locked
Should we sign BD source and video decryptor under PMP? RRS feed

  • Question

  • hi, all:

    we're currently discussing with one hardware manufactor for bluray business,   we would like to provide BD source and they would like to provide video decoder and audio decoder. 

    as I read PMP-sign.doc (http://www.microsoft.com/whdc/winlogo/drvsign/pmp-sign.mspx) ,  only codec and MFT should be signed under PMP-PE. 

    but there are other information said all components should be signed by PMP-PE, othewise it will not be loaded into PMP.

    I don't know should we sign media source or not now.

    can any one familiar with PMP help me on this question?

    besides,  I have another question here:

    if we move BD+ code out of media source like this:

    [BD source] - [ITA] - [BD+ decryptor] - [video decoder]

    should we sign BD+ decryptor as well?

     

    thank you in advance.

    yours

    JohnYe

     

     


    -------------------- JohnYe from SHANGHAI. email: yechzh@126.com
    Monday, April 19, 2010 11:09 AM

Answers

  • Typically, media sources run outside the PMP process and do not need to be signed for the PMP.  As long as the source produces media data that is still encrypted as it is in the source file, the source generally does not need any protection.  Media Foundation already supplies a mechanism for remoting sources into the PMP process while the actual source object runs in the application process.  You just need to support creating your ITA in the PMP process.  Some protection schemes might require running the source in the PMP, generally if the source is required to do any decryption to parse data. 

    The ITA and decryptor definitely should be running in the PMP and should be PMP signed.  Typically they are both in the same binary and so only one binary is required to be signed.

    The documentation is correct in that all components need to be signed to run in the PMP; it is just not necessary to run every component in the PMP.  Usually everything but the source runs in the PMP, however.

     

    • Marked as answer by JohnYe Tuesday, April 27, 2010 1:47 AM
    Monday, April 26, 2010 11:42 PM

All replies

  • add more information that our target platform is windows 7.

    thanks.

     


    -------------------- JohnYe from SHANGHAI. email: yechzh@126.com
    Tuesday, April 20, 2010 1:37 AM
  • Typically, media sources run outside the PMP process and do not need to be signed for the PMP.  As long as the source produces media data that is still encrypted as it is in the source file, the source generally does not need any protection.  Media Foundation already supplies a mechanism for remoting sources into the PMP process while the actual source object runs in the application process.  You just need to support creating your ITA in the PMP process.  Some protection schemes might require running the source in the PMP, generally if the source is required to do any decryption to parse data. 

    The ITA and decryptor definitely should be running in the PMP and should be PMP signed.  Typically they are both in the same binary and so only one binary is required to be signed.

    The documentation is correct in that all components need to be signed to run in the PMP; it is just not necessary to run every component in the PMP.  Usually everything but the source runs in the PMP, however.

     

    • Marked as answer by JohnYe Tuesday, April 27, 2010 1:47 AM
    Monday, April 26, 2010 11:42 PM
  • thank you.  Matt. 

    It help us much.

     


    -------------------- JohnYe from SHANGHAI. email: yechzh@126.com
    Tuesday, April 27, 2010 1:51 AM