Revert "Fix MediaDrm security level APIs" (fda717d5) · Commits · e / os / android_frameworks_base

api/current.txt

+1 −2

media/java/android/media/MediaDrm.java

+32 −64

Original line number	Original line	Diff line number	Diff line
	@@ -634,39 +634,8 @@ public final class MediaDrm implements AutoCloseable {
	* @throws ResourceBusyException if required resources are in use		* @throws ResourceBusyException if required resources are in use
	*/		*/
	@NonNull		@NonNull
	public byte[] openSession() throws NotProvisionedException,		public native byte[] openSession() throws NotProvisionedException,
	ResourceBusyException {		ResourceBusyException;
	return openSession(getMaxSecurityLevel());
	}

	/**
	* Open a new session at a requested security level. The security level
	* represents the robustness of the device's DRM implementation. By default,
	* sessions are opened at the native security level of the device.
	* Overriding the security level is necessary when the decrypted frames need
	* to be manipulated, such as for image compositing. The security level
	* parameter must be lower than the native level. Reducing the security
	* level will typically limit the content to lower resolutions, as
	* determined by the license policy. If the requested level is not
	* supported, the next lower supported security level will be set. The level
	* can be queried using {@link #getSecurityLevel}. A session
	* ID is returned.
	*
	* @param level the new security level, one of
	* {@link #SW_SECURE_CRYPTO}, {@link #SW_SECURE_DECODE},
	* {@link #HW_SECURE_CRYPTO}, {@link #HW_SECURE_DECODE} or
	* {@link #HW_SECURE_ALL}.
	*
	* @throws NotProvisionedException if provisioning is needed
	* @throws ResourceBusyException if required resources are in use
	* @throws IllegalArgumentException if the requested security level is
	* higher than the native level or lower than the lowest supported level or
	* if the device does not support specifying the security level when opening
	* a session
	*/
	@NonNull
	public native byte[] openSession(@SecurityLevel int level) throws
	NotProvisionedException, ResourceBusyException;

	/**		/**
	* Close a session on the MediaDrm object that was previously opened		* Close a session on the MediaDrm object that was previously opened
	@@ -1150,55 +1119,39 @@ public final class MediaDrm implements AutoCloseable {
	public static final int SECURITY_LEVEL_UNKNOWN = 0;		public static final int SECURITY_LEVEL_UNKNOWN = 0;

	/**		/**
	* DRM key management uses software-based whitebox crypto.		* Software-based whitebox crypto
	*/		*/
	public static final int SW_SECURE_CRYPTO = 1;		public static final int SW_SECURE_CRYPTO = 1;

	/**		/**
	* DRM key management and decoding use software-based whitebox crypto.		* Software-based whitebox crypto and an obfuscated decoder
	*/		*/
	public static final int SW_SECURE_DECODE = 2;		public static final int SW_SECURE_DECODE = 2;

	/**		/**
	* DRM key management and crypto operations are performed within a hardware		* DRM key management and crypto operations are performed within a
	* backed trusted execution environment.		* hardware backed trusted execution environment
	*/		*/
	public static final int HW_SECURE_CRYPTO = 3;		public static final int HW_SECURE_CRYPTO = 3;

	/**		/**
	* DRM key management, crypto operations and decoding of content are		* DRM key management, crypto operations and decoding of content
	* performed within a hardware backed trusted execution environment.		* are performed within a hardware backed trusted execution environment
	*/		*/
	public static final int HW_SECURE_DECODE = 4;		public static final int HW_SECURE_DECODE = 4;

	/**		/**
	* DRM key management, crypto operations, decoding of content and all		* DRM key management, crypto operations, decoding of content and all
	* handling of the media (compressed and uncompressed) is handled within a		* handling of the media (compressed and uncompressed) is handled within
	* hardware backed trusted execution environment.		* a hardware backed trusted execution environment.
	*/		*/
	public static final int HW_SECURE_ALL = 5;		public static final int HW_SECURE_ALL = 5;

	/**		/**
	* The maximum security level supported by the device. This is the default		* Return the current security level of a session. A session
	* security level when a session is opened.		* has an initial security level determined by the robustness of
	* @hide		* the DRM system's implementation on the device. The security
	*/		* level may be adjusted using {@link #setSecurityLevel}.
	public static final int SECURITY_LEVEL_MAX = 6;

	/**
	* The maximum security level supported by the device. This is the default
	* security level when a session is opened.
	*/
	@SecurityLevel
	public static final int getMaxSecurityLevel() {
	return SECURITY_LEVEL_MAX;
	}

	/**
	* Return the current security level of a session. A session has an initial
	* security level determined by the robustness of the DRM system's
	* implementation on the device. The security level may be changed at the
	* time a session is opened using {@link #openSession}.
	* @param sessionId the session to query.		* @param sessionId the session to query.
	* <p>		* <p>
	* @return one of {@link #SECURITY_LEVEL_UNKNOWN},		* @return one of {@link #SECURITY_LEVEL_UNKNOWN},
	@@ -1209,6 +1162,21 @@ public final class MediaDrm implements AutoCloseable {
	@SecurityLevel		@SecurityLevel
	public native int getSecurityLevel(@NonNull byte[] sessionId);		public native int getSecurityLevel(@NonNull byte[] sessionId);

			/**
			* Set the security level of a session. This can be useful if specific
			* attributes of a lower security level are needed by an application,
			* such as image manipulation or compositing. Reducing the security
			* level will typically limit decryption to lower content resolutions,
			* depending on the license policy.
			* @param sessionId the session to set the security level on.
			* @param level the new security level, one of
			* {@link #SW_SECURE_CRYPTO}, {@link #SW_SECURE_DECODE},
			* {@link #HW_SECURE_CRYPTO}, {@link #HW_SECURE_DECODE} or
			* {@link #HW_SECURE_ALL}.
			*/
			public native void setSecurityLevel(@NonNull byte[] sessionId,
			@SecurityLevel int level);

	/**		/**
	* String property name: identifies the maker of the DRM plugin		* String property name: identifies the maker of the DRM plugin
	*/		*/

media/jni/android_media_MediaDrm.cpp

+40 −27

Original line number	Original line	Diff line number	Diff line
	@@ -145,7 +145,6 @@ struct HDCPLevels {

	struct SecurityLevels {		struct SecurityLevels {
	jint kSecurityLevelUnknown;		jint kSecurityLevelUnknown;
	jint kSecurityLevelMax;
	jint kSecurityLevelSwSecureCrypto;		jint kSecurityLevelSwSecureCrypto;
	jint kSecurityLevelSwSecureDecode;		jint kSecurityLevelSwSecureDecode;
	jint kSecurityLevelHwSecureCrypto;		jint kSecurityLevelHwSecureCrypto;
	@@ -684,10 +683,6 @@ static void android_media_MediaDrm_native_init(JNIEnv *env) {
	GET_STATIC_FIELD_ID(field, clazz, "HW_SECURE_ALL", "I");		GET_STATIC_FIELD_ID(field, clazz, "HW_SECURE_ALL", "I");
	gSecurityLevels.kSecurityLevelHwSecureAll = env->GetStaticIntField(clazz, field);		gSecurityLevels.kSecurityLevelHwSecureAll = env->GetStaticIntField(clazz, field);

	jmethodID getMaxSecurityLevel;
	GET_STATIC_METHOD_ID(getMaxSecurityLevel, clazz, "getMaxSecurityLevel", "()I");
	gSecurityLevels.kSecurityLevelMax = env->CallStaticIntMethod(clazz, getMaxSecurityLevel);

	FIND_CLASS(clazz, "android/media/MediaDrm$KeyRequest");		FIND_CLASS(clazz, "android/media/MediaDrm$KeyRequest");
	GET_FIELD_ID(gFields.keyRequest.data, clazz, "mData", "[B");		GET_FIELD_ID(gFields.keyRequest.data, clazz, "mData", "[B");
	GET_FIELD_ID(gFields.keyRequest.defaultUrl, clazz, "mDefaultUrl", "Ljava/lang/String;");		GET_FIELD_ID(gFields.keyRequest.defaultUrl, clazz, "mDefaultUrl", "Ljava/lang/String;");
	@@ -818,7 +813,7 @@ static jboolean android_media_MediaDrm_isCryptoSchemeSupportedNative(
	}		}

	static jbyteArray android_media_MediaDrm_openSession(		static jbyteArray android_media_MediaDrm_openSession(
	JNIEnv *env, jobject thiz, jint jlevel) {		JNIEnv *env, jobject thiz) {
	sp<IDrm> drm = GetDrm(env, thiz);		sp<IDrm> drm = GetDrm(env, thiz);

	if (drm == NULL) {		if (drm == NULL) {
	@@ -828,26 +823,7 @@ static jbyteArray android_media_MediaDrm_openSession(
	}		}

	Vector<uint8_t> sessionId;		Vector<uint8_t> sessionId;
	DrmPlugin::SecurityLevel level;		status_t err = drm->openSession(sessionId);

	if (jlevel == gSecurityLevels.kSecurityLevelMax) {
	level = DrmPlugin::kSecurityLevelMax;
	} else if (jlevel == gSecurityLevels.kSecurityLevelSwSecureCrypto) {
	level = DrmPlugin::kSecurityLevelSwSecureCrypto;
	} else if (jlevel == gSecurityLevels.kSecurityLevelSwSecureDecode) {
	level = DrmPlugin::kSecurityLevelSwSecureDecode;
	} else if (jlevel == gSecurityLevels.kSecurityLevelHwSecureCrypto) {
	level = DrmPlugin::kSecurityLevelHwSecureCrypto;
	} else if (jlevel == gSecurityLevels.kSecurityLevelHwSecureDecode) {
	level = DrmPlugin::kSecurityLevelHwSecureDecode;
	} else if (jlevel == gSecurityLevels.kSecurityLevelHwSecureAll) {
	level = DrmPlugin::kSecurityLevelHwSecureAll;
	} else {
	jniThrowException(env, "java/lang/IllegalArgumentException", "Invalid security level");
	return NULL;
	}

	status_t err = drm->openSession(level, sessionId);

	if (throwExceptionAsNecessary(env, err, "Failed to open session")) {		if (throwExceptionAsNecessary(env, err, "Failed to open session")) {
	return NULL;		return NULL;
	@@ -1369,6 +1345,40 @@ static jint android_media_MediaDrm_getSecurityLevel(JNIEnv *env,
	}		}


			static void android_media_MediaDrm_setSecurityLevel(JNIEnv *env,
			jobject thiz, jbyteArray jsessionId, jint jlevel) {
			sp<IDrm> drm = GetDrm(env, thiz);

			if (!CheckSession(env, drm, jsessionId)) {
			return;
			}

			Vector<uint8_t> sessionId(JByteArrayToVector(env, jsessionId));
			DrmPlugin::SecurityLevel level;

			if (jlevel == gSecurityLevels.kSecurityLevelSwSecureCrypto) {
			level = DrmPlugin::kSecurityLevelSwSecureCrypto;
			} else if (jlevel == gSecurityLevels.kSecurityLevelSwSecureDecode) {
			level = DrmPlugin::kSecurityLevelSwSecureDecode;
			} else if (jlevel == gSecurityLevels.kSecurityLevelHwSecureCrypto) {
			level = DrmPlugin::kSecurityLevelHwSecureCrypto;
			} else if (jlevel == gSecurityLevels.kSecurityLevelHwSecureDecode) {
			level = DrmPlugin::kSecurityLevelHwSecureDecode;
			} else if (jlevel == gSecurityLevels.kSecurityLevelHwSecureAll) {
			level = DrmPlugin::kSecurityLevelHwSecureAll;
			} else {
			jniThrowException(env, "java/lang/IllegalArgumentException", "Invalid security level");
			return;
			}

			status_t err = drm->setSecurityLevel(sessionId, level);

			if (throwExceptionAsNecessary(env, err, "Failed to set security level")) {
			return;
			}
			}


	static jstring android_media_MediaDrm_getPropertyString(		static jstring android_media_MediaDrm_getPropertyString(
	JNIEnv *env, jobject thiz, jstring jname) {		JNIEnv *env, jobject thiz, jstring jname) {
	sp<IDrm> drm = GetDrm(env, thiz);		sp<IDrm> drm = GetDrm(env, thiz);
	@@ -1714,7 +1724,7 @@ static const JNINativeMethod gMethods[] = {
	{ "isCryptoSchemeSupportedNative", "([BLjava/lang/String;)Z",		{ "isCryptoSchemeSupportedNative", "([BLjava/lang/String;)Z",
	(void *)android_media_MediaDrm_isCryptoSchemeSupportedNative },		(void *)android_media_MediaDrm_isCryptoSchemeSupportedNative },

	{ "openSession", "(I)[B",		{ "openSession", "()[B",
	(void *)android_media_MediaDrm_openSession },		(void *)android_media_MediaDrm_openSession },

	{ "closeSession", "([B)V",		{ "closeSession", "([B)V",
	@@ -1775,6 +1785,9 @@ static const JNINativeMethod gMethods[] = {
	{ "getSecurityLevel", "([B)I",		{ "getSecurityLevel", "([B)I",
	(void *)android_media_MediaDrm_getSecurityLevel },		(void *)android_media_MediaDrm_getSecurityLevel },

			{ "setSecurityLevel", "([BI)V",
			(void *)android_media_MediaDrm_setSecurityLevel },

	{ "getPropertyString", "(Ljava/lang/String;)Ljava/lang/String;",		{ "getPropertyString", "(Ljava/lang/String;)Ljava/lang/String;",
	(void *)android_media_MediaDrm_getPropertyString },		(void *)android_media_MediaDrm_getPropertyString },

Original line number	Original line	Diff line number	Diff line
	@@ -23371,7 +23371,6 @@ package android.media {
	method public android.media.MediaDrm.CryptoSession getCryptoSession(byte[], java.lang.String, java.lang.String);		method public android.media.MediaDrm.CryptoSession getCryptoSession(byte[], java.lang.String, java.lang.String);
	method public android.media.MediaDrm.KeyRequest getKeyRequest(byte[], byte[], java.lang.String, int, java.util.HashMap<java.lang.String, java.lang.String>) throws android.media.NotProvisionedException;		method public android.media.MediaDrm.KeyRequest getKeyRequest(byte[], byte[], java.lang.String, int, java.util.HashMap<java.lang.String, java.lang.String>) throws android.media.NotProvisionedException;
	method public int getMaxHdcpLevel();		method public int getMaxHdcpLevel();
	method public static int getMaxSecurityLevel();
	method public int getMaxSessionCount();		method public int getMaxSessionCount();
	method public android.os.PersistableBundle getMetrics();		method public android.os.PersistableBundle getMetrics();
	method public int getOpenSessionCount();		method public int getOpenSessionCount();
	@@ -23385,7 +23384,6 @@ package android.media {
	method public static boolean isCryptoSchemeSupported(java.util.UUID);		method public static boolean isCryptoSchemeSupported(java.util.UUID);
	method public static boolean isCryptoSchemeSupported(java.util.UUID, java.lang.String);		method public static boolean isCryptoSchemeSupported(java.util.UUID, java.lang.String);
	method public byte[] openSession() throws android.media.NotProvisionedException, android.media.ResourceBusyException;		method public byte[] openSession() throws android.media.NotProvisionedException, android.media.ResourceBusyException;
	method public byte[] openSession(int) throws android.media.NotProvisionedException, android.media.ResourceBusyException;
	method public byte[] provideKeyResponse(byte[], byte[]) throws android.media.DeniedByServerException, android.media.NotProvisionedException;		method public byte[] provideKeyResponse(byte[], byte[]) throws android.media.DeniedByServerException, android.media.NotProvisionedException;
	method public void provideProvisionResponse(byte[]) throws android.media.DeniedByServerException;		method public void provideProvisionResponse(byte[]) throws android.media.DeniedByServerException;
	method public java.util.HashMap<java.lang.String, java.lang.String> queryKeyStatus(byte[]);		method public java.util.HashMap<java.lang.String, java.lang.String> queryKeyStatus(byte[]);
	@@ -23401,6 +23399,7 @@ package android.media {
	method public void setOnKeyStatusChangeListener(android.media.MediaDrm.OnKeyStatusChangeListener, android.os.Handler);		method public void setOnKeyStatusChangeListener(android.media.MediaDrm.OnKeyStatusChangeListener, android.os.Handler);
	method public void setPropertyByteArray(java.lang.String, byte[]);		method public void setPropertyByteArray(java.lang.String, byte[]);
	method public void setPropertyString(java.lang.String, java.lang.String);		method public void setPropertyString(java.lang.String, java.lang.String);
			method public void setSecurityLevel(byte[], int);
	field public static final deprecated int EVENT_KEY_EXPIRED = 3; // 0x3		field public static final deprecated int EVENT_KEY_EXPIRED = 3; // 0x3
	field public static final int EVENT_KEY_REQUIRED = 2; // 0x2		field public static final int EVENT_KEY_REQUIRED = 2; // 0x2
	field public static final deprecated int EVENT_PROVISION_REQUIRED = 1; // 0x1		field public static final deprecated int EVENT_PROVISION_REQUIRED = 1; // 0x1