This file is raw output from pdftotext and may not be ideal for distribution. If you are a maintainer for Hackipedia, please sit down when you have time and clean this text version up. Source PDF: /mnt/fw-js/docs/Digital Rights Management/Content protection schemes/AACS/AACS_Spec_BD_Prerecorded_Final_0.951.pdf Like all conversions the text below should be fully readable as UTF-8 unicode text. --------------------------------------------------------------- Advanced Access Content System (AACS) Blu-ray Disc Pre-recorded Book Intel Corporation International Business Machines Corporation Microsoft Corporation Panasonic Corporation Sony Corporation Toshiba Corporation The Walt Disney Company Warner Bros. Revision 0.951 Final January 12, 2010 Advanced Access Content System: Blu-ray Disc Pre-recorded Book This page is intentionally left blank. Page ii Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Preface Notice THIS DOCUMENT IS PROVIDED "AS IS" WITH NO WARRANTIES WHATSOEVER, INCLUDING ANY WARRANTY OF MERCHANTABILITY, NONINFRINGEMENT, FITNESS FOR ANY PARTICULAR PURPOSE, OR ANY WARRANTY OTHERWISE ARISING OUT OF ANY PROPOSAL, SPECIFICATION OR SAMPLE. Intel Corporation, International Business Machines Corporation, Microsoft Corporation, Panasonic Corporation, Sony Corporation, Toshiba Corporation, The Walt Disney Company and Warner Bros. disclaim all liability, including liability for infringement of any proprietary rights, relating to use of information in this specification. No license, express or implied, by estoppel or otherwise, to any intellectual property rights are granted herein. This document is subject to change under applicable license provisions. Copyright © 2005-2009 by Intel Corporation, International Business Machines Corporation, Microsoft Corporation, Panasonic Corporation, Sony Corporation, Toshiba Corporation, The Walt Disney Company and Warner Bros. Third-party brands and names are the property of their respective owners. Intellectual Property Implementation of this specification requires a license from AACS LA LLC. Contact Information Please address inquiries, feedback, and licensing requests to AACS LA LLC: • Licensing inquiries and requests should be addressed to licensing@aacsla.com. • Feedback on this specification should be addressed to comment@aacsla.com. The URL for the AACS LA LLC web site is http://www.aacsla.com. Final Revision 0.951RC Page iii Advanced Access Content System: Blu-ray Disc Pre-recorded Book This page is intentionally left blank. Page iv Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Table of Contents Notice ........................................................................................................................................................ iii Intellectual Property................................................................................................................................ iii Contact Information................................................................................................................................ iii CHAPTER 1 INTRODUCTION .............................................................................1 1.1 Purpose and Scope.........................................................................................................................1 1.2 Overview.........................................................................................................................................1 1.3 Organization of this Document.....................................................................................................1 1.4 Reference ........................................................................................................................................2 1.5 Document History..........................................................................................................................2 1.6 Notation ..........................................................................................................................................2 1.7 Terminology ...................................................................................................................................2 1.8 Abbreviation and Acronyms.........................................................................................................3 1.9 About Blu-ray Disc Read-Only Media and ROM-Mark............................................................3 CHAPTER 2 DETAILS FOR CONTENT REVOCATION ......................................5 2. INTRODUCTION..........................................................................................5 2.1 Content Certificate ........................................................................................................................5 2.2 Content Revocation List................................................................................................................7 2.3 Content Hash Table.......................................................................................................................8 2.3.1 Data Structure for Content Hash Table....................................................................................8 2.3.2 Hash Calculation....................................................................................................................10 2.3.2.1 Clip AV stream ..................................................................................................................10 2.3.2.2 Usage Rule.........................................................................................................................11 2.3.2.3 Managed Copy Manifest File.............................................................................................11 2.3.2.4 BD-J Root Certificate ........................................................................................................11 2.3.3 Verifying Content Certificate ................................................................................................11 2.3.3.1 Clip AV stream ..................................................................................................................11 2.3.3.2 Usage Rule.........................................................................................................................12 2.3.3.3 Managed Copy Manifest File.............................................................................................12 2.3.3.4 BD-J Root Certificate ........................................................................................................12 Final Revision 0.951RC Page v Advanced Access Content System: Blu-ray Disc Pre-recorded Book CHAPTER 3 DETAILS FOR CONTENT ENCRYPTION AND DECRYPTION ...13 3. INTRODUCTION........................................................................................13 3.1 Media Key Block..........................................................................................................................13 3.2 Control Data Zone of BD9 Media ..............................................................................................13 3.3 Volume Identifier.........................................................................................................................14 3.3.1 CPS_Sector ............................................................................................................................14 3.4 Partial Media Key Block for Host Revocation List ..................................................................15 3.4.1 Partial Media Key Block for Host Revocation List for BD25 Media ....................................16 3.4.2 Partial Media Key Block for Host Revocation List for BD9 Media ......................................17 3.5 CPR_MAI in Content Provider Information Sectors of BD9 Media ......................................17 3.6 Pre-recorded Media Serial Number...........................................................................................18 3.7 Bus Encryption Flag....................................................................................................................19 3.7.1 Encryption Scheme ................................................................................................................20 3.8 Key Conversion Data...................................................................................................................21 3.9 CPS Unit Key File and CPS Usage File .....................................................................................22 3.9.1 Application Format Structure ................................................................................................22 3.9.1.1 Clip ....................................................................................................................................22 3.9.1.2 PlayList ..............................................................................................................................23 3.9.1.3 Movie Object .....................................................................................................................23 3.9.1.4 BD-J Object .......................................................................................................................23 3.9.1.5 Index Table ........................................................................................................................23 3.9.1.6 First Playback ....................................................................................................................23 3.9.1.7 Top Menu...........................................................................................................................23 3.9.1.8 Title....................................................................................................................................23 3.9.2 CPS Unit ................................................................................................................................24 3.9.3 CPS Unit Key File (Unit_Key_RO.inf) .................................................................................27 3.9.4 CPS Unit Usage File (CPSUnitXXXXX.cci) ........................................................................30 3.9.4.1 CCI_and_other_info( ).......................................................................................................32 3.9.4.2 Basic CCI for AACS..........................................................................................................34 3.9.4.3 Enhanced Title Usage for AACS .......................................................................................37 3.9.4.4 Key Management Information for On-line Function .........................................................39 3.9.4.5 Content Owner Authorized Outputs Information ..............................................................41 3.10 Encrypted Packs ..........................................................................................................................41 3.10.1 Encryption Scheme ................................................................................................................41 3.10.2 Copy Permission Indicator.....................................................................................................42 3.11 Embedded CCI in AV Content...................................................................................................43 3.11.1 private_data_byte...................................................................................................................44 Page vi Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book CHAPTER 4 DETAILS FOR USES OF ON-LINE CONNECTIONS ...................47 4. INTRODUCTION........................................................................................47 4.1 Virtual File System ......................................................................................................................47 4.1.1 AACS Files for VFS ..............................................................................................................50 4.2 System Model ...............................................................................................................................51 4.3 Connection Protocol between Remote Server and BD-J Application .....................................51 4.4 APIs between AACS Layer and BD-J Application...................................................................52 4.4.1 Package com.aacsla.bluray.online .........................................................................................52 4.4.1.1 Class Summary ..................................................................................................................52 4.4.1.2 Class MediaAttribute .........................................................................................................52 4.4.1.2.1 Constructors.................................................................................................................53 4.4.1.2.2 Methods .......................................................................................................................53 4.4.1.3 Class DeviceAttribute ........................................................................................................53 4.4.1.3.1 Constructors.................................................................................................................54 4.4.1.3.2 Methods .......................................................................................................................54 4.4.1.4 Class ContentAttribute.......................................................................................................54 4.4.1.4.1 Constructors.................................................................................................................54 4.4.1.4.2 Methods .......................................................................................................................54 4.4.1.5 Class EnablePermission .....................................................................................................55 4.4.1.5.1 Constructors.................................................................................................................55 4.4.1.5.2 Methods .......................................................................................................................55 4.5 AACS Media Binding..................................................................................................................59 4.6 Example for the content use with network transaction............................................................60 4.6.1 Download additional Content ................................................................................................60 4.6.2 Download updated Usage Rule..............................................................................................63 4.6.3 Download CPS Unit Key.......................................................................................................66 4.6.4 Download Permission ............................................................................................................69 CHAPTER 5 MANAGED COPY OF PRE-RECORDED CONTENT ...................73 5. INTRODUCTION........................................................................................73 5.1 System Model ...............................................................................................................................73 5.2 APIs between Managed Copy Machine and BD-J Application ...............................................77 5.2.1 Package com.aacsla.bluray.mc ..............................................................................................77 5.2.1.1 Interface Summary.............................................................................................................77 5.2.1.2 Interface MCEventListener................................................................................................77 5.2.1.2.1 Methods .......................................................................................................................77 5.2.1.3 Interface MCOT.................................................................................................................77 5.2.1.3.1 Methods .......................................................................................................................78 5.2.1.4 Interface MCProgress ........................................................................................................78 5.2.1.4.1 Fields ...........................................................................................................................78 5.2.1.4.2 Methods .......................................................................................................................79 5.2.1.5 Class Summary ..................................................................................................................79 5.2.1.6 Class ManagedCopy ..........................................................................................................80 Final Revision 0.951RC Page vii Advanced Access Content System: Blu-ray Disc Pre-recorded Book 5.2.1.6.1 Fields ...........................................................................................................................81 5.2.1.6.2 Constructors.................................................................................................................81 5.2.1.6.3 Methods .......................................................................................................................81 5.2.1.7 Class MCCancelEvent .......................................................................................................91 5.2.1.7.1 Constructors.................................................................................................................91 5.2.1.8 Class CompleteTransactionEvent ......................................................................................92 5.2.1.8.1 Constructors.................................................................................................................92 5.2.1.9 Class MCCompleteEvent...................................................................................................92 5.2.1.9.1 Constructors.................................................................................................................93 5.2.1.10 Class MCErrorEvent..........................................................................................................93 5.2.1.10.1 Constructors.................................................................................................................93 5.2.1.11 Class MCEvent ..................................................................................................................93 5.2.1.11.1 Constructors.................................................................................................................94 5.2.1.12 Class MCMAvailableEvent ...............................................................................................94 5.2.1.12.1 Constructors.................................................................................................................94 5.2.1.13 Class MCStartEvent...........................................................................................................94 5.2.1.13.1 Constructors.................................................................................................................95 5.2.1.14 Class MCStopEvent...........................................................................................................95 5.2.1.14.1 Constructors.................................................................................................................95 5.2.1.15 Exception Summary...........................................................................................................96 5.2.1.16 Class MCException ...........................................................................................................96 5.2.1.16.1 Constructors.................................................................................................................96 5.3 Managed Copy Manifest File......................................................................................................96 5.3.1 Rules to use Managed Copy Manifest File ............................................................................97 5.3.2 XML schema of Managed Copy Manifest File......................................................................98 5.4 Managed Copy Web Service.....................................................................................................103 5.4.1 Web Service Description .....................................................................................................103 5.4.2 Offer Response Message .....................................................................................................109 5.4.3 Permission Response Message ............................................................................................117 5.5 Requirement for Managed Copy Machine ..............................................................................119 5.5.1 Recovery process .................................................................................................................119 5.5.2 Making a Managed Copy.....................................................................................................120 5.6 Application/HTML for financial/accounting transaction ......................................................121 CHAPTER 6 DETAILS FOR SEQUENCE KEYS AND UNIFIED MKB ............123 6. INTRODUCTION......................................................................................123 6.1 PlayList approach for Sequence Keys / Unified MKB ...........................................................123 6.1.1 Encryption and Decryption Overview .................................................................................125 6.1.1.1 Key Hierarchy for Segment Portion.................................................................................127 6.1.1.2 Key Hierarchy for non-Segment Portion .........................................................................128 6.1.2 Selection process of a PlayList ............................................................................................128 6.2 Segment Key File .......................................................................................................................130 Page viii Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book CHAPTER 7 CLARIFICATIONS FOR UNENCRYPTED CONTENT................133 7. INTRODUCTION......................................................................................133 7.1 Disc structure .............................................................................................................................133 7.1.1 CPS information files for unencrypted content....................................................................133 7.1.1.1 BD-ROM composed of only unencrypted content...........................................................133 7.1.1.2 BD-ROM composed of both encrypted content and unencrypted content.......................134 7.2 Usage Rules for Unencrypted content......................................................................................134 7.3 Copy Permission Indicator for Unencrypted content.............................................................134 7.4 Exceptional Rule for CPS Unit.................................................................................................135 7.4.1 Case 1 ..................................................................................................................................135 7.4.2 Case 2 ..................................................................................................................................135 CHAPTER 8 ADDITIONAL REQUIREMENTS FOR THE 3D FEATURE .........137 8. INTRODUCTION......................................................................................137 8.1 3D Application Format and Encryption..................................................................................137 8.1.1 Stereoscopic Interleaved File...............................................................................................137 8.1.2 Encryption Scheme ..............................................................................................................137 8.1.3 Bus Encryption ....................................................................................................................137 8.2 Content Revocation ...................................................................................................................137 8.2.1 Content Certificate...............................................................................................................137 8.2.2 Content Hash Table .............................................................................................................137 8.2.3 Hash Calculation..................................................................................................................138 8.2.4 Verifying Content Certficate................................................................................................138 8.3 Sequence Keys / Unified MKB..................................................................................................139 8.3.1 Application rule of Sequence Keys / Unified MKB for 3D disc..........................................139 ANNEX A. RESTRICTION ON DATA ALLOCATION (INFORMATIVE).......141 ANNEX B. CARRIAGE OF SYSTEM RENEWABILITY MESSAGE .............143 B.1 Introduction ...............................................................................................................................143 B.2 SRM for DTCP ..........................................................................................................................143 B.3 SRM for HDCP..........................................................................................................................143 ANNEX C. REQUIREMENTS FOR ON-LINE AND MANAGED COPY API .145 Final Revision 0.951RC Page ix Advanced Access Content System: Blu-ray Disc Pre-recorded Book List of Figures Figure 2-1 Example of the relationship between the Content Hash Table Digest and the Hash Value ................9 Figure 2-2 Example of the Content Hash Table syntax ......................................................................................10 Figure 3-1 Control Data Zone of AACS-protected BD9 Media .........................................................................13 Figure 3-2 Partial Media Key Block recording in AACS-protected BD9 Media ...............................................17 Figure 3-3 CBC chaining on “sector” basis..........................................................................................................21 Figure 3-4 Application Format Structure and CPS Unit.....................................................................................22 Figure 3-5 Directory structure for AACS directory............................................................................................25 Figure 3-6 Directory structure for BDMV directory ............................................................................................26 Figure 3-7 CBC chaining on “Aligned Unit” basis ..............................................................................................42 Figure 3-8 Calculation method for the Block Key from the CPS Unit Key .........................................................42 Figure 4-1 Virtual File System Concept to files in the AACS and BDMV directory.........................................48 Figure 4-2 Disc Image of Content on the Binding Unit Data Area ....................................................................49 Figure 4-3 System Model: Relation between three modules ..............................................................................51 Figure 4-4 How to Check PMSN (or Device Binding Nonce) ...........................................................................60 Figure 4-5 Example: Download additional Content ...........................................................................................61 Figure 4-6 How to realize Download additional content....................................................................................62 Figure 4-7 Decryption Overview for BD-ROM and Binding Unit Data Area (1) ..............................................63 Figure 4-8 Example: Download updated Usage Rule.........................................................................................64 Figure 4-9 How to realize Download updated Usage Rule ................................................................................65 Figure 4-10 Decryption Overview for BD-ROM and Binding Unit Data Area (2) ............................................66 Figure 4-11 Example: Download CPS Unit Key................................................................................................67 Figure 4-12 How to realize Download Title Key ...............................................................................................68 Figure 4-13 Decryption Overview for BD-ROM and Binding Unit Data Area (3) ............................................69 Figure 4-14 How to realize Download Permission.............................................................................................70 Figure 5-1 Managed Copy System Model: Type A............................................................................................74 Figure 5-2 Managed Copy System Model: Type B ............................................................................................75 Figure 5-3 Managed Copy System Model: Type C ............................................................................................76 Figure 6-1 Overview of PlayList approach for Sequence Key Block / Unified MKB .......................................124 Figure 6-2 Encryption and Decryption Overview for BD-ROM on which SKB / uMKB is not assigned .........126 Page x Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Figure 6-3 Encryption and Decryption Overview for Segment portion .............................................................127 Figure 6-4 Encryption and Decryption Overview for non-Segment Portion ......................................................128 Figure 6-5 Data format of PSR...........................................................................................................................130 Figure 6-6 Calculation method for the Block Key from the Segment Key.........................................................131 Final Revision 0.951RC Page xi Advanced Access Content System: Blu-ray Disc Pre-recorded Book This page is intentionally left blank. Page xii Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book List of Tables Table 2-1 – Content Certificate for BD Pre-recorded Disc ....................................................................................5 Table 2-2 Syntax for Content Hash Table ............................................................................................................8 Table 3-1 Dbata Format for Volume Identifier...................................................................................................14 Table 3-2 Data Format for CPS_Sector..............................................................................................................15 Table 3-3 ROM-Mark Flag.................................................................................................................................15 Table 3-4 ROM_Mark_IV_Indicator..................................................................................................................15 Table 3-5 Partial Media Key Block Format........................................................................................................16 Table 3-6 Data Format for CPR_MAI in Content Provider Information of BD9 Media....................................17 Table 3-7 Data Format for BCA Record for Pre-recorded Media Serial Number ..............................................18 Table 3-8 Data Format for Unique Value in the case of an un-guessable PMSN...............................................19 Table 3-9 Data Format for Bus Encryption Flag in User Control Data ..............................................................20 Table 3-10 Data Format for Bus Encryption Flag in Sector Header...................................................................20 Table 3-11 Data Format for Key Conversion Data.............................................................................................21 Table 3-12 Data Format of CPS Unit Key File for BDMV Application ............................................................27 Table 3-13 Data Format of Unit_Key_File_Header() for BDMV Application ..................................................27 Table 3-14 Use_SKB_Unified_MKB_Flag........................................................................................................28 Table 3-15 Data Format of Unit_Key_Block() for BDMV Application ............................................................29 Table 3-16 Data Structure for CPS Unit Usage File...........................................................................................30 Table 3-17 Syntax for CPS Unit Usage File.......................................................................................................32 Table 3-18 Syntax for CCI_and_other_info( )....................................................................................................33 Table 3-19 Bit assignment for CCI_and_other_info_type..................................................................................33 Table 3-20 Syntax of Basic CCI for AACS........................................................................................................34 Table 3-21 EPN ..................................................................................................................................................35 Table 3-22 CCI ...................................................................................................................................................35 Table 3-23 Image_Constraint_Token .................................................................................................................36 Table 3-24 Digital_Only_Token.........................................................................................................................36 Table 3-25 APSTB .............................................................................................................................................36 Table 3-26 Type_of_Title#I ...............................................................................................................................37 Table 3-27 Syntax of Enhanced Title Usage for AACS .....................................................................................37 Final Revision 0.951RC Page xiii Advanced Access Content System: Blu-ray Disc Pre-recorded Book Table 3-28 Cacheable .........................................................................................................................................38 Table 3-29 Syntax for After( ) and Before( )......................................................................................................39 Table 3-30 Syntax of Key Management Information for On-line Function .......................................................40 Table 3-31 Unit Key Status ................................................................................................................................40 Table 3-32 Binding Type....................................................................................................................................40 Table 3-33 Syntax of Content Owner Authorized Outputs Information.............................................................41 Table 3-34 TP_extra_header...............................................................................................................................42 Table 3-35 HDMV_copy_control_descriptor.....................................................................................................43 Table 3-36 private_data_byte .............................................................................................................................44 Table 3-37 EPN ..................................................................................................................................................44 Table 3-38 CCI ...................................................................................................................................................44 Table 3-39 Image_Constraint_Token .................................................................................................................45 Table 3-40 APS ..................................................................................................................................................45 Table 4-1 Capability of handling time-based Usage Rules.................................................................................57 Table 5-1 Application/HTML for financial/accounting transaction on a Managed Copy Server.....................121 Table 6-1 Data Format of Segment Key File......................................................................................................130 Table 7-1 Copy_permission_indicator..............................................................................................................135 Table 8-1 Hash Check Process for 2D and 3D disc..........................................................................................138 Table C-1 System Property and API implementation for AACS On-line ...............................................146 Table C-2 System Property and API implementation for AACS Managed Copy .................................147 Table C-3 Player Implementation options for On-line and Managed Copy ..........................................147 Page xiv Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Chapter 1 Introduction 1.1 Purpose and Scope The Advanced Access Content System (AACS) specification defines an advanced, robust and renewable method for protecting audiovisual entertainment content, including high-definition content. The specification is organized into several “books”. The AACS Introduction and Common Cryptographic Elements book defines cryptographic procedures that are common among the various defined uses of the protection system. The Pre- recorded Video Book defines common details for using the system to protect audiovisual content distributed on any kind of pre-recorded (read-only) storage media. This document (the Blu-ray Disc Pre-recorded Book) specifies additional details for using the system to protect audiovisual content distributed on pre-recorded Blu- ray Disc Read-Only Media. When there is a discrepancy between a format-independent book and this book, then this book takes precedence. The use of this specification and access to the intellectual property and cryptographic materials required to implement it are the subject of a license. A license authority referred to as AACS LA is responsible for establishing and administering the content protection system based in part on this specification. Note: In this specification the words “BD Pre-recorded Disc” means Blu-ray Disc Read-Only Media (BD- ROM). 1.2 Overview In the Blu-ray Disc Pre-recorded Book, the following described procedures are required to protect AACS Pre- Recorded Video Content. • Content Revocation • Content Encryption and Decryption • Uses of On-line Connections • Managed Copy • Sequence Keys This document is provided as a detailed description of procedures and data structures that are specific for the use of the AACS technology on Blu-ray Disc Read-Only Media. 1.3 Organization of this Document This document is organized as follows: • Chapter 1 provides an introduction and overview. • Chapter 2 describes Blu-Ray Disc specific procedures related to the revocation of pre-recorded video. • Chapter 3 describes Blu-Ray Disc specific procedures for the production (encryption) and off-line playback (decryption) of AACS Content on pre-recorded Blu-Ray Read Only Media. • Chapter 4 describes Blu-Ray Disc specific procedures for the use of AACS Content with network transactions. Final Revision 0.951RC Page 1 Advanced Access Content System: Blu-ray Disc Pre-recorded Book • Chapter 5 describes Blu-ray Disc specific procedure for the Managed Copy of AACS Pre-recorded Content. • Chapter 6 describes Blu-ray Disc specific procedure for Sequence Keys. • Chapter 7 describes clarifications for unencrypted content • Chapter 8 describes Blu-ray Disc specific 3D feature. 1.4 Reference This specification shall be used in conjunction with the following publications. When the publications are superceded by an approved revision, the revision shall apply. AACS LA, Introduction and Common Cryptographic Elements AACS LA, Pre-recorded Video Book Blu-ray Disc Association, System Description Blu-ray Disc Read-Only Format, part 1: Basic Format Specifications, version 1.3 Blu-ray Disc Association, System Description Blu-ray Disc Read-Only Format, part 2: File System Specifications, version 1.2 Blu-ray Disc Association, System Description Blu-ray Disc Read-Only Format, Part 3: Audio Visual Basic Specifications, Version 2.4 Blu-ray Disc Association, System Description Blu-ray Disc Read-Only Format, Part 3: Audio Visual Basic Specifications Version 2.4 for 2D Blu-ray Disc Association, System Description Blu-ray Disc Read-Only Format, Part 3: Audio Visual Basic Specifications, Version 2.4, Guidelines Blu-ray Disc Association, System Description Blu-ray Disc Read-Only Format, Part 3: Audio Visual Basic Specifications, Version 2.4 for 2D, Guidelines ROM-Mark Outline, version 1.0 KCD-Mark Outline, version 1.0 Digital Transmission Licensing Administrator, Digital Transmission Content Protection Specification Volume 1 Revision 1.4 1.5 Document History This document version 0.951 supersedes version 0.95 dated February 24, 2009. It contains the following changes: • Blu-ray 3D is defined. • Exceptional cases for co-existance of encrypted and unencypted content in one CPS Unit are defined. 1.6 Notation Except where specifically noted otherwise, this document uses the same notations and conventions for numerical values, operations, and bit/byte ordering as described in the Introduction and Common Cryptographic Elements book of this specification. 1.7 Terminology Aligned Unit: An Aligned unit consists of a series of 32 Source Packets. Block Key: A Block Key is a key to encrypt and decrypt each Aligned unit. CPS Unit: A CPS Unit is a group of titles, to which the same title key has been assigned. Page 2 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book CPS Unit Key: A CPS Unit Key is a Blu-ray Disc synonym for the Title Key. CPS Unit Usage file: A CPS Unit Usage file is a Blu-ray Disc synonym for the Title Usage file. ECC Cluster: An ECC Cluster consists of a series of 32 Physical Sectors. Hash Unit: A Hash Unit consists of a series of 96 Logical Sectors. Hash Value: A Hash Value is data which has been calculated from a byte sequence in a Hash Unit. Logical Sector: A Logical Sector is a data field in BD Pre-recorded Disc. All Logical Sectors in a BD Pre- recorded Disc shall have the same size. Reserved: The term “Reserved”, when used to define the syntax of the data structure, indicates that the field may be used for future extensions. All the bits of a reserved field in the syntax of a data structure shall be set to 02. The term “Reserved”, when used to define the meaning of values, indicates that the reserved values may be used for future extensions. The reserved values shall never be used in this version. Segment Key: A Segment Key is a Blu-ray Disc synonym for the Title Key for Sequence Key (SK) segment portion. Source Packet: A Source Packet consists of a Source Packet header and a subsequent MPEG-2 transport packet. 1.8 Abbreviation and Acronyms BD Blu-ray Disc BDMV Blu-ray Disc Movie BD-ROM Blu-ray Disc Read-Only Media CCI Copy Control Information CHT Content Hash Table CPS Content Protection System ECC Error Correction Code MPEG Moving Picture Experts Group RMF ROM-Mark Flag RMIVI ROM_Mark_IV_Indicator VFS Virtual File System 1.9 About Blu-ray Disc Read-Only Media and ROM-Mark Blu-ray Disc Read–Only Media has two types of physical media. In this document “BD9” and “BD25” are used to identify these two types of physical media with the following definition. BD9: Physical media based on ECMA-267 with capacity of 4.7 or 8.5 gigabytes. BD25: Physical media with capacity of 25.0 or 27.0 gigabytes in one Layer. ROM-Mark is the method to record the Volume ID data for both BD9 and BD25. Final Revision 0.951RC Page 3 Advanced Access Content System: Blu-ray Disc Pre-recorded Book This page is intentionally left blank. Page 4 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Chapter 2 Details for Content Revocation 2. Introduction Content revocation requires the Content Certificate that is specified in Chapter 2 of the Pre-recorded Video Book of this specification. This chapter describes additional details of content revocation that are specific to the BDMV format. As described in the Pre-recorded Video Book, every hash unit of the AV content in the BDMV format on the disc is hashed, and this hashed value is included in the Content Hash Table. Every part of the Content Hash Table, that corresponds to an AV content file, is then hashed, and this hashed value is included in the unsigned Content Certificate as a Content Hash Table Digest. This unsigned Content Certificate is finally signed by the AACS LA, and this becomes the Content Certificate. A disc may contain both encrypted content and unencrypted content. The Content Certificate, however, shall cover all the Clip AV stream files under “\BDMV\STREAM” directory on the disc, whether they are encrypted or not. 2.1 Content Certificate In parallel with the “\BDMV” directory, a single Content Certificate shall be stored per physical layer in the “\AACS” directory and in the “\AACS\DUPLICATE” directory. The single-layer disc has a single file named “Content000.cer”, while the dual-layer disc has two files named “Content000.cer” for Layer 0 and “Content001.cer” for Layer 1. Note that the Content000.cer and the Content001.cer are stored on Layer 0 and Layer 1 respectively. The data format of the Content Certificate is defined in Table 2-1. Table 2-1 – Content Certificate for BD Pre-recorded Disc Bit 7 6 5 4 3 2 1 0 Byte 0 Certificate Type: 0016 1 BEE (reserved) 2 … Total_Number_of_HashUnits 5 6 Total_Number_of_Layers 7 Layer_Number 8 … Number_of_HashUnits 11 12 Number_of_Digests 13 Final Revision 0.951RC Page 5 Advanced Access Content System: Blu-ray Disc Pre-recorded Book 14 Applicant ID 15 16 (msb) CCSS ID (lsb) Sequence Number 1 17 Sequence Number 1 (msb) 18 Timestamp 19 (lsb) Sequence Number 2 20 Minimum CRL Version 21 22 (reserved) 23 24 Length_Format_Specific_Section 25 26 : Hash_Value_of_MC_Manifest_File 45 46 : Hash_Value_of_BDJ_Root_Cert 65 66 Num_of_CPS_Unit 67 68 … Hash_Value_of_CPS_Unit_Usage_File#1 87 … 68+(J-1)*20 .. Hash_Value_of_CPS_Unit_Usage_File#J 87+(J-1)*20 K (see note below) : Content Hash Table Digest #1 K+7 … … K + (N-1)*8 … Content Hash Table Digest #N K+7 + (N-1)*8 K+8+(N-1)*8 : Signature Data K+47+(N-1)*8 Note: K = 88+(J-1)*20 Details of each field are defined in the Pre-recorded Video Book of this specification with the following exceptions: Page 6 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book • A 1-bit Bus Encryption Enabled (BEE) flag, where 02 means that bus encryption is not enabled for the content covered by this Content Certificate, and 12 means that bus encryption is enabled for that content. Note that in the dual-layer case, both the BEE flag in “Content000.cer” and the BEE flag in “Content001.cer” shall be the same value. • A 4-byte Total_Number_of_HashUnits field indicates the total number of Hash Units on the disc. • A 1-byte Total_Number_of_Layers field indicates the total number of layers on the disc. • A 1-byte Layer_Number field indicates the layer of the disc for which this Content Certificate is created. This field shall be 0 for “Content000.cer”, and 1 for “Content001.cer”. • A 4-byte Number_of_HashUnits field indicates the number of Hash Units on the layer for which this Content Certificate is created. • A 2-byte Number_of_Digests field indicates the number of Clip AV stream files that have a file size equal to or more than 96 Logical Sectors on the layer for which this Content Certificate is created. • A 2-byte Applicant ID assigned by AACS LA. • A 4-byte Content Sequence Number consists of 6-bit Content Certificate Signing Server ID (CCSS ID), 15-bit Timestamp, and 11-bit Sequence Number that is a concatenation of a 4-bit Sequence Number 1 and 7-bit Sequence Number 2, and is assigned by AACS LA to uniquely identify the Certified Content amongst that Content Provider’s content. The combination of the Applicant ID and the Content Sequence Number is referred to as the Content Certificate ID. In other words, the Content Certificate ID is a 6-byte number. Timestamp indicates the date (referenced to UTC) when a Content Certificate is signed, and contains a value for the elapsed days from 1st January 2008 with the value 0 representing 1st January 2008. Timestamp values predating 2 February 2008 are reserved, and shall not be used as a timestamp. • A 2-byte Minimum CRL Version value, assigned by the AACS LA to indicate the minimum Content Revocation List Version number that shall accompany the Certified Content. • A 2-byte Length_Format_Specific_Section that specifies the length of the subsequent Format_Specific_Section. The Format Specific Section for BD includes the subsequent Hash_Value_of_MC_Manifest_File, Hash_Value_of_BDJ_Root_Cert, Num_of_CPS_Unit, and a sequence of Hash_Value_of_CPS_Unit_Usage_Files. • A 20-byte Hash_Value_of_MC_Manifest_File contains the hash value for the Managed Copy Manifest File as defined in Section 5.3. • A 20-byte Hash_Value_of_BDJ_Root_Cert contains the hash value for the BD-J Root Certificate as defined in Section 2.3.2.4. • A 2-byte Num_of_CPS_Unit fields indicates the number of CPS Units on the disc. • A series of 20-byte Hash_Value_of_CPS_Unit_Usage_Files contains the hash value for the CPS Unit Usage File as defined in Section 2.3.2.2. 2.2 Content Revocation List In parallel with the “\BDMV” directory, the Content Revocation List (CRL) “ContentRevocation.lst” shall be stored in the “\AACS” directory and in the “\AACS\DUPLICATE” directory. The data format for the Content Revocation List is defined in Table 2-2 of the Pre-recorded Video Book of this specification. Note that in the dual-layer case, the Licensed Player shall check at least one Certificate ID and if the ID is revoked, the access to any layer of such a disc shall be aborted. CRL data shall be recorded from the first byte of the file, and the null (0016) padding may be attached after the CRL data in the file for authoring and mastering purposes. Final Revision 0.951RC Page 7 Advanced Access Content System: Blu-ray Disc Pre-recorded Book 2.3 Content Hash Table 2.3.1 Data Structure for Content Hash Table For each physical layer of BD-ROM, the Content Hash Table (CHT) shall be stored in the “\AACS” directory and in the “\AACS\DUPLICATE” directory. The single-layer disc has a single file named “ContentHash000.tbl”, while the dual-layer disc has two files named “ContentHash000.tbl” for Layer 0 and “ContentHash001.tbl” for Layer 1. Note that the ContentHash000.tbl and the ContentHash001.tbl are stored on Layer 0 and Layer 1 respectively. A Licensed Player shall verify the CHTs regardless of their physical location. The Content Hash Table shall contain an 8-byte Hash Value for each hash unit of the Clip AV stream files under “\BDMV\STREAM” directory in the corresponding layer. Details of the hash calculations are defined in Section 2.3.2 of this specification. Each Clip AV stream file is sequentially divided into hash units from head to tail, and the size of each hash unit is 96 Logical Sectors. Note that the tail portion of each Clip AV stream file, whose size is less than 96 Logical Sectors, is omitted from storing of its Hash Value. If the file size of Clip AV stream file is exactly the multiple of 96 Logical Sectors, there is no tail portion to be omitted from storing. If a Clip AV stream is divided in two and recorded on both layers, then the extents size of each Clip AV stream file on Layer 0 shall be exactly the multiple of 96 Logical Sectors, and the extents of each Clip AV stream file on Layer 1 shall be logically recorded after the extents of the corresponding Clip AV stream on Layer 0. Note that the size of CHT is zero bytes if there is no Clip AV stream that has a file greater than or equal to 96 Logical Sectors on the corresponding layer. Table 2-2 shows the data structure for Content Hash Table. Table 2-2 Syntax for Content Hash Table Syntax No. of bits Mnemonics Content Hash Table { for(I=0 ; I < Number_of_Digests ; I++) { Starting_HU_Num#I 32 uimsbf Clip_Num#I 32 uimsbf HU_Offset_in_Clip#I 32 uimsbf } for(I=0 ; I < Number_of_HashUnits ; I++){ Hash_Value#I 64 bslbf } } Starting_HU_Num#I (4 bytes) indicates the position in hash units of the first Hash Value of Clip AV stream file #I that have a file size greater than or equal to 96 Logical Sectors in the Hash Value part in this table. This number starts from zero. (Note) In case of dual-layer disc, the Starting_HU_Num#0 in the ContentHash001.tbl is equal to the Number_of_HashUnits on Layer 0. Refer to the example in Figure 2-2. Clip_Num#I (4 bytes) indicates a 5-digit number included in the file name of Clip AV stream file #I that has a file size greater than or equal to 96 Logical Sectors. This value is stored in the ascending order of the 5-digit number included in the file name of the corresponding Clip AV stream file. Page 8 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book HU_Offset_in_Clip#I (4 bytes) indicates the offset in hash units from the top of the Clip AV stream file #I that has a file size greater than or equal to 96 Logical Sectors. This offset starts from zero. The Hash Value at the Starting_HU_Num#I corresponds to the AV data at this offset in the Clip AV stream file #I. Hash_Value#I (8 bytes) contains the Hash Value calculated from the hash unit #I in the layer corresponding to this Content Hash Table. These Hash_Value#I shall be listed in the ascending order of the 5-digit number included in the file name of the corresponding Clip AV stream file, and in the ascending order of the logical position in the Clip AV stream file. Number_of_Digests is defined in Table 2-1, and indicates the number of Clip AV stream files in the layer corresponding to this Content Hash Table. Number_of_HashUnits is defined in Table 2-1, and indicates the number of hash units in the layer corresponding to this Content Hash Table. Content Hash Table Digest #J defined in Table 2-1 is the digest of the concatenation of the Hash Values from the Starting_HU_Num#I to Starting_HU_Num#(I+1) – 1. Figure 2-1 shows an example of the relationship between the Content Hash Table Digest and the Hash Value. Content Certificates Content Hash Tables Clip AV stream files Clip #0 Clip #1 Clip #2 Content Hash Table Digest #0 Hash_Value #0 HU#0 Content Hash Table Digest #1 Hash_Value #1 HU#1 Content Hash Table Digest #2 Hash_Value #2 HU#0 Hash_Value #3 HU#1 Hash_Value #4 HU#2 Hash_Value #5 HU#0 Layer 0 Layer 1 Hash_Value #6 HU#2 Clip #3 Hash_Value #7 HU#1 Content Hash Table Digest #1 Hash_Value #8 HU#0 Content Hash Table Digest #2 Hash_Value #9 HU#2 Content Hash Table Digest #3 Hash_Value #10 HU#1 Physical Allocation Figure 2-1 Example of the relationship between the Content Hash Table Digest and the Hash Value In this example, there is one Content Certificate for each layer, one Content Hash Table for each layer, and four Clip AV stream files that have a file size greater than or equal to 96 Logical Sectors. The whole part of Clip AV stream file #0 is recorded on Layer 0, and the whole part of Clip AV stream file #3 is recorded on Layer 1. Clip AV stream file #1 and #2 are recorded separately on both Layer 0 and Layer 1. From a physical allocation point of view, each Clip AV stream file is fragmented and the file extents of different Clip AV stream files are recorded alternately. Final Revision 0.951RC Page 9 Advanced Access Content System: Blu-ray Disc Pre-recorded Book In this example, the Content Hash Table for Layer 0 includes Hash_Values for Hash Units of Clip AV stream file #0, #1 and #2. The Content Hash Table for Layer 1 includes Hash_Values for Hash Units of Clip AV stream file #1, #2 and #3. Note that Hash_Values for Hash Unit #0 and #1 for Clip AV stream file #1 and Hash Unit #0 for Clip AV stream file #2 are included only in the Content Hash Table for Layer 0. To calculate the Content Hash Table Digest of each layer, only the Hash_Values in the same layer are used. For example, to calculate the Content Hash Table Digest #1 for Layer 0 in Figure 2-1, Hash_Value #3 and #4 in the Content Hash Table for Layer 0 are used. Hash_Value #0 in the Content Hash Table for Layer 1 is not used. Figure 2-2 shows an example of the Content Hash Table syntax defined in Table 2-2. ContentHash000.tbl (header) Clip 0 Clip 1 Clip 2 Clip 3 Start Clip # Offset Total_Number_of_HashUnits 0 Hash_Value#0 Clip 0 0 0 0 = 11 2 Clip 1 3 1 0 Number_of_HashUnits =6 Clip 2 5 2 0 2 3 Hash_Value#3 Layer_Number = 0 1 ContentHash000.tbl (body) Layer 0 1 5 Hash_Value#5 Layer 1 1 6 Hash_Value#6 1 7 Hash_Value#7 ContentHash001.tbl (body) 1 Number_of_HashUnits ContentHash001.tbl (header) =5 1 9 Hash_Value#9 Start Clip # Offset Layer_Number = 1 1 Clip 1 6 1 2 Clip 2 7 2 1 Physical Clip 3 9 3 0 Allocation Figure 2-2 Example of the Content Hash Table syntax 2.3.2 Hash Calculation 2.3.2.1 Clip AV stream A Hash Value for each Hash Unit of the Clip AV stream file is calculated using the SHA-1 hashing function as defined in the equation below. If the data is encrypted, the encrypted data itself is used as the input to the hashing function, so that the Licensed Player need not decrypt the data before calculating a Hash Value. The stored Hash Value is the least significant 64 bits of the result for the SHA-1 hashing function. Hash_Value = [SHA-1(Hash_Unit)]lsb_64 Where SHA-1 is the SHA hashing function as defined in Introduction and Common Cryptographic Elements book of this specification. Page 10 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book 2.3.2.2 Usage Rule A hash value for each CPS Unit Usage File is also calculated using the SHA-1 hashing function as defined in the equation below. Hash_Value_of_CPU_Unit_Usage_File = SHA-1(CPS Unit Usage File) Hash_Value_of_CPU_Unit_Usage_File is used to verify the integrity of the CPS Unit Usage File. 2.3.2.3 Managed Copy Manifest File A hash value for the Managed Copy Manifest File is also calculated using the SHA-1 hashing function as defined in the equation below. Hash_Value_of_MC_Manifest_File = SHA-1(Managed Copy Manifest File) Hash_Value_of_MC_Manifest_File is used to verify the integrity of the Managed Copy Manifest File. If the Managed Copy Manifest File is not recorded on the BD-ROM, Hash_Value_of_MC_Manifest_File shall be set to all zero. 2.3.2.4 BD-J Root Certificate A hash value for the BD-J Root Certificate (\CERTIFICATE\app.discroot.crt) for application authentication is also calculated using the SHA-1 hashing function as defined in the equation below. Hash_Value_of_BDJ_Root_Cert = SHA-1(BD-J Root Certificate) Application Authentication Data is used to verify the integrity of the Application. For the application authentication, refer to the Blu-ray Disc Association, System Description Blu-ray Disc Read-Only Format, part 3: Audio Visual Basic Format Specifications. Hash_Value_of_BDJ_Root_Cert is stored in the Content Certificate as defined in Table 2-1. If the BD-J Root Certificate is not recorded on the BD-ROM, Hash_Value_of_BDJ_Root_Cert shall be set to all zero. 2.3.3 Verifying Content Certificate A Licensed Product which plays back a BDMV shall verify the Content Certificate as defined in Section 2.6 of the Pre-recorded Video Book of this specification. This subsection provides additional details for the BDMV format. 2.3.3.1 Clip AV stream If the Licensed Product selects type a) as defined in procedure 1 of Section 2.6 of the Pre-recorded Video Book of this specification, seven Hash Units shall be randomly selected from all the Hash Units recorded on the BD- ROM. If the License Product selects type b) as defined in procedure 1 of Section 2.6 of the Pre-recorded Video Book of this specification, the first Hash Unit which is read from the BD-ROM for each Title, shall be verified. During the playback of each Title, at least 1% of the Hash Units recorded on the BD-ROM shall be randomly selected and verified. Final Revision 0.951RC Page 11 Advanced Access Content System: Blu-ray Disc Pre-recorded Book As an authoring guideline, it is strongly recommended to prepare at least a 3-second non-media-access segment within the first 300 seconds of title play back. A non-media-access segment is a segment where a Licensed Player does not need to access any data on the media. Still picture presentation with pause is one example of a non-media-access segment. 2.3.3.2 Usage Rule Licensed Products shall verify Hash_Value_of_CPS_Unit_Usage_File for a CPS Unit to be played back. 2.3.3.3 Managed Copy Manifest File If a Licensed Product uses (reads) the Managed Copy Manifest File for the purpose of Managed Copy, it shall verify Hash_Value_of_MC_Manifest_File for a BD-ROM with the Managed Copy Manifest File. 2.3.3.4 BD-J Root Certificate The Licensed Product shall verify Hash_Value_of_BDJ_Root_Cert for a BD-ROM with a BD-J Root Certificate. Page 12 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Chapter 3 Details for Content Encryption and Decryption 3. Introduction The general approach for encryption and decryption of pre-recorded AACS Content is specified in Chapter 3 of the Pre-recorded Video Book of this specification. This chapter describes additional details of that approach that are specific to the use of AACS encryption with a BD-ROM disc and its Application Format. 3.1 Media Key Block Each BD-ROM disc that contains content encrypted by AACS (using a CPS Unit Key that is provided in the AACS directory) shall include two Read-Only Media Key Blocks (MKB). The MKB “MKB_RO.inf” shall be stored in the “\AACS” directory and in the “\AACS\DUPLICATE” directory. MKB data shall be recorded from the first byte of the file, and null (0016) padding may be appended after the MKB data in the file for authoring and mastering purposes. (Note) The Read/Write MKB is mandatory for BD-ROM discs. The Read/Write MKB “MKB_RW.inf” for a Licensed Recorder shall be stored in the “\AACS” directory and in the “\AACS\DUPLICATE” directory. 3.2 Control Data Zone of BD9 Media The Control Data Zone of AACS-protected BD9 media is defined as shown in Figure 3-1. Physical format information Disc manufacturing information BD9 System Data1 CPS_Sector (16 ECC Clusters) Reserved (All 00h) Partial MKB1 (13 sectors) (40 ECC Clusters) CPS_Sector block Lead-In Area Partial MKB2 Physical format information Control Data Reserved for future use (40 ECC Clusters) Disc manufacturing information Zone (15 ECC Clusters) (192 ECC Reserved (All 00h) Partial MKB3 Clusters) (14 sectors) (40 ECC Clusters) Partial MKB4 : (40 ECC Clusters) : BD9 System Data2 Physical format information (16 ECC Clusters) Disc manufacturing information Reserved (All 00h) (14 sectors) Figure 3-1 Control Data Zone of AACS-protected BD9 Media Final Revision 0.951RC Page 13 Advanced Access Content System: Blu-ray Disc Pre-recorded Book Control Data Zone is divided into six areas: BD9 System Data1 (16ECC Clusters), Partial MKB1 (40ECC Clusters), Partial MKB2 (40ECC Clusters), Partial MKB3 (40ECC Clusters), Partial MKB4 (40ECC Clusters), and BD9 System Data2 (16ECC Clusters). BD9 System Data1 and BD9 System Data2 shall have the same data to duplicate the content of BD9 System Data. Partial MKB1, Partial MKB2, Partial MKB3, and Partial MKB4 shall have the same data to record Partial Media Key Block 4 times. As defined in the ECMA 267 format specification, “Physical format information” and “Disc manufacturing information” are recorded respectively in the first sector and the second sector of all ECC Clusters in the BD9 Control Data Zone. Both BD9 System Data1 and BD9 System Data2 consist of 16 ECC Clusters. The first ECC Cluster of both BD9 System Data1 and BD9 System Data2 has CPS_Sector at its third sector, and other sectors in this ECC Cluster are reserved. The second ECC Cluster to the last ECC Cluster of both BD9 System Data1 and BD9 System Data2 are reserved for future use, and has non-specified 14 sectors in each ECC Cluster. The content of CPS_Sector is defined in Section 3.3.1. The data structure of Partial MKB1, Partial MKB2, Partial MKB3, and Partial MKB4 is defined in Section 3.4.2. 3.3 Volume Identifier For the purpose of encryption and decryption of the Content, the Volume Identifier (IDv) is combined with the Media Key (Km) to produce the Volume Unique Key (Kvu) as follows: Kvu = AES-G(Km, IDv) The Volume Identifier shall be stored in a manner that cannot be duplicated by consumer recorders. For BD– ROM, the Volume Identifier shall be stored in the ROM-Mark of the BD-ROM disc. For the details of the ROM-Mark, refer to ROM-Mark Outline. Table 3-1 shows the data format for the Volume Identifier that is stored in the payload of the ROM-Mark. Table 3-1 Data Format for Volume Identifier Bit 7 6 5 4 3 2 1 0 Byte 0 (msb) : Volume Identifier 15 (lsb) 3.3.1 CPS_Sector For BD25 Media, the last sector in the first Physical Cluster of each Info Fragment in the PIC zone (Permanent Information & Control Data zone) is reserved as a CPS_Sector. The other sectors in the first Physical Cluster of each Info Fragment are reserved for storing Disc Information and other information. For the details of the PIC zone, refer to Blu-ray Disc Association, System Description Blu-ray Disc Read-Only Format, part 1: Basic Format Specifications. Page 14 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book For BD9 Media, the first ECC Cluster in the Control Data Zone in the Lead-In area is used to record CPS_Sector. The data structure of CPS_Sector is the same as the BD25 case. The data structure in BD9 Control Data Zone is defined in Section 3.2. The ROM-Mark Flag (RMF) and the ROM_Mark_IV_Indicator (RMIVI) are stored in the top of the CPS_Sector. Table 3-2 shows the data format for CPS_Sector. Table 3-2 Data Format for CPS_Sector Bit 7 6 5 4 3 2 1 0 Byte 0 RMF RMIVI (reserved) 1 : (reserved) 2047 The ROM-Mark Flag indicates whether a ROM-Mark is stored on the disc or not. Table 3-3 defines the meaning of ROM-Mark Flag. Table 3-3 ROM-Mark Flag ROM-Mark Flag Meaning 02 No ROM-Mark is stored on the disc 12 A ROM-Mark is stored on the disc The ROM_Mark_IV_Indicator indicates which value of ROM_Mark_IV is used for the ROM-Mark detection. Table 3-4 defines the value and meaning of this field. This field shall be set to 0002. Table 3-4 ROM_Mark_IV_Indicator ROM_Mark_IV_Indicator Meaning 0002 The ROM-Mark detector IV values shall be used as ROM_Mark_IV 0012 - 1012 Reserved for BD-CPS Other Reserved 3.4 Partial Media Key Block for Host Revocation List The Host Revocation List is stored as “Partial Media Key Block” in the Lead-In area of disc. Partial Media Key Block consists of “Type and Version Record” and “Host Revocation List Record”. Final Revision 0.951RC Page 15 Advanced Access Content System: Blu-ray Disc Pre-recorded Book This section defines the structure of the Partial Media Key Block and other requirements for the Partial Media Key Block for recording on BD-ROM Media. Table 3-5 shows the data format for the Partial Media Key Block. The Partial Media Key Block shall be stored as 64KB units with zero padding. (Note 1) The maximum size of the reserved area for the Partial Media Key Block on BD-ROM Media is one megabyte. Table 3-5 Partial Media Key Block Format Bit 7 6 5 4 3 2 1 0 Byte 0 … Type and Version Record 11 12 13 14 Host Revocation List Record … X A Licensed Drive with BD-ROM reading function is required to store the Partial Media Key Block in its non- volatile memory. The Host Revocation List Record is required to be stored in the non-volatile memory of the Licensed Drive and consists of the data being signed for the first signature block including the Signature for Block 1. The details of the Type and Version Record and the Host Revocation List Record are defined in Section 3.2.5 of the Introduction and Common Cryptographic Elements book of this specification. (Note 2) For the BD Prerecorded Disc, the Licensed Drive shall handle the disc as AACS compliant media, if the Partial Media Key Block is recorded on the BD-ROM. The behavior for a Licensed Drive is as follows: • In the case that the Licensed Drive cannot verify and read the Partial Media Key Block on the media for some reason, the Licensed Drive shall read the Partial Media Key Block stored in non-volatile memory of the Licensed Drive and use it for the authentication process. 3.4.1 Partial Media Key Block for Host Revocation List for BD25 Media For BD25 Media, the Partial Media Key Block shall be stored in the PIC zone in Inner Zone 0 of the BD-ROM disc. Note that the PIC zone (Permanent Information & Control Data Zone) shall consist of 5 repetitions of a PIC Info Fragment. The Partial Media Key Block shall be written 5 times and shall begin from Cluster 1, i.e. AUN 00B922016, 00BFC2016, 00C662016, 00CD02016, 00D3A2016. In the case of a multiple-layer disc, each PIC zone shall have Partial Media Key Blocks stored in the same way as they would be with a single layer. The Page 16 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book details of the PIC are described in Blu-ray Disc Association, System Description Blu-ray Disc Read-Only Format, part 1: Basic Format Specifications. 3.4.2 Partial Media Key Block for Host Revocation List for BD9 Media For BD9 Media, the Partial Media Key Block shall be stored in the Control Data Zone of the BD9 Media Lead- In area. Figure 3-2 depicts the structure of the BD9 Lead-In area and the recording method of the Partial Media Key Block. The Partial Media Key Block shall be written 4 times in Partial MKB1~ Partial MKB4 area respectively. Partial MKB1~ Partial MKB4 area begin at ECC Cluster number 17, 57, 97, 137. Each ECC Cluster has 14 sectors that shall be used to store the Partial Media Key Block information. All unused sectors shall be filled with 0016. The details of the Lead-In area of BD9 Media are described in ECMA-267 Format. Physical format information Disc manufacturing information Partial Media Key Block Partial Media Key Block BD9 System Data1 information (14 sectors) (65536*M Bytes) (16 ECC Clusters) Partial MKB1 Physical format information (40 ECC Clusters) Disc manufacturing information Lead-In Area Partial MKB2 Partial Media Key Block Control Data (40 ECC Clusters) information (14 sectors) Zone (192 ECC Partial MKB3 Clusters) (40 ECC Clusters) : Partial MKB4 : (40 ECC Clusters) Physical format information BD9 System Data2 Disc manufacturing information (16 ECC Clusters) Partial Media Key Block information (N sectors) 00h (14-N sectors) Physical format information Disc manufacturing information 00h (14 sectors) Figure 3-2 Partial Media Key Block recording in AACS-protected BD9 Media 3.5 CPR_MAI in Content Provider Information Sectors of BD9 Media Table 3-6 describes the data format of CPR_MAI (6 bytes) in the Content Provider Information of BD9 Media. CPR_MAI_Byte1 (=1016) indicates that the media is AACS-protected BD9 Media. Table 3-6 Data Format for CPR_MAI in Content Provider Information of BD9 Media Final Revision 0.951RC Page 17 Advanced Access Content System: Blu-ray Disc Pre-recorded Book Bit 7 6 5 4 3 2 1 0 Byte 0 CPR_MAI_Byte1 = 1016 1 CPR_MAI_Byte2 = 0016 2 : (reserved) 5 3.6 Pre-recorded Media Serial Number For the purpose of using On-line Connections, the Pre-recorded Media Serial Number is defined and is used for generating a MAC. In a PC-based system, this Pre-recorded Media Serial Number shall be retrieved from the disc using the procedure defined in Section 4.5 of the Introduction and Common Cryptographic Elements book of this specification. The Pre-recorded Media Serial Number is optional for BD-ROM discs. For BD-ROM, the Pre-recorded Media Serial Number shall be stored in the BCA record of the BD-ROM disc. A Licensed Player shall use the 128-bit value found in the BCA Data Unit whose first 8 bits are set to 000001002 as the Pre-recorded Media Serial Number, per Table 3-7 below. Table 3-7 shows the data format for the Pre-recorded Media Serial Number that is stored in BCA. Table 3-7 Data Format for BCA Record for Pre-recorded Media Serial Number Bit 7 6 5 4 3 2 1 0 Byte 0 Data Unit sequence Application Identifier = 0000012 number = 002 1 (msb) Applicant ID 2 (lsb) 3 (msb) : Unique Value 15 (lsb) A Licensed Player shall use the full Data Unit, from the Application Identifier to the Unique Value, as the 128- bit Pre-recorded Media Serial Number. Application Identifier field (6 bits) indicates the application identifier, and shall be set to 0000012. The Data Unit sequence number field (2 bits) indicates the Data Unit sequence number, and shall be set to 002 for the Pre-recorded Media Serial Number. The Applicant ID field (16 bits) shall contain the applicant identifier assigned to each replicator by the AACS LA. The Unique Value field (104 bits) shall be assigned a unique value for each disc by each replicator. Page 18 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book In the case that an un-guessable PMSN is used with the default AACS Managed Copy Server as defined in Chapter 5 of the Pre-recorded Video Book of this specification, the Unique Value field shall be of the following form described in Table 3-8. Table 3-8 Data Format for Unique Value in the case of an un-guessable PMSN Bit 7 6 5 4 3 2 1 0 Byte 0 (msb) Applicant-defined Value 1 (lsb) 2 (msb) : Check bits 8 (lsb) 9 (msb) : Counter 12 (lsb) Applicant-defined Value (16 bits) is free for use by the replicator. For example, it can be used to distinguish between an un-guessable PMSN and a normal PMSN, or to assign a unique identifier to each replication facility within the Applicant to guarantee that the PMSN is globally unique. Check bits (56 bits) is the most significant 56 bits of the encrypted value of Counter and the fixed value as defined in Chapter 5 of the Pre-recorded Video Book of this specification, where Y = 56. Counter contains a value as defined in Chapter 5 of the Pre-recorded Video Book of this specification. 3.7 Bus Encryption Flag The Bus Encryption Flag (BEF) is used to indicate whether the sector data shall be encrypted or not in the interface bus between the Licensed Drive and the PC Host. If the BEF is set to 12, the corresponding sector data shall be encrypted in the interface bus in the manner that is specified in Section 3.7.1. Otherwise, the Licensed Drive shall not encrypt sector data across the interface bus. If the Bus Encryption Enabled (BEE) flag in the Content Certificate is set to 12, the BEF shall be set to 12 for all the sectors that correspond to the Aligned Unit with Copy_permission_indicator set to 112 of the Clip AV stream files under “\BDMV\STREAM” directory. Otherwise, the BEF shall be set to 02. Note that the BEF shall be set to 02 for the sectors that do not correspond to Clip AV stream files under “\BDMV\STREAM” directory. For the details of Copy_permission_indicator, refer to Section 3.10.2. (Note) If an application handles Clip AV stream file (e.g. BD-J Application copies Clip AV stream file on BD- ROM Disc to the Local Storage), such stream shall be handled by the application without bus-encrypted form. Final Revision 0.951RC Page 19 Advanced Access Content System: Blu-ray Disc Pre-recorded Book In other words, PC Host shall decrypt bus-encrypted Clip AV stream file and hand it over to the application. For the Local Storage, refer to Chapter 4 of this book. For BD25 Media, the Bus Encryption Flag shall be stored in the User Control Data associated with the corresponding sector. Table 3-9 shows the data format for the Bus Encryption Flag (1 bit) which is recorded in User Control Data of BD-ROM disc. Table 3-9 Data Format for Bus Encryption Flag in User Control Data Bit 7 6 5 4 3 2 1 0 Byte 0 BEF (reserved) 1 2 (reserved) : 17 For BD9 Media, the Bus Encryption Flag shall be stored in CPR_MAI field of sector header associated with the corresponding sector. Table 3-10 shows the data format for the Bus Encryption Flag (1 bit) which is recorded in CPR_MAI in Data Area. Table 3-10 Data Format for Bus Encryption Flag in Sector Header Bit 7 6 5 4 3 2 1 0 Byte 0 BEF (reserved) 1 2 (reserved) : 5 3.7.1 Encryption Scheme When the BEF is set to 12, bus encryption is applied to the associated sector. The 2032 bytes after the first 16 bytes of each sector are encrypted using the Data Key and AES-128CBCE. A new CBC cipher chain is started for each Sector (see Figure 3-3). Page 20 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book unencrypted (16 bytes) encrypted (2032 bytes) Figure 3-3 CBC chaining on “sector” basis The Initialization Vector of CBC Mode used in this scheme is described in Section 2.1.2 of Introduction and Common Cryptographic Elements book of this specification. (Note) Other adaptation books of this specification may define a flag, like the BEF in this book, and also encryption scheme for the bus encryption. However, if the Licensed Drive is not designed to be compliant to such books, the Drive is not required to recognize the flag defined in such books, nor to encrypt the sector data associated with the flag. 3.8 Key Conversion Data Note that for certain classes of Licensed Players, processing of the Media Key Block results in a Media Key Precursor Kmp instead of a Media Key. These classes of Licensed Players are defined in the AACS license. After they calculate the Media Key Precursor, they shall combine it with Key Conversion Data (KCD), to obtain the actual Media Key. For certain classes of Licensed Players, the Key Conversion Data (KCD) is combined with the Media Key Precursor (Kmp) to produce the Media Key (Km) as follows: Km = AES-G(Kmp, KCD) The Key Conversion Data shall be stored in a manner that cannot be read by an open platform Licensed Drive. For BD–ROM, the Key Conversion Data shall be stored in the KCD-Mark of the BD-ROM disc. For the details of the KCD-Mark, refer to KCD-Mark Outline. Table 3-11 shows the data format for the Key Conversion Data that is stored in the payload of the KCD-Mark. Table 3-11 Data Format for Key Conversion Data Bit 7 6 5 4 3 2 1 0 Byte 0 (msb) : Key Conversion Data 15 (lsb) Final Revision 0.951RC Page 21 Advanced Access Content System: Blu-ray Disc Pre-recorded Book 3.9 CPS Unit Key File and CPS Usage File 3.9.1 Application Format Structure Figure 3-4 describes a simplified diagram of the BD-ROM application format. Index Table Title Change Command First Playback Top Menu Title #1 Title #2 Title #3 User Interface Movie Movie BD-J Movie BD-J Object Object Object Object Object PlayList PlayList PlayList PlayItem PlayItem PlayItem PlayItem PlayItem PlayItem Access point (Time based) Clip Information Clip Information Clip Information Data-byte position Clip AV stream#01001 Clip AV stream#01002 Clip AV stream#02001 Clip Clip Clip CPS Unit #1 CPS Unit #2 Figure 3-4 Application Format Structure and CPS Unit This application format has four layers for managing AV stream files: those are Index Table, Movie Object, PlayList and Clip. 3.9.1.1 Clip Each pair of an AV stream file and its attribute is considered to be one object. A Clip is an object consisting of a Clip AV stream file and its corresponding Clip information file. A Clip AV stream file stores data, which is basically an MPEG-2 transport stream defined in a structure conforming to Blu-ray Disc Association, System Description Blu-ray Disc Read-Only Format, part 3: Audio Visual Basic Format Specification. The Clip Information file stores the time stamps of the access point into the corresponding AV stream file. The Player reads the Clip Information to find out the position where it begins to read the data from the AV stream file. Page 22 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book 3.9.1.2 PlayList A PlayList is a collection of playing intervals in the Clips. One such playing interval is called a PlayItem and consists of a pair of pointers called: IN-point and OUT-point. This pair points to positions on a time axis of the Clip. Therefore, a PlayList is a collection of PlayItems. Here the IN-point means a start point of a playing interval, and the OUT-point means an end point of the playing interval. 3.9.1.3 Movie Object A Movie Object consists of an executable navigation command program. This enables “dynamic scenario description”. Movie Objects are a layer above PlayLists. A navigation command in a Movie Object can launch a PlayList playback or a Movie Object can call another Movie Object so that a set of Movie Objects can manage playback of PlayLists in accordance with user’s interaction and preferences. 3.9.1.4 BD-J Object A BD-J Object consists of a table of BD-J Applications and indicates a set of BD-J Applications. This also enables dynamic scenario description and interactive content playback by use of the Java programming environment. BD-J Objects are at the same layer of Movie Object, and selected per title basis. BD-J Applications in BD-J Object provides on-line functionality not only for the corresponding Title but also for the whole BD-ROM disc. 3.9.1.5 Index Table Index Table is top-level information of the application format. This table contains entry points for all Titles, First Playback, and Top Menu. The Player references this table whenever a Title, First Playback, or Menu executing operation needs to be performed. 3.9.1.6 First Playback First Playback is optionally defined in the Index Table and points to a Movie Object or a BD-J Object, which is played automatically when the disc is loaded. When the disc is loaded, the player refers to the entry of “First Playback” and obtains the corresponding Movie Object or BD-J Object. First Playback Movie Object / BD-J Object is an optional function. A disc may or may not contain First Playback Movie Object / BD-J Object. 3.9.1.7 Top Menu Top Menu is optionally defined in the Index Table and points to a Movie Object or a BD-J Object. This is called by a user operation such as a “MenuCall”. A Movie Object indexed by Top Menu executes a PlayList whose PlayItem links a Clip having Button Objects. Each Button Object branches off to another Movie Object as a child Menu. Top Menu Movie Object is an optional function. A disc may or may not contain Top Menu Movie Object. 3.9.1.8 Title Title is a logical unit for the user to recognize one playback group. The group may be one linear playback block or it may be a non-linear playback block with branching points. Each Title has a title_number. title_number Final Revision 0.951RC Page 23 Advanced Access Content System: Blu-ray Disc Pre-recorded Book values are defined in ascending order, starting from one. All the values of title_number, no more than the total number of titles, shall be defined at least once on a disc. 3.9.2 CPS Unit A CPS Unit is a group of a First Playback, a Top Menu, and/or Titles, which are encrypted by using the same Unit Key (Kcu). Each CPS Unit has its corresponding CPS Unit Usage file. Each CPS Unit has a CPS_Unit_number. CPS_Unit_number values are defined in ascending order, starting from one. So, the maximum value of CPS_Unit_number shall be the same as the number of CPS Units that are assigned to First Playback, Top Menu, and/or Titles. And all CPS_Unit_number from one up to the maximum CPS_Unit_number shall be used at least once. All AV stream files that are referred to by First Playback are included in the same CPS Unit. All AV stream files that are referred to by Top Menu are included in the same CPS Unit. All AV stream files that are referred to by one Title are included in the same CPS Unit. If First Playback, Top Menu and/or a Title share one or more Clips, they shall be included in the same CPS Unit, i.e. the same Unit Key shall be assigned to First Playback, Top Menu and/or the Title. If multiple Titles share one or more Clips, these Titles shall be included in the same CPS Unit, i.e. the same Unit Key shall be assigned to these Titles. First Playback may or may not be included in the same CPS Unit with Top Menu, a Title, and/or Titles. Top Menu may or may not be included in the same CPS Unit with one or more Titles. For example in Figure 3-4, since a First Playback, a Top Menu, and two Titles commonly refer to the same Clip AV stream#01001, they belong to the same CPS Unit #1. Both Clip AV stream#01001 and Clip AV stream#01002 shall be encrypted by using the same key Kcu1. To achieve higher security and future flexibility, different keys shall be assigned to different CPS Units. For example, Figure 3-4 shows different keys, Kcu1 and Kcu2, that are assigned to CPS Unit #1 and CPS Unit #2. In this case, the switching between different CPS Units can be executed by some commands for Title change (e.g. Jump Title, Call Title, etc.) defined in Blu-ray Disc Association, System Description Blu-ray Disc Read-Only Format, part 3: Audio Visual Basic Format Specification. Figure 3-5 and Figure 3-6 show the directory structure of the BD-ROM application format. Detailed information is described in the chapter “Directories and Files” in Blu-ray Disc Association, System Description Blu-ray Disc Read-Only Format, part 3: Audio Visual Basic Format Specification. Page 24 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Root AACS Unit_Key_RO.inf MKB_RO.inf MKB_RW.inf SKB1.inf SKB2.inf uMKB1.inf uMKB2.inf Segment_Key.inf Files describing CPS Information (original) mcmf.xml ContentRevocation.lst Content000.cer Content001.cer ContentHash000.tbl ContentHash001.tbl CPSUnit00001.cci CPSUnit00002.cci DUPLICATE Unit_Key_RO.inf MKB_RO.inf MKB_RW.inf SKB1.inf SKB2.inf uMKB1.inf uMKB2.inf Segment_Key.inf Files describing CPS mcmf.xml Information (duplication) ContentRevocation.lst Content000.cer Content001.cer ContentHash000.tbl ContentHash001.tbl CPSUnit00001.cci CPSUnit00002.cci Figure 3-5 Directory structure for AACS directory Final Revision 0.951RC Page 25 Advanced Access Content System: Blu-ray Disc Pre-recorded Book DUPLICATE directory contains the duplication of CPS information files and is used when these files in \AACS directory cannot be read. File name and the file data of the duplicated CPS files shall be the same as original CPS files. The location of the file data of duplicated CPS files should be physically far from the location of the file data of original CPS files. root BDMV Index.bdmv File describing content of BDMV directory MovieObject.bdmv File describing information of Movie Objects PLAYLIST 00001.mpls 00002.mpls Database files for PlayLists 00003.mpls CLIPINF 01001.clpi 01002.clpi Database files for Clips 02001.clpi STREAM 01001.m2ts 01002.m2ts Clip AV stream files These files may or may not be encrypted. 02001.m2ts SSIF 01001.ssif Stereoscopic Interleaved files AUXDATA Directory to store Sound data file and Font files META Directory to store Metadata files BDJO Directory to store BD-J Object files Figure 3-6 Directory structure for BDMV directory Clip AV stream files under “\BDMV\STREAM” directory may be encrypted as described in Section 3.10.1. No other files under “\AACS” directory or “\BDMV” directory shall be encrypted using the scheme described in Section 3.10.1. Page 26 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book 3.9.3 CPS Unit Key File (Unit_Key_RO.inf) Each CPS Unit on the BD-ROM disc has a unique CPS Unit Key. All CPS Unit Keys on one disc shall be stored in the CPS Unit Key File “Unit_Key_RO.inf” in the “\AACS” directory and in the “\AACS\DUPLICATE” directory. The following requirement is applied to the CPS Unit Key File to reserve enough size of continuous area for the CPS Unit Key File. • The size of CPS Unit Key File shall be multiple of 65536 bytes. Table 3-12 shows the data structure for CPS Unit Key File. Table 3-12 Data Format of CPS Unit Key File for BDMV Application Syntax No. of bits Mnemonic CPS Unit Key File { Unit_Key_Block_start_address 32 Uimsbf Reserved for future use 96 Bslbf Unit_Key_File_Header() For (I=0 ; I http://example.com/ManagedCopy/00000001/ http://example.net/ManagedCopy/00000001/ BDMV BDMV/PLAYLIST/00000.mpls BDMV/CLIPINF/00000.clpi BDMV/STREAM/00000.m2ts BDMV/BDJO/00000.bdjo BDMV/JAR/00000.jar PARTIALDB/index.bdmv PARTIALDB/MovieObject.bdmv (Note) In the example above, it is assumed that database files for the partial copy are stored in the PARTIALDB directory on the source media (BD-ROM) and are copied to the destination media specified by the “dest” attribute. 5.3.1 Rules to use Managed Copy Manifest File To use Managed Copy Manifest File information, the following behaviors are required in the MCM. The MCM uses the URI information from the first URI to the last URI listed in the “URIList”. The latter URI shall be used only in the case the prior URI has the problem to be used for Managed Copy. Final Revision 0.951RC Page 97 Advanced Access Content System: Blu-ray Disc Pre-recorded Book When “DirectoryName” is listed in a MCU, all files in the indicated directory are allowed to be used for Managed Copy. (In the example in Section 5.2.1, all files in BDMV directory are allowed to be used for the Managed Copy of “MCUALL”.) The BD-J Root Certificate file is recorded in CERTIFICATE directory under root directory. BD-J Root Certificate file is allowed to be used in the Managed Copy process if necessary. If the “FileName” element does not include “dest” attribute (optional), the MCM may convert the file name of the “FileName” element during the copy process to match the path/filename specific to the target MCOT. If the “FileName” element includes a “dest” attribute (optional), the “dest” attribute indicates how this file is copied and is used on the desination media (i.e. this is useful for copying alternate database files that consists the new data structure). Note that the MCM may convert the path/filename indicated by the “dest” attribute during the copy process to match the path/filename specific to the target MCOT. 5.3.2 XML schema of Managed Copy Manifest File The Managed Copy Manifest File is an XML File. The Managed Copy Manifest File XML Schema is defined as follows. Page 98 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Final Revision 0.951RC Page 99 Advanced Access Content System: Blu-ray Disc Pre-recorded Book Page 100 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Final Revision 0.951RC Page 101 Advanced Access Content System: Blu-ray Disc Pre-recorded Book Note lang is a language code as defined in ISO639-2/T. (Note) FileName and DirectoryName shall indicate only the files and Directories that are actually recorded on the BD-ROM Media. Even if the Virtual Package is available, only the files recorded on the BD-ROM Media are target of the Managed Copy. Page 102 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book 5.4 Managed Copy Web Service Managed Copy web service and the message used in this service that are specific to BD-ROM Media are defined in this section. 5.4.1 Web Service Description Managed Copy web service description is used for communication between the MCM and the MCS. Managed Copy web service description for BD-ROM Media is defined in this section based on Managed Copy web service description defined in Appendix C of AACS Pre-recorded Video Book of this specification. Managed Copy Web Service Page 104 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Final Revision 0.951RC Page 105 Advanced Access Content System: Blu-ray Disc Pre-recorded Book Page 106 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Final Revision 0.951RC Page 107 Advanced Access Content System: Blu-ray Disc Pre-recorded Book Page 108 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book LanguageCode is a language code as defined in ISO639-2/T. 5.4.2 Offer Response Message The Offer Response Message is a Web service message as defined in the Appendix A of AACS Pre-recorded Video Book of this specification, using the Managed Copy Offer Schema. This chapter defines a Managed Copy Offer Schema specific to BD-ROM Media. Page 110 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Final Revision 0.951RC Page 111 Advanced Access Content System: Blu-ray Disc Pre-recorded Book Page 112 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Final Revision 0.951RC Page 113 Advanced Access Content System: Blu-ray Disc Pre-recorded Book Final Revision 0.951RC Page 115 Advanced Access Content System: Blu-ray Disc Pre-recorded Book ISO639LanguageCode is a language code as defined in ISO639-2/T. The “price” shall be omitted in the case the financial transaction is not necessary for the “offer”, i.e. it is allowed to be made a Managed Copy free of charge. The “dealManifest” indicates lists of files to be copied. “MCUALL” and/or “MCUPARTIAL” are included in the dealManifest. “MCUALL” means that all the content may be copied and includes "DirectoryName". For example, in case of BD-ROM, "DirectoryName" is “BDMV” and all the files under “\BDMV” directory are copied. Note that in case of MCUALL, the string Page 116 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book “MCUALL_XXX” shall be used as MCUi. Here, XXX shall be the 3-digit number and shall be unique among the MCUALLs in a Offer Response Message. “MCUPARTIAL” means that a part of the content on BD-ROM may be copied and includes "FileName". For example, "FileName" is “00000.m2ts” and only this file is copied. Note that in case of MCUPARTIAL, any string other than “MCUALL_XXX” may be used as MCUi, and MCUi shall be the same string as “ID” (child element of MCUPARTIAL) in the Managed Copy Manifest File or the Offer Response Message. In other words, the MCM can recognize that the offer is the MCUALL if the prefix of MCUi is “MCUALL_” and shall refer to the MCUALL in the dealManifest. “MCUALL” and “MCUPARTIAL” may be included in the Managed Copy Manifest File and/or the Offer Response Message. MCM shall refer to “MCUALL” and “MCUPARTIAL” according to the following rules. In the case MCUALL/MCUPARTIAL is included only in the Managed Copy Manifest File, the MCM shall refer to the Managed Copy Manifest File. In the case MCUALL/MCUPARTIAL is included only in the Offer Response Message, the MCM shall refer to the Offer Response Message. In the case MCUALL/MCUPARTIAL is included in both the Managed Copy Manifest File and Offer Response Message, the MCM shall refer to the Offer Response Message and shall ignore such information in the Managed Copy Manifest File. In other words, MCUALL/MCUPARTIAL in the Offer Response Message overrides the information in the Managed Copy Manifest File. At the minimum, either MCUALL or MCUPARTIAL shall be included either in the Managed Copy Manifest File or in the Offer Response Message. The value of the MCUi element shall be different among every offer within the Offer Response Message. Some MCM implementations may not have ability to transcode the audio/video stream. Bit by bit copy of the audio/video stream can be specified by leaving out both videoParameters and audioParameters from the offerDetails. 5.4.3 Permission Response Message Permission Response Message is a web service message as defined in the Appendix B of AACS Pre-recorded Video Book of this specification, using the Managed Copy Permission Schema. This chapter defines a Managed Copy Permission Schema specific to BD-ROM Media. Final Revision 0.951RC Page 117 Advanced Access Content System: Blu-ray Disc Pre-recorded Book Note: In order to minimize the player burden for canonicalization, the Permission Response Message shall be canonicalized in the MCS as UTF-8 bytes according to the Exclusive XML Canonicalization specification ( http://www.w3.org/TR/xml-exc-c14n/#sec-Specification ). Page 118 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book 5.5 Requirement for Managed Copy Machine Basic requirements for the MCM are defined in Chapter 5 of AACS Pre-recorded Video Book of this specification. This section specifies additional details specific to BD-ROM Managed Copy. 5.5.1 Recovery process Chapter 5 of AACS Pre-recorded Video Book of this specification defines that the Session ID, the MCUi and the MCS Certificate shall be cached on the MCM to provide the MCM with a recovery mechanism. In addition, some other data shall also be cached for BD-ROM Managed Copy. Regardless of the type of implementation, the MCM shall cache at least the following data: Session ID The Player’s resident program or a BD-J Application can keep the session with the MCS using this ID. The MCM shall keep integrity of this data. MCUi Allows the Player’s resident program or a BD-J Application to know the offer selected by the user. The MCM shall keep integrity of this data. MCS Certificate The MCS Certificate is used for verification of Offer and Permission. The MCM shall keep integrity of this data. Content ID or Content Certificate ID The Player’s resident program or BD-J Application can check whether or not the previous Managed Copy operation which failed matches the currently inserted BD-ROM Media, by comparing the ID on the disc and the ID in the Recovery Cache. In case of dual layer disc, Content Certificate ID in Content000.cer shall be used. The MCM shall keep integrity of this data. dealManifest Allows the MCM to know what file(s) failed to be copied by Managed Copy. The MCM shall cache a MCUALL or a MCUPARTIAL in the dealManifest corresponding to the offer selected by the user. The MCM shall keep integrity of this data. Coupon Allows the Player’s resident program or a BD-J Application to display financial or account transaction status to the user. majorMcotID Allows the MCM to recover the major ID of the Managed Copy Output Technology selected for the Managed Copy. minorMcotID Allows the MCM to recover the minor ID of the Managed Copy Output Technology selected for the Managed Copy. Note that the minorMcotID may be empty string. mcotOfferInfo Allows the MCM to recover the MCOT specific information. Note that the mcotOfferInfo may be an empty string. Status Allows the Player’s resident program or a BD-J Application to display further information on the transaction to the user. MCOTParams Final Revision 0.951RC Page 119 Advanced Access Content System: Blu-ray Disc Pre-recorded Book Allows the Player’s resident program or a BD-J Application to get additional information specific to the Managed Copy Output Technology. offer Allows the MCM to know what and how the Managed Copy is to be performed. The MCM shall cache the offer selected by the user because the offer includes necessary information for the copy process, such as Video Codec Specific Information, Audio Codec Specific Information, and so on. The MCM shall keep integrity of this data. The MCM shall cache one set of data listed above. The MCM shall overwrite the old data set with the new data set only if another set of data is cached. The timing of the cache overwrite shall be when the completeTransaction method is successfully completed. Prior to completion of the completeTransaction method, the MCM shall keep the old data set in the cache. The MCM shall keep the set of information in case of disc ejection or power off. Note that the MCM shall have at least 128K bytes of non-volatile storage for that purpose. In other words, the size of any set of data above shall be no more than 128K bytes. In case that the recovery is necessary due to an interrupted transaction, the MCM should notify the user what content failed to be copied by Managed Copy and needs to be resumed, and may use cached information as listed above for this purpose. When the MCM is in the recovery process, for Type A or B MCMs, the Player’s resident program may retrieve from the Recovery Cache and display the information to provide notification. For a Type C MCM, a BD-J Application may retrieve from the Recovery Cache using APIs and display this information to provide notification. If the Content ID or the Content Certificate ID of the currently inserted BD-ROM Media exists in the Recovery Cache, a BD-J Application need not call the verifyOffers method and the completeTransaction method. However, the verifyPermission method needs to be called before the makeCopy method. Note: When the financial transaction is completed, any type of MCM shall store all the necessary data listed above in the Recovery Cache. Otherwise, the MCM shall not store any data in the Recovery Cache. Until the financial transaction is completed, the MCM shall keep the data listed above temporarily in a buffer. When the copy process is completed, the MCM shall clear all of the data in the Recovery Cache. If any data is stored in the Recovery Cache, this means that the financial transaction is completed, but the copy process is not completed. In this case, the MCM should notify the user. 5.5.2 Making a Managed Copy The MCM shall not start the copy process of the Managed Copy unless it verifies that the Permission Response Message is correct as specified in Section 5.5.9 of AACS Pre-recorded Video Book of this specification. For each type of MCM, the following conditions are necessary to start the copy process: For a Type A or B MCM, If an MCM verifies that permissionSignedContent in the Permission Response Message is correct, it can start a copy process. For details of the verification of permissionSignedContent, refer to Section 5.5.9 of AACS Pre-recorded Video Book of this specification, For a Type C MCM, Page 120 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book An MCM verifies permissionSignedContent using the verifyPermission method defined in Section 5.2.1.6.3.20 of this book. If the verifyPermission method returns true, in other words, all necessary information defined in Section 5.5.1 of this book are cached in MCM, it can start a copy process. Details of the verification of permissionSignedContent, refer to Section 5.5.9 of AACS Pre-recorded Video Book, 5.6 Application/HTML for financial/accounting transaction For making a Managed Copy from a BD-ROM, a BD-J Application or an HTML web page may be used for financial and/or accounting transaction purposes. Selection of an application or HTML depends on the type of MCM as follows: For a Type A MCM, an HTML web page is used for the financial/accounting transaction, because the Managed Copy Machine performs its process as illustrated in Figure 5-1, For a Type B MCM, an HTML web page is used for the financial/accounting transaction, because the Managed Copy Machine performs its process as illustrated in Figure 5-2, For a Type C MCM, a BD-J Application is used for the financial/accounting transaction, because the BD-J Virtual Machine performs its process as illustrated in Figure 5-3. Details of the application/HTML for the financial/accounting transaction are defined in Section 5.3 of AACS Pre-recorded Video Book of this specification. Note that in addition to a BD-J Application or HTML web page, other Player-specific applications may be used for the financial/accounting transaction. There are four types of MC ready discs. An MC ready disc shall have a Managed Copy Manifest File including a Content ID, and a Content Certificate including a Content Certificate ID. i. BD-ROM with Content ID/Content Certificate ID ii. BD-ROM with Content ID/Content Certificate ID and a BD-J Application for launching the MCM (used for a Type B MCM) iii. BD-ROM with Content ID/Content Certificate ID and a BD-J Application for transactions with the MCS (used for a Type C MCM) iv. BD-ROM with Content ID/Content Certificate ID, a BD-J Application for launching the MCM (used for a Type B MCM) and a BD-J Application for transactions with the MCS (used for a Type C MCM). Note: a BD-J Application for launching the MCM and performing transactions with the MCS may be combined. For each type of MC ready disc, the Content Provider shall prepare a BD-J Application and/or HTML web page for financial and/or accounting transaction purposes as specified in Table 5-1 and shall make it available on the MCS. Note that the HTML web page for financial and/or accounting transaction purposes is mandatory for all the MC ready discs, if financial or accounting transactions are necessary for the service. Table 5-1 Application/HTML for financial/accounting transaction on a Managed Copy Server Type-i disc Type-ii disc Type-iii disc Type-iv disc BD-J Application Not required Not required Required Required for financial/accounting transaction HTML web page Required Required Required Required Final Revision 0.951RC Page 121 Advanced Access Content System: Blu-ray Disc Pre-recorded Book Page 122 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Chapter 6 Details for Sequence Keys and Unified MKB 6. Introduction Sequence Keys and Sequence Key Block are specified in Chapter 4 of the Pre-recorded Video Book of this specification. This chapter describes additional details of Sequence Keys for BD-ROM disc and Application Format. Unified Media Key Block (MKB) is specified in Chapter 3 of the Introduction and Common Cryptographic Elements book of this specification. This chapter also describes additional details of Unified MKB for BD- ROM disc and Application Format. BD-ROM applies the multiple PlayList approach and 256 PlayLists are used per a Sequence Key Block / Unified MKB for this purpose. The Segment Keys are used for encrypting the Segment Portion in Clip AV stream file and are stored in the Segment Key File. 6.1 PlayList approach for Sequence Keys / Unified MKB A BD-ROM disc has at most six Sequence Key Blocks and six Unified MKBs. For both Sequence Key Blocks and Unified MKBs, 1024 Variant Data are assigned. The Variant Number is calculated from each Sequence Key Block / Unified MKB. The Variant Number is used to determine the PlayList_id of the PlayList to be played back. Each PlayList contains a set of PlayItems for Segment Portion and non-Segment Portion and each PlayItem for Segment Portion points out to one of the variations for that Segment Portion. Figure 6-1 describes an overview of PlayList approach for Sequence Keys / Unified MKB. Final Revision 0.951RC Page 123 Advanced Access Content System: Blu-ray Disc Pre-recorded Book Variant No. = #1 PlayList#0 000 002 017 021 034 049 … 250 255 PlayList#1 000 016 017 019 034 035 … 240 255 Movie Title … … … Object PlayList#255 000 009 017 033 034 037 … 239 255 PlayItem Disc Segment Segment Segment Segment Portion 1 Portion 2 Portion 3 Portion 15 AV001 AV018 AV035 AV239 AV002 AV019 AV036 AV240 AV000 AV003 AV017 AV020 AV034 AV037 … AV238 AV241 AV255 AV004 AV021 AV038 AV242 AVstream … … … … … … variations AV016 AV033 AV050 AV254 time Figure 6-1 Overview of PlayList approach for Sequence Key Block / Unified MKB Each Clip AV stream referred from PlayItem (AV000, AV001, AV002, …, AV255) is recorded as an individual Clip AV stream file and each Segment Portion (AV001, AV002, AV003, …, AV254) is encrypted by a different Segment Key. (Note 1) At least one Clip AV stream of non-Segment Portion shall be allocated between Segment Portion i and Segment Portion (i + 1). (Note 2) Sequence Key Block / Unified MKB are applicable for only main TS and are not applicable for sub TS. Page 124 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Playback process for BD-ROM Player 6.1.1 Encryption and Decryption Overview This section describes the encryption and decryption process for (a) Segment Portion and (b) non-Segment Portion on the BD-ROM Disc on which the Sequence Key Block and Unified MKB are assigned. The Sequence Key Block Files “SKB1.inf”, “SKB2.inf”, “SKB3.inf”, “SKB4.inf”, “SKB5.inf” and “SKB6.inf” shall be recorded in the “\AACS” directory and in the “\AACS\DUPLICATE” directory. In case of the BD- ROM disc on which the SKB is assigned, the number of the SKB shall be between one and six and the index of SKB file name shall be defined in continuous order, starting from one. For example, in case of three SKBs are assigned on the BD-ROM disc, the SKB1.inf, SKB2.inf and SKB3.inf shall be recorded on the disc. SKB data shall be recorded from the first byte of the file, and the null (0016) padding may be attached after the SKB data in the file for the authoring and the mastering purpose. In the same way, the Unified MKB “uMKB1.inf”, “uMKB2.inf”, “uMKB3.inf”, “uMKB4.inf”, “uMKB5.inf” and “uMKB6.inf” shall be recorded in the “\AACS” directory and in the “\AACS\DUPLICATE” directory. In case of BD-ROM disc on which the SKB is assigned, uMKB shall also be assigned for the disc, and vice versa. Also, the number of Unified MKB shall be same as that of Sequence Key Block. For example, in case of four SKBs are assigned on the BD-ROM disc, four Unified MKBs shall be recorded on the disc, i.e. uMKB1.inf, uMKB2.inf, uMKB3.inf and uMKB4.inf shall be recorded. On the other hand, for the BD-ROM disc on which the Sequence Key Block / Unified MKB is not assigned, Process SKB / Unified MKB is omitted and the Volume Unique Key is used instead of the Volume Variant Unique Key. In this case, the Sequence Key Block, Unified MKB and the Segment Key file are not recorded on the disc. Figure 6-2 describes an encryption and decryption overview for the BD-ROM disc on which the Sequence Key Block / Unified MKB is not assigned. Final Revision 0.951RC Page 125 Advanced Access Content System: Blu-ray Disc Pre-recorded Book Replicator Pre-Recorded Media Playback Device Device Key Set MKB MKB Process MKB KCD *KCD AES-G Volume ID Km Km AES-G Volume ID AES-G AACS LA Kvu Kvu Content Certificate CPS Unit Public Key Keys Encrypt CPS Unit Key File Decrypt Kt Usage Rule Usage Rule Verify Content Encrypt Encrypted Content Decrypt Content *KCD is used by only certain classes of devices. Figure 6-2 Encryption and Decryption Overview for BD-ROM on which SKB / uMKB is not assigned Page 126 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book 6.1.1.1 Key Hierarchy for Segment Portion For the Segment Portion, the Segment Key is used for encrypting instead of the CPS Unit Key. 240 (16 variations * 15 segments) Segment Keys are used for one SKB / Unified MKB and these keys are recorded in the Segment Key File. Figure 6-3 describes an encryption and decryption overview for the Segment Portion on the BD-ROM disc on which the SKB and Unified MKB are assigned. Replicator Pre-Recorded Media Playback Device Device Key Set MKB MKB Process MKB KCD *KCD AES-G Sequence Key Set / Device Key Set Process SKB / SKB / Unified MKB SKB / Unified MKB Unified MKB Km Volume ID Kmv Kmv AES-G Volume ID AES-G AACS LA Kvvu Kvvu Content Certificate Segment Encrypt Segment Key File Public Key Keys Decrypt Usage Rules Usage Rules Verify Content Encrypt Encrypted Content Decrypt Content *KCD is used by only certain classes of devices. Figure 6-3 Encryption and Decryption Overview for Segment portion Final Revision 0.951RC Page 127 Advanced Access Content System: Blu-ray Disc Pre-recorded Book 6.1.1.2 Key Hierarchy for non-Segment Portion For the non-Segment Portion which means that it is not the Segment Portion, the CPS Unit Keys are used for encrypting instead of the Segment Key. Figure 6-4 describes an encryption and decryption overview for the non-Segment Portion on the BD-ROM disc on which the SKB and Unified MKB are assigned. Replicator Pre-Recorded Media Playback Device Device Key Set MKB MKB Process MKB KCD *KCD AES-G SKB / Unified MKB SKB / Unified MKB Km Volume ID Km AES-G Volume ID AES-G AACS LA Kvu Kvu Content Certificate CPS Unit Encrypt CPS Unit Key File Decrypt Public Key Keys Usage Rule Usage Rule Verify Kt Content Encrypt Encrypted Content Decrypt Content *KCD is used by only certain classes of devices. Figure 6-4 Encryption and Decryption Overview for non-Segment Portion 6.1.2 Selection process of a PlayList The BD player selects a proper PlayList to be player back by using a Movie Object for Title defined in Section 3.9.1.8 of this specification. (Note) The assignment of the Player Status Registers for the Playlist_Indicator is PSR96 and PSR97. This is the example of the Movie Object programmed a PlayList selection for one SKB and one Unified MKB. This example assumes that PlayList_id #0 to #255 are assigned for SKB1 and uMKB1. MovieObject(){ Number_of_navigation_commands (=4); Move[GPR#Y][PSR96]; Page 128 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book And[GPR#Y][0xFF000000]; Shift Right[GPR#Y][0x18]; PlayPL[GPR#Y]; } For example, the Movie Object for PlayList selection includes “Number_of_navigation_commands” and “PlayPL”. “Number_of_navigation_commands” indicates the number of navigation_command structures that are contained with the Movie Object( ). “PlayPL (PlayList_id = PSR)” commands the playback of PlayList#(PlayList_id). Note that each PlayPL for each SKB / Unified MKB shall not command the playback of the same PlayList#(PlayList_id). In other words, for six SKBs and six uMKBs, at least 1536 PlayLists are necessary. This is the example of the Movie Object programmed a PlayList selection for two SKBs and two Unified MKBs. This example assumes that PlayList_id #0 to #255 and PlayList_id #256 to #511 are assigned for SKB1 / uMKB1 and SKB2 / uMKB2 respectively. MovieObject(){ Number_of_navigation_commands (=9); Move[GPR#Y][PSR96]; And[GPR#Y][0xFF000000]; Shift Right[GPR#Y][0x18]; PlayPL[GPR#Y]; Move[GPR#Y][PSR96]; And[GPR#Y][0x00FF0000]; Shift Right[GPR#Y][0x10]; Add[GPR#Y][0x100]; PlayPL[GPR#Y]; } “PSR” is the Player Status Register, which can be stored a fixed length variable. The PlayList Indicator for each SKB / uMKB derived from the PlayList_id is set to the PSR. Figure 6-5 describes an example of the data format of PSR for this purpose. Playlist_Indicator #1, Playlist_Indicator #2, Playlist_Indicator #3, … and Playlist_Indicator #6 corresponds to “SKB1.inf” / “uMKB1.inf”, “SKB2.inf” / “uMKB2.inf”, “SKB3.inf” / “uMKB3.inf”, …, and “SKB6.inf” / “uMKB6.inf” respectively. These Playlist_Indicators are computed as follows: Playlist_Indicator #i = PlayList_id #i mod 256 (i = 1, 2, 3, …, 6) where PlayList_id #i denotes the PlayList_id corresponding the SKBi / uMKBi. Final Revision 0.951RC Page 129 Advanced Access Content System: Blu-ray Disc Pre-recorded Book PSR96 PSR97 Playlist_Indicator #1(b31-b24) Playlist_Indicator #5(b31-b24) Playlist_Indicator #2(b23-b16) Playlist_Indicator #6(b23-b16) Playlist_Indicator #3(b15-b8) Reserved (b15-b8) Playlist_Indicator #4(b7-b0) Reserved (b7-b0) Figure 6-5 Data format of PSR 6.2 Segment Key File Each Segment Portion is encrypted by the Segment Key and each Segment Key is encrypted by the Volume Variant Unique Key. The Volume Variant Unique Key is defined for each PlayList, in other words, 1024 Volume Variant Unique Keys are used for encrypting the Segment Keys per one Sequence Key Block / Unified MKB. The Segment Key File “Segment_Key.inf” shall be recorded in the “\AACS” directory and in the “\AACS\DUPLICATE” directory. Table 6-1 shows the data format of the Segment Key File. Table 6-1 Data Format of Segment Key File Syntax No. of bits Mnemonic Segment_Key_File(){ Num_of_SKB_Unified_MKB 16 For(I=0; I < Num_of_SKB_Unified_MKB; I++){ For(J=0; J < 1024; J++){ PlayList_id (= X) 16 For(K=0; K < 15; K++){ PlayItem_id(X, K) 16 uimsbf Encrypted Segment Key for PlayList/PlayItem(X, K) 128 uimsbf } } } } Num_of_SKB_Unified_MKB indicates the number of Sequence Key Blocks / Unified MKBs on the BD-ROM disc. For example, in case three SKBs and three Unified MKBs are recorded, Num_of_SKB_Unified_MKB shall be 000316. PlayList_id indicates the PlayList for a particular Variant Number for a particular SKB / uMKB. PlayItem_id indicate the PlayItem assigned corresponding encrypted Segment Key. Page 130 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Encrypted Segment Key for PlayList/PlayItem(X, K) contains the 16 bytes of the encrypted Segment Key for used for encrypting the PlayItem(X, K). The Segment Key is encrypted as follows: AES_128E(Kvvu-J(I, J), Segment Key(X, K)) where Kvvu-J denotes a Volume Variant Unique Key defined in Section 3.3 of the Pre-recorded Video Book of this specification and corresponds to the Variant Number “J”. (Note) Different Segment Keys shall be assigned to different Segment Portions. Calculation method for the Block key for Segment Portion is described in Figure 6-6. seed Segment Key AES-128E AES-128E Block Key Figure 6-6 Calculation method for the Block Key from the Segment Key Final Revision 0.951RC Page 131 Advanced Access Content System: Blu-ray Disc Pre-recorded Book This page is intentionally left blank. Page 132 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Chapter 7 Clarifications for Unencrypted Content 7. Introduction For the BD Prerecorded Disc (BD-ROM) and Binding Unit Data Area of Local Storage, both encrypted content and unencrypted content can be recorded as AACS Signed Content. This chapter describes details of disc structure for the BD-ROM containing unencrypted content. 7.1 Disc structure CPS Unit structure defined in Section 3.9 shall be also applied for unencrypted content, i.e. Usage Rule shall be also defined for unencrypted content. Encrypted portion and unencrypted portion cannot be mixed in one CPS Unit except the cases defined in Section 7.4, because a Usage Rule is constant in one CPS Unit. 7.1.1 CPS information files for unencrypted content This section describes clarifications for the necessary CPS information files for BD-ROM composed of the followings: - only unencrypted content - both encrypted content and unencrypted content. 7.1.1.1 BD-ROM composed of only unencrypted content BD-ROM that contains unencrypted content and does not contain any encrypted content shall store all the CPS information files defined in Figure 3-5. In other words, such BD-ROM shall store the followings: - CPS Unit Key File - MKB and Read/Write MKB - Sequence Key Block (Optional) - Unified MKB (Optional) - Segment Key File (Optional) - Managed Copy Manifest File (Optional) - Content Revocation List - Content Certificate - Content Hash Table - CPS Unit Usage File. In addition to above CPS information files, Volume ID and Partial MKB shall be stored on BD-ROM. For such BD-ROM, CPS Unit Key shall be assigned for all CPS Units (and the key is not used for decryption). Final Revision 0.951RC Page 133 Advanced Access Content System: Blu-ray Disc Pre-recorded Book Note that for the BD-ROM that does not contain any (encrypted) AACS Content, the Type 3 MKB defined in Section 3.2.5.1 of Introduction and Common Cryptographic Elements book of this specification shall be used as the MKB “MKB_RO.inf”. The Content Certificate and the Content Hash Table are applied for all unencrypted Clip AV streams on such BD-ROM. A Licensed Player shall verify the Content Certificate and the Content Hash Table for unencrypted Clip AV stream. 7.1.1.2 BD-ROM composed of both encrypted content and unencrypted content BD-ROM that contains both encrypted content and unencrypted content shall also store all the CPS information files clarified in Section 7.1.1.1. For such BD-ROM, the CPS Unit number for unencrypted content shall be different from the number for encrypted content. For such BD-ROM, CPS Unit Key shall be assigned for all CPS Units (and some keys are used for decryption and others are not). For the BD-ROM that contains both encrypted content and unencrypted content, the Type 3 or Type 4 MKB shall be used as the MKB “MKB_RO.inf”. The Content Certificate and the Content Hash Table cover both encrypted and unencrypted content. A Licensed Player shall verify the Clip AV stream regardless of encrypted or unencrypted. 7.2 Usage Rules for Unencrypted content Basic CCI for AACS defined in Section 3.9.4.2 shall contain the following Usage Rules for a CPS Unit composed of such content: - EPN: EPN-unasserted (=12) - CCI: Copy Control Not Asserted (=002) - Image_Constraint_Token: High Definition Analog Output in High Definition Analog Form (=12) - Digital_Only_Token: Output of decrypted content is allowed for Analog/Digital Outputs (=02) - APSTB: APS off (=0002) - Type_of_Title: Basic Title (=02) Note that an Enhanced Title Usage for AACS defined in Section 3.9.4.3 of this specification shall not be used for such a CPS Unit. 7.3 Copy Permission Indicator for Unencrypted content Copy_permission_indicator defined in Section 3.10.2 of this specification indicates whether a corresponding Aligned Unit is encrypted or not and shall be set as shown in Table 7-1. Page 134 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Table 7-1 Copy_permission_indicator Copy_permission_indicator Meaning 002 unencrypted 012 Reserved 102 Reserved 112 encrypted For unencrypted content, i.e. Copy_permission_indicator = 002, Licensed Player shall treat such content according to the Usage Rules defined in Section 7.2 of this specification. If the Licensed Player encounters the packet with Copy_permission_indicator set to 102 or 012, the data shall be considered encrypted. 7.4 Exceptional Rule for CPS Unit As described in Section 7.1, all Clip AV stream files in one CPS Unit shall be encrypted by the same Unit Key. Note that it is also allowed as a special case that all Clip AV stream files in one CPS Unit are unencrypted as clarified in Section 7.1.1.2. As an exception, both encrypted and unencrypted Clip AV stream files may co-exist within one CPS Unit for the following two cases. In these cases, a player’s behavior of handling the corresponding Usage Rule for unencrypted Clip AV stream files is dependent on the implementation. 7.4.1 Case 1 Under the following conditions, both encrypted and unencrypted Clip AV stream files may co-exist within one CPS Unit. • All Clip AV stream files in this CPS Unit shall be encrypted, if it is recorded on BD-ROM. • Clip AV stream files in this CPS Unit may be encrypted or unencrypted, if it is stored at the Binding Unit Data Area of Local Storage • Within one Clip AV stream file, the encrypted portion and unencrypted portion shall not co-exist. • Any PlayList shall not refer to both encrypted and unencrypted Clip AV stream files 7.4.2 Case 2 Under the following conditions, both encrypted and unencrypted Clip AV stream files may co-exist within one CPS Unit. • All Clip AV stream files in this CPS Unit shall be encrypted, if it is recorded on BD-ROM. • Clip AV stream files in this CPS Unit may be encrypted or unencrypted, if it is stored at Binding Unit Data Area of Local Storage • Clip AV stream file used as main TS in this CPS Unit shall be encrypted • Clip AV stream file used as sub TS in this CPS Unit may be encrypted or unencrypted • Number of SubPath shall be one • SubPathType shall be "Out-of-mux and Synchronous type of Picture-in-Picture presentation path" • PlayItem and SubPlayItem shall be aligned • There shall not be any time-gap in SubPath Final Revision 0.951RC Page 135 Advanced Access Content System: Blu-ray Disc Pre-recorded Book Page 136 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Chapter 8 Additional Requirements for The 3D Feature 8. Introduction The 3D feature has been introduced by the Blu-ray Disc Association in its specification book of System Description Blu-ray Disc Read-Only Format part 3: Audio Visual Basic Specifications, Version 2.4. This chapter describes additional requirements for Licensed Players and BD-ROM discs with the 3D feature. 8.1 3D Application Format and Encryption This section describes additional information and requirements with regard to the application format and encryption which is described in Chapter 3 of this specification. 8.1.1 Stereoscopic Interleaved File In addtion to the Clip AV stream file described in Section 3.9.1.1 of this specification, the Stereoscopic Interleaved file is defined for the 3D feature. The Stereoscopic Interleaved File is composed of two Clip AV stream files, one is for left view and the other is for right view. The two Clip AV stream files are interleaved inside the Stereoscopic Interleaved file. Note that the same sectors on the 3D disc are shared by the Stereoscopic Interleaved file and the two Clip AV stream files. The File System layer enables a set of files to share the same sector data. 8.1.2 Encryption Scheme When AACS encryption is applied to the 3D content, the Stereoscopic Interleaved file and the two Clip AV stream files share the same data encrypted as defined in Section 3.10.1 of this specification. Therefore, if the Clip AV stream files under "\BDMV\STREAM" directory are encrypted, the corresponding Stereoscopic Interleaved files under "\BDMV\STREAM\SSIF" are also encrypted. Within the Stereoscopic Interleaved file, segments of the two Clip AV stream files are recorded alternately. The boundary of these segments shall be always aligned to Aligned Unit boundary, so that there is no impact on the encryption scheme of the Stereoscopic Interleaved file. 8.1.3 Bus Encryption When the Clip AV stream files are bus-encrypted as defined in Secion 3.7 of this specification, the corresponding Stereoscopic Interleaved files are also bus-encrypted. 8.2 Content Revocation This section describes additional information and requirements with regard to the content revocation which is described in Chapter 2 of this specification. 8.2.1 Content Certificate The BD-ROM with the 3D feature shall use the same data format for the Content Certificate as defined in Table 2-1. 8.2.2 Content Hash Table The Content Hash Table on the 3D disc shall contain Hash Values for hash unit of all Clip AV stream files in the same manner as defined in Section 2.3.1 of this specification. Hash Values for hash units of the Final Revision 0.951RC Page 137 Advanced Access Content System: Blu-ray Disc Pre-recorded Book Stereoscopic Interleaved files shall not be recorded. Note that the Content Hash Table indirectly contains Hash Values for hash units of the Stereoscopic Interleaved files because the Stereoscopic Interleaved file shares the same sector data with the corresponding Clip AV stream files as described in Section 8.1.1 of this specification. 8.2.3 Hash Calculation The Hash Value for each hash unit of the Clip AV stream shall be calculated in the same manner described in Secion 2.3.2.1 of this specification. 8.2.4 Verifying Content Certficate When the Licensed Player does not support 3D playback (herein after called as 2D Licensed Player), the hash check process for 2D and 3D discs is the same as that for 2D discs, as defined in Section 2.3.3.1 of this specification. Note that 2D Licensed Playes do not read Stereoscopic Interleaved files. When the Licensed Player supports 3D playback (herein after called as 3D Licensed Player), and when the 3D Licensed Player reads 2D Clip AV stream files for 2D playback from 2D and 3D discs, the hash check process is same as that for a 2D Licensed Player. In some cases, a 3D Licensed Player reads 2D Clip AV stream files from a 3D disc for 2D playback. For example, if the display is only for 2D playback, even 3D Licensed Players can playback 2D Clip AV stream files from a 3D disc. When the 3D Licensed Player reads 3D Clip AV stream files from a 3D disc for 3D playback, the hash check process is the same as that for 2D Licensed Players. When the 3D Licensed Player reads a Stereoscopic Interleaved file for 3D playback, and when the 3D Licensed Player applies procedure a) defined in Section 2.6 of Pre-recorded Video Book of this specification for the hash check process, the hash check process is the same as that for 2D Licensed Players. When the 3D Licensed Player reads a Stereoscopic Interleaved file for 3D playback, and when the 3D Licensed Player applies procedure b) for hash check process, the 3D Licensed Player shall extract the corresponding Hash Value from the Content Hash Table using a mapping table between the two Clip AV stream files and the Stereoscopic Interleaved file. For the detail of this mapping table, refer to Blu-ray Disc Association, System Description Blu-ray Disc Read-Only Format, part 3: Audio Visual Basic Format Specification. Table 8-1 Hash Check Process for 2D and 3D disc Page 138 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book 2D Licensed 3D Licensed Player Player 3D playback from 3D disc 2D playback 2D playback from 2D and from 2D and Read Stereoscopic 3D disc 3D disc Read Clip AV stream Interleaved file for files for 3D playback 3D playback procedure a) Same * Same * Same * Same * Extract expected Hash Value from Content Hash Table referring mapping procedure b) Same * Same * Same * table of two Clip AV stream files and Stereoscopic Interleaved file * Hash Check Process is same as the case that 2D Licensed Player reads Clip AV stream files from 2D disc. 8.3 Sequence Keys / Unified MKB This section describes additional information and requirements with regard to the Sequence Keys and Unified MKB which is described in Chapter 6 of this specification. 8.3.1 Application rule of Sequence Keys / Unified MKB for 3D disc Sequence Key Block / Unified MKB are applicable for 3D disc, only when the Stereoscopic Interleaved file is not used. In the other words, they are not applicable for 3D disc with Stereoscopic Interleaved file. Final Revision 0.951RC Page 139 Advanced Access Content System: Blu-ray Disc Pre-recorded Book This page is intentionally left blank. Page 140 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book This page is intentionally left blank. Final Revision 0.951RC Page 141 Advanced Access Content System: Blu-ray Disc Pre-recorded Book Annex A. Restriction on Data Allocation (Informative) This annex includes the information for Authoring Facility. AACS introduces the following restrictions on data allocation for ease of mastering and content hash verification. When the Authoring Facility makes the disc image, the Authoring Facility shall comply with these restrictions. All the extents of each Clip AV stream file shall be allocated with ascending order in physical layer. Each physical sector in an Aligned Unit shall be allocated contiguously on the BD-ROM disc. If a Clip AV stream file is recorded over both physical layers in dual-layer disc, the total size of extents for the Clip AV stream file recorded in layer 0 shall be multiple of a hash unit. Final Revision 0.951RC Page 143 Advanced Access Content System: Blu-ray Disc Pre-recorded Book This page is intentionally left blank. Page 144 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Annex B. Carriage of System Renewability Message B.1 Introduction This chapter describes the method to store the System Renewability Message (SRM) on the BD-ROM in the case where an SRM is to be stored on the BD-ROM. B.2 SRM for DTCP SRM for DTCP shall be stored as a file “DTCP.srm” in the root directory. B.3 SRM for HDCP SRM for HDCP shall be stored as a file “HDCP.srm” in the root directory. Final Revision 0.951RC Page 145 Advanced Access Content System: Blu-ray Disc Pre-recorded Book This page is intentionally left blank. Page 146 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Annex C. Requirements for On-line and Managed Copy API This annex defines requirements and recommendations for On-line and Managed Copy APIs at BD-J specific aspect, in addition to Chapter 4 and Chapter 5 of this specification. C.1. PSR31 value and VFS capability / BD-J network connectivity Player Status Register 31 (PSR31) includes 4-bit Player Profile at the position of bit16~19. Content shall cause the player to check player‘s VFS capability and BD-J network connectivity by referring to Player Profile. Following table explains the relationship between Player Profile value and VFS capability / BD-J network connectivity. 00002 and 10002 : Player Profile for the player that does not have VFS capability nor BD-J network connectivity 00012 : Player Profile for the player that has VFS capability, but does not have BD-J network connectivity 00112 : Player Profile for the player that has both VFS capability and BD-J network connectivity (Other values are reserved) Note: Implementation of AACS On-line function is mandatory for all Licensed Players that has BD-J network connectivity. However, the capability of storing Cacheable Permission (i.e. Secure Clock implementation) is optional for such kind of Licensed Player. The existence of compliant AACS On- line API implementation shall be checked by referring to system property value defined in C.2 because the Licensed Player with Player Profile “00112” developed before this revision might not implement AACS On-line function. C.2. System property and API implementation C.2.1. System Property The System Property for AACS On-line and Managed Copy API is defined as follows. Other property names with prefix “aacs.bluray.” are reserved for future use. - aacs.bluray.online.capability = YES | NO This means that System.getProperty(“aacs.bluray.online.capability”) in BD-J Application returns the value according to the requirement defined in C.2.2. - aacs.bluray.mc.capability = “A”, “B”, “C”, “AB” or “AC” | NO This means that System.getProperty(“aacs.bluray.mc.capability”) in BD-J Application returns the value according to the requirement defined in C.2.3. Final Revision 0.951RC Page 147 Advanced Access Content System: Blu-ray Disc Pre-recorded Book C.2.2. Implementation requirement for On-line The following table describes the rules for AACS On-line API related player implementation. Table C-1 System Property and API implementation for AACS On-line System Property API implementation (aacs.bluray.online.capability = YES | NO) Player Profile = 00002, 00012, NO (*1) Recommended to or 10002 implement AACS On-line API stubs to return at least dummy values Player Profile = 00112 YES Required to implement AACS On-line API correctly. (*1) Note: The Licensed Player developed before Revision 0.912 might not implement this property. They may throw SecurityException as a response for unknown system property request. Page 148 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book C.2.3. Implementation requirement for Managed Copy The following table describes the rules for AACS Managed Copy API related player implementation. Table C-2 System Property and API implementation for AACS Managed Copy System Property API implementation (aacs.bluray.mc.capability = “A”, “B”, “C”, “AB” or “AC” (*2) | NO) Player which does not support NO (*1) IsMCMSupported() shall be Managed Copy implemented to return false. (Recommended to implement other AACS Managed Copy API stubs to return at least dummy values.) Player which supports “A”, “B”, “C”, “AB” or “AC” Required to implement Managed Copy (*2) AACS Managed Copy API correctly. (*1) Note: The Licensed Player developed before Revision 0.912 might not implement this property. They may throw SecurityException as a response for unknown system property request. (*2) Note: The Licensed Player shall return the value according to the type of MCM. In the case of the Licensed Player which implements a Type A MCM, it shall return “A”. In the case of the Licensed Player which implements both a Type A and C MCM, it shall return “AC”. Licensed Players are prohibited from implementing both a Type B and C MCM because Type B and C cannot coexist in one device. C.2.4. Player Implementation options for VFS, On-line and Managed Copy The following table describes the options for Player capability and the related indication method to check the Player implementation. Table C-3 Player Implementation options for On-line and Managed Copy Option VFS (for BDMV and AACS BD-J Network Connectivity AACS Online APIs files) 1 NO NO NO 2 YES NO NO 3 YES YES YES Indication YES : Player Profile = 00012 YES : Player Profile = 00112 SystemProperty Method or 00112 NO: Player Profile (others) (aacs.bluray.online.capability) NO: Player Profile (others) Note: Capability for Managed Copy is independent from other implementation options described in this table, and shall be checked by referring System Property (aacs.bluray.mc.capability). Final Revision 0.951RC Page 149 Advanced Access Content System: Blu-ray Disc Pre-recorded Book C.3. Consideration for the use of com.aacsla.bluray package The following requirements are applied for the content and player implementation to consider the use of com.aacsla.bluray package. Requirement for content: BD-J Applications shall not define classes in “com.aacsla.bluray” package. The fully qualified class name of any class defined by an application shall not start with “com.aacsla.bluray”. BD-J Applications shall not use or reference API elements of “com.aacsla.bluray” that are not defined in AACS Blu-ray Disc Pre-recorded Book. Requirement for Players: BD-ROM Terminals shall protect the overriding of APIs in “com.aacsla.bluray” package by using the SecurityManager.checkPackageDefinition mechanism. C.4. Method to check the player’s capability by content C.4.1. Method to check the player’s AACS On-line capability To avoid the compatibility problem, it is strongly recommended for a BD-J Application to implement a check of the player’s capability of supporting AACS On-line APIs, before it calls AACS On-line APIs. The following steps are an example of this capability check. 1. Read PSR31 value and check that Player Profile is 00112. 2. Check that the return value of System.getProperty(“aacs.bluray.online.capability”) is “YES”. (Note 1): System.getProperty() may throw SecurityException. It is strongly recommended that the BD-J Application catch this exception and treat it as no AACS On-line capability. (Note 2): This check shall be done in addition to PSR31 check because the Licensed Player with Player Profile “00112” developed before this revision might not implement the AACS On-line function. 3. If the checks in step 1 and step 2 succeed, call the AACS On-line APIs. C.4.2. Method to check the player’s AACS Managed Copy capability To avoid the compatibility problem and eager linking problem, a separate BD-J Application is required to check the player’s capability of supporting AACS Managed Copy before it launches another BD-J Application to use the AACS Managed Copy APIs. The following steps are an example of capability check. 1. Check that the return value of System.getProperty(“aacs.bluray.mc.capability”) is ”A”, “B”, “C”, “AB” or “AC”. 2. If the value includes the character “B” or “C”, launch another BD-J Application which calls AACS Managed Copy APIs according to the type of MCM. Note that the BD-J Application shall not call AACS Managed Copy APIs for a Type A MCM. Page 150 Final Revision 0.951RC Advanced Access Content System: Blu-ray Disc Pre-recorded Book Warning: The application which checks the capabilities using the system property shall not itself call any APIs defined in Section 5.2 of this specification, to avoid the eager linking problem. Final Revision 0.951RC Page 151