontentKey.
<taskDefinition xmlns="http://schemas.microsoft.com/iis/media/v4/TM/TaskDefinition#">
<name>PlayReady Protection</name>
<id>9A3BFEAC-F8AE-41CA-87FA-D639E4D1C753</id>
<description xml:lang="en" />
<properties namespace="http://schemas.microsoft.com/iis/media/v4/SharedData#" prefix="sd">
<property name="contentKey" value="" />
<property name="customAttributes" value="" />
<property name="dataFormats" value="h264, avc1, mp4a, vc1, wma, owma, ovc1, aacl, aach, ac-3, ec-3, mlpa, dtsc, dtsh, dtsl, dtse" />
<property name="keyId" value="" />
<property name="keySeedValue" value="XVBovsmzhP9gRIZxWfFta3VVRPzVEWmJsazEJ46I" />
<property name="licenseAcquisitionUrl" value="https://play-lic.cimcontent.net/playready/RightsManager.asmx" />
<property name="useSencBox" value="true" />
<property name="serviceId" value="" />
</properties>
<inputFolder/>
<outputFolder>Protected</outputFolder>
<taskCode>
<type>Microsoft.Web.Media.TransformManager.DigitalRightsManagementTask, Microsoft.Web.Media.TransformManager.DigitalRightsManagement, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35</type>
</taskCode>
</taskDefinition>
The following table explains the properties of the Windows Azure Media Encryptor xml:
| Name | Required | Description |
|---|---|---|
|
contentKey |
false |
A base64-encoded 16-byte value, which is produced by the key seed in conjunction with the key ID and is used to encrypt content. You must enter a content key value if no key seed value is specified. |
|
customAttributes |
false |
A comma-delimited list of name:value pairs (in the form name1:value1,name2:value2,name3:value3) to be included in the CUSTOMATTRIBUTES section of the WRM header. The WRM header is XML metadata added to encrypted content and included in the client manifest. It is also included in license challenges made to license servers. |
|
dataFormats |
false |
A comma-delimited list of four-character codes (FourCCs) that specify the data formats to be encrypted. If no value is specified, all data formats are encrypted. |
|
keyId |
false |
A globally unique identifier (GUID) that uniquely identifies content for the purposes of licensing. Each presentation should use a unique value. If no value is specified, a random value is used. |
|
keySeedValue |
false |
A base64-encoded 30-byte value, which is used in conjunction with the key ID to create the content key. Typically, one key seed is used with many key IDs to protect multiple files or sets of files; for example, all files issued by a license server or perhaps all files by a particular artist. Key seeds are stored on license servers. |
|
licenseAcquisitionUrl |
true |
The Web page address on a license server from which clients can obtain a license to play the encrypted content. |
|
useSencBox |
false |
Use a 'senc' box to hold encryption metadata instead of a Protected Interoperable File Format (PIFF) 1.1 'uuid' box. |
|
serviceId |
false |
The service ID to include in the PlayReady header that is added to each file and in the client manifest (.ismc). This value must be a globally unique identifier (GUID) in Little Endian string form (like this 237A4EB1-9D01-4F4A-A2D2-79E51468014D) |
See Also
Build Date:
