Skip to main content
Skip table of contents

SPEKE V1 - Sample requests and responses

1. Definitions

Secure Packager and Encoder Key Exchange (SPEKE) contains keys and DRM information used for encrypting and protecting a content.

There may be one or several keys and these keys may be protected by one or several DRMs.

1.1. Consumer mode

The packager acquires the content keys and the DRM signalization from the key server, which assumes the responsibility of generating the content keys for the requested key IDs.

In the request, the packager includes the content ID and key ID.

The key server generates the corresponding content key value.

This is the only mode supported by the SPEKE V1 API.

1.2. Key ID override

In a CPIX document, the presence of the key ID is always mandatory, whether it is a request originating from the packager or a response received from the key server.

This means that the packager is responsible for generating the content key identifiers.

By enabling the key id override feature, the key server generates a random key ID and overrides the one and only key ID present in the request.

Additionally, the key server generates the corresponding key value.

For subsequent requests made for the same content, the key server disregards the key ID in the requests and returns the existing key ID along with its associated key value.

The override feature is also extended to the explicit IV, where if an explicitIV is requested for CBCS encryption scheme, the key server overrides it with the default IV and persists it.

The key ID override mechanism applies to key rotation (for a given content and index), key per track, and content key end-to-end encryption scenarios.

2. Supported features

The SPEKE V1 API supports the key rotation and Key ID override features.

2.1. Key rotation

SPEKE V1 does not support start and end dates in the period definition.

Key rotation is only applicable to LIVE content and if key ID override is activated.

3. Supported DRM systems

DRM System

Unique identifier

Microsoft PlayReady

9A04F079-9840-4286-AB92-E65BE0885F95

Apple FairPlay

94ce86fb-07ff-4f43-adb8-93d2fa968ca2

Google Widevine

edef8ba9-79d6-4ace-a3c8-27dcd51d21ed

Nagra PRM / TVkey Cloud

adb41c24-2dbf-4a6d-958b-4457c0d27b95

4. Supported encryption schemes

Encryption schemes

Block cipher mode

Request value

PlayReady Headers version

Remarks

Common Encryption Scheme (CENC)

AES-CTR

cenc

4.0

Not supported for FairPlay DRM.

CBCS

AES-CBC 

cbcs

Not applicable

 Only for FairPlay DRM.

5. Nominal requests

Widevine and PlayReady DRMs with 2 different keys

Request

XML 
<cpix:CPIX id="SPEKE_CONTENT_01" xmlns:cpix="urn:dashif:org:cpix" xmlns:pskc="urn:ietf:params:xml:ns:keyprov:pskc" xmlns:speke="urn:aws:amazon:com:speke">
	<cpix:ContentKeyList>
		<cpix:ContentKey kid="99999900-9000-9900-3434-200000000011"/>
		<cpix:ContentKey kid="99999900-9000-9900-3434-200000000012"/>
	</cpix:ContentKeyList>
	<cpix:DRMSystemList>
		<!-- Common encryption (Widevine)-->
		<cpix:DRMSystem kid="99999900-9000-9900-3434-200000000011" systemId="edef8ba9-79d6-4ace-a3c8-27dcd51d21ed">
			<cpix:PSSH/>
		</cpix:DRMSystem>
		<!-- Common encryption (PlayReady)-->
		<cpix:DRMSystem kid="99999900-9000-9900-3434-200000000012" systemId="9a04f079-9840-4286-ab92-e65be0885f95">
			<speke:ProtectionHeader/>
			<cpix:PSSH/>
		</cpix:DRMSystem>
	</cpix:DRMSystemList>
</cpix:CPIX>

Response

XML 
<cpix:CPIX id="SPEKE_CONTENT_01" xmlns:cpix="urn:dashif:org:cpix" xmlns:pskc="urn:ietf:params:xml:ns:keyprov:pskc" xmlns:speke="urn:aws:amazon:com:speke">
	<cpix:ContentKeyList>
		<cpix:ContentKey explicitIV="AAAAAAAAAAAAAAAAAAAAAA==" kid="99999900-9000-9900-3434-200000000011">
			<cpix:Data>
				<cpix:Secret>
					<pskc:PlainValue>Dl2Yab76++j5jTkD2rAezg==</pskc:PlainValue>
				</cpix:Secret>
			</cpix:Data>
		</cpix:ContentKey>
		<cpix:ContentKey explicitIV="AAAAAAAAAAAAAAAAAAAAAA==" kid="99999900-9000-9900-3434-200000000012">
			<cpix:Data>
				<cpix:Secret>
					<pskc:PlainValue>wuay+eakG6mY0pkzM3f9oQ==</pskc:PlainValue>
				</cpix:Secret>
			</cpix:Data>
		</cpix:ContentKey>
	</cpix:ContentKeyList>
	<cpix:DRMSystemList>
		<cpix:DRMSystem kid="99999900-9000-9900-3434-200000000011" systemId="edef8ba9-79d6-4ace-a3c8-27dcd51d21ed">
			<cpix:PSSH>AAAATXBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAAC0IARIQmZmZAJAAmQA0NCAAAAAAERoFQ29uYXgiEFNQRUtFX0NPTlRFTlRfMDE=</cpix:PSSH>
		</cpix:DRMSystem>
		<cpix:DRMSystem kid="99999900-9000-9900-3434-200000000012" systemId="9a04f079-9840-4286-ab92-e65be0885f95">
			<speke:ProtectionHeader>qAMAAAEAAQCeAzwAVwBSAE0ASABFAEEARABFAFIAIAB4AG0AbABuAHMAPQAiAGgAdAB0AHAAOgAvAC8AcwBjAGgAZQBtAGEAcwAuAG0AaQBjAHIAbwBzAG8AZgB0AC4AYwBvAG0ALwBEAFIATQAvADIAMAAwADcALwAwADMALwBQAGwAYQB5AFIAZQBhAGQAeQBIAGUAYQBkAGUAcgAiACAAdgBlAHIAcwBpAG8AbgA9ACIANAAuADAALgAwAC4AMAAiAD4APABEAEEAVABBAD4APABQAFIATwBUAEUAQwBUAEkATgBGAE8APgA8AEsARQBZAEwARQBOAD4AMQA2ADwALwBLAEUAWQBMAEUATgA+ADwAQQBMAEcASQBEAD4AQQBFAFMAQwBUAFIAPAAvAEEATABHAEkARAA+ADwALwBQAFIATwBUAEUAQwBUAEkATgBGAE8APgA8AEwAQQBfAFUAUgBMAD4AaAB0AHQAcABzADoALwAvAGMAbwBuAG4AZQBjAHQALgBjAG8AbgBhAHgALgBjAG8AbQAvAGwAaQBjAGUAbgBzAGUALwBwAGwAYQB5AHIAZQBhAGQAeQA8AC8ATABBAF8AVQBSAEwAPgA8AEwAVQBJAF8AVQBSAEwAPgBoAHQAdABwAHMAOgAvAC8AYwBvAG4AbgBlAGMAdAAuAGMAbwBuAGEAeAAuAGMAbwBtAC8AbABpAGMAZQBuAHMAZQAvAHAAbABhAHkAcgBlAGEAZAB5ADwALwBMAFUASQBfAFUAUgBMAD4APABLAEkARAA+AEEASgBtAFoAbQBRAEMAUQBBAEoAawAwAE4AQwBBAEEAQQBBAEEAQQBFAGcAPQA9ADwALwBLAEkARAA+ADwAQwBVAFMAVABPAE0AQQBUAFQAUgBJAEIAVQBUAEUAUwAgAHgAbQBsAG4AcwA9ACIAIgA+ADwAQwBvAG4AdABlAG4AdABSAGUAZgA+AFMAUABFAEsARQBfAEMATwBOAFQARQBOAFQAXwAwADEAPAAvAEMAbwBuAHQAZQBuAHQAUgBlAGYAPgA8AC8AQwBVAFMAVABPAE0AQQBUAFQAUgBJAEIAVQBUAEUAUwA+ADwAQwBIAEUAQwBLAFMAVQBNAD4AdwBIAG0ASgBBADMANwBrAGQANQBFAD0APAAvAEMASABFAEMASwBTAFUATQA+ADwALwBEAEEAVABBAD4APAAvAFcAUgBNAEgARQBBAEQARQBSAD4A</speke:ProtectionHeader>
			<cpix:PSSH>AAADyHBzc2gAAAAAmgTweZhAQoarkuZb4IhflQAAA6ioAwAAAQABAJ4DPABXAFIATQBIAEUAQQBEAEUAUgAgAHgAbQBsAG4AcwA9ACIAaAB0AHQAcAA6AC8ALwBzAGMAaABlAG0AYQBzAC4AbQBpAGMAcgBvAHMAbwBmAHQALgBjAG8AbQAvAEQAUgBNAC8AMgAwADAANwAvADAAMwAvAFAAbABhAHkAUgBlAGEAZAB5AEgAZQBhAGQAZQByACIAIAB2AGUAcgBzAGkAbwBuAD0AIgA0AC4AMAAuADAALgAwACIAPgA8AEQAQQBUAEEAPgA8AFAAUgBPAFQARQBDAFQASQBOAEYATwA+ADwASwBFAFkATABFAE4APgAxADYAPAAvAEsARQBZAEwARQBOAD4APABBAEwARwBJAEQAPgBBAEUAUwBDAFQAUgA8AC8AQQBMAEcASQBEAD4APAAvAFAAUgBPAFQARQBDAFQASQBOAEYATwA+ADwATABBAF8AVQBSAEwAPgBoAHQAdABwAHMAOgAvAC8AYwBvAG4AbgBlAGMAdAAuAGMAbwBuAGEAeAAuAGMAbwBtAC8AbABpAGMAZQBuAHMAZQAvAHAAbABhAHkAcgBlAGEAZAB5ADwALwBMAEEAXwBVAFIATAA+ADwATABVAEkAXwBVAFIATAA+AGgAdAB0AHAAcwA6AC8ALwBjAG8AbgBuAGUAYwB0AC4AYwBvAG4AYQB4AC4AYwBvAG0ALwBsAGkAYwBlAG4AcwBlAC8AcABsAGEAeQByAGUAYQBkAHkAPAAvAEwAVQBJAF8AVQBSAEwAPgA8AEsASQBEAD4AQQBKAG0AWgBtAFEAQwBRAEEASgBrADAATgBDAEEAQQBBAEEAQQBBAEUAZwA9AD0APAAvAEsASQBEAD4APABDAFUAUwBUAE8ATQBBAFQAVABSAEkAQgBVAFQARQBTACAAeABtAGwAbgBzAD0AIgAiAD4APABDAG8AbgB0AGUAbgB0AFIAZQBmAD4AUwBQAEUASwBFAF8AQwBPAE4AVABFAE4AVABfADAAMQA8AC8AQwBvAG4AdABlAG4AdABSAGUAZgA+ADwALwBDAFUAUwBUAE8ATQBBAFQAVABSAEkAQgBVAFQARQBTAD4APABDAEgARQBDAEsAUwBVAE0APgB3AEgAbQBKAEEAMwA3AGsAZAA1AEUAPQA8AC8AQwBIAEUAQwBLAFMAVQBNAD4APAAvAEQAQQBUAEEAPgA8AC8AVwBSAE0ASABFAEEARABFAFIAPgA=</cpix:PSSH>
		</cpix:DRMSystem>
	</cpix:DRMSystemList>
	<cpix:ContentKeyUsageRuleList/>
</cpix:CPIX>

6. Key rotation

FairPlay DRM with key rotation

Request

XML 
<cpix:CPIX id="SPEKE_CONTENT_01" xmlns:cpix="urn:dashif:org:cpix" xmlns:pskc="urn:ietf:params:xml:ns:keyprov:pskc" xmlns:speke="urn:aws:amazon:com:speke">
	<cpix:ContentKeyList>
		<cpix:ContentKey kid="99999900-9000-9900-3434-200000000013"/>
	</cpix:ContentKeyList>
	<cpix:DRMSystemList>
		<!-- Common encryption (FairPlay)-->
		<cpix:DRMSystem kid="99999900-9000-9900-3434-200000000013" systemId="94ce86fb-07ff-4f43-adb8-93d2fa968ca2">
			<cpix:PSSH/>
		</cpix:DRMSystem>
	</cpix:DRMSystemList>
	<cpix:ContentKeyPeriodList>
		<cpix:ContentKeyPeriod id="period1" index="1"/>
	</cpix:ContentKeyPeriodList>
	<cpix:ContentKeyUsageRuleList>
		<cpix:ContentKeyUsageRule kid="99999900-9000-9900-3434-200000000013">
			<cpix:KeyPeriodFilter periodId="period1"/>
		</cpix:ContentKeyUsageRule>
	</cpix:ContentKeyUsageRuleList>
</cpix:CPIX>

Response

XML 
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<cpix:CPIX xmlns:cpix="urn:dashif:org:cpix" xmlns:pskc="urn:ietf:params:xml:ns:keyprov:pskc" xmlns:speke="urn:aws:amazon:com:speke" id="SPEKE_CONTENT_01">
    <cpix:ContentKeyList>
        <cpix:ContentKey explicitIV="AAAAAAAAAAAAAAAAAAAAAA==" kid="99999900-9000-9900-3434-200000000013">
            <cpix:Data>
                <cpix:Secret>
                    <pskc:PlainValue>aJW/pX/XsysoB5NjjBDSrg==</pskc:PlainValue>
                </cpix:Secret>
            </cpix:Data>
        </cpix:ContentKey>
    </cpix:ContentKeyList>
    <cpix:DRMSystemList>
        <cpix:DRMSystem kid="99999900-9000-9900-3434-200000000013" systemId="94ce86fb-07ff-4f43-adb8-93d2fa968ca2">
            <cpix:URIExtXKey>c2tkOi8vZXlKRGIyNTBaVzUwU1dRaU9pSlRVRVZMUlY5RFQwNVVSVTVVWHpBeUlpd2lTMlY1U1dRaU9pSTVPVGs1T1Rrd01DMDVNREF3TFRrNU1EQXRNelF6TkMweU1EQXdNREF3TURBd01UTWlMQ0pKVmlJNklrRkJRVUZCUVVGQlFVRkJRVUZCUVVGQlFVRkJRVUU5UFNKOQ==</cpix:URIExtXKey>
            <speke:KeyFormat>Y29tLmFwcGxlLnN0cmVhbWluZ2tleWRlbGl2ZXJ5</speke:KeyFormat>
            <speke:KeyFormatVersion>MQ==</speke:KeyFormatVersion>
        </cpix:DRMSystem>
    </cpix:DRMSystemList>
    <cpix:ContentKeyPeriodList>
        <cpix:ContentKeyPeriod id="period1" index="1"/>
    </cpix:ContentKeyPeriodList>
    <cpix:ContentKeyUsageRuleList>
        <cpix:ContentKeyUsageRule kid="99999900-9000-9900-3434-200000000013">
            <cpix:KeyPeriodFilter periodId="period1"/>
        </cpix:ContentKeyUsageRule>
    </cpix:ContentKeyUsageRuleList>
</cpix:CPIX>

7. Key ID Override

7.1. Nominal

Request

XML 
<cpix:CPIX id="SPEKEV1_OVERRIDE_01" xmlns:cpix="urn:dashif:org:cpix" xmlns:pskc="urn:ietf:params:xml:ns:keyprov:pskc" xmlns:speke="urn:aws:amazon:com:speke">
   <cpix:ContentKeyList>
      <cpix:ContentKey kid="99999900-9000-9900-3434-200000000012" explicitIV= "OFj2IjCsPJFfMAxmQxLGPw=="/>
   </cpix:ContentKeyList>
   <cpix:DRMSystemList>
      <cpix:DRMSystem kid="99999900-9000-9900-3434-200000000012" systemId="edef8ba9-79d6-4ace-a3c8-27dcd51d21ed">
         <speke:ProtectionHeader/>
         <cpix:PSSH/>
      </cpix:DRMSystem>
   </cpix:DRMSystemList>
</cpix:CPIX>

Response

XML 
<cpix:CPIX id="SPEKEV1_OVERRIDE_01" xmlns:cpix="urn:dashif:org:cpix" xmlns:pskc="urn:ietf:params:xml:ns:keyprov:pskc" xmlns:speke="urn:aws:amazon:com:speke">
   <cpix:ContentKeyList>
      <cpix:ContentKey kid="6c3914f7-1f51-4c1d-9a49-defa590f18aa">
         <cpix:Data>
            <cpix:Secret>
               <pskc:PlainValue>WZl1tSeWeIm4hwVdgaq6Vw==</pskc:PlainValue>
            </cpix:Secret>
         </cpix:Data>
      </cpix:ContentKey>
   </cpix:ContentKeyList>
   <cpix:DRMSystemList>
      <cpix:DRMSystem kid="6c3914f7-1f51-4c1d-9a49-defa590f18aa" systemId="edef8ba9-79d6-4ace-a3c8-27dcd51d21ed">
         <cpix:PSSH>AAAAUHBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAADAIARIQbDkU9x9RTB2aSd76WQ8YqhoFQ29uYXgiE1NQRUtFVjFfT1ZFUlJJREVfMDE=</cpix:PSSH>
      </cpix:DRMSystem>
   </cpix:DRMSystemList>
   <cpix:ContentKeyUsageRuleList/>
</cpix:CPIX>

7.2. Key rotation

Widevine request with period index
Request

XML 
<cpix:CPIX id="SPEKE_OVERRIDE_KR" xmlns:cpix="urn:dashif:org:cpix" xmlns:pskc="urn:ietf:params:xml:ns:keyprov:pskc" xmlns:speke="urn:aws:amazon:com:speke">
   <cpix:ContentKeyList>
      <cpix:ContentKey kid="99999900-9000-9900-3434-200000000013"/>
   </cpix:ContentKeyList>
   <cpix:DRMSystemList>
      <cpix:DRMSystem kid="99999900-9000-9900-3434-200000000013" systemId="edef8ba9-79d6-4ace-a3c8-27dcd51d21ed">
         <cpix:PSSH/>
      </cpix:DRMSystem>
   </cpix:DRMSystemList>
   <cpix:ContentKeyPeriodList>
      <cpix:ContentKeyPeriod id="period1" index="1"/>
   </cpix:ContentKeyPeriodList>
   <cpix:ContentKeyUsageRuleList>
      <cpix:ContentKeyUsageRule kid="99999900-9000-9900-3434-200000000013">
         <cpix:KeyPeriodFilter periodId="period1"/>
      </cpix:ContentKeyUsageRule>
   </cpix:ContentKeyUsageRuleList>
</cpix:CPIX>

Response

XML 
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<cpix:CPIX xmlns:cpix="urn:dashif:org:cpix" xmlns:pskc="urn:ietf:params:xml:ns:keyprov:pskc" xmlns:speke="urn:aws:amazon:com:speke" id="SPEKE_OVERRIDE_KR">
    <cpix:ContentKeyList>
        <cpix:ContentKey kid="e004de3b-0641-41b5-94e1-7a4ccec8eb97">
            <cpix:Data>
                <cpix:Secret>
                    <pskc:PlainValue>iYgGy19A2RfykivcbyvUzA==</pskc:PlainValue>
                </cpix:Secret>
            </cpix:Data>
        </cpix:ContentKey>
    </cpix:ContentKeyList>
    <cpix:DRMSystemList>
        <cpix:DRMSystem kid="e004de3b-0641-41b5-94e1-7a4ccec8eb97" systemId="edef8ba9-79d6-4ace-a3c8-27dcd51d21ed">
            <cpix:PSSH>AAAAUHBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAADAIARIQ4ATeOwZBQbWU4XpMzsjrlxoFQ29uYXgiEVNQRUtFX09WRVJSSURFX0tSOAE=</cpix:PSSH>
        </cpix:DRMSystem>
    </cpix:DRMSystemList>
    <cpix:ContentKeyPeriodList>
        <cpix:ContentKeyPeriod id="period1" index="1"/>
    </cpix:ContentKeyPeriodList>
    <cpix:ContentKeyUsageRuleList>
        <cpix:ContentKeyUsageRule kid="e004de3b-0641-41b5-94e1-7a4ccec8eb97">
            <cpix:KeyPeriodFilter periodId="period1"/>
        </cpix:ContentKeyUsageRule>
    </cpix:ContentKeyUsageRuleList>
</cpix:CPIX>
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close