Loading include/media/drm/DrmAPI.h +100 −33 Original line number Original line Diff line number Diff line Loading @@ -71,17 +71,17 @@ namespace android { public: public: enum EventType { enum EventType { kDrmPluginEventProvisionRequired, kDrmPluginEventProvisionRequired, kDrmPluginEventLicenseNeeded, kDrmPluginEventKeyNeeded, kDrmPluginEventLicenseExpired, kDrmPluginEventKeyExpired, kDrmPluginEventVendorDefined kDrmPluginEventVendorDefined }; }; // A license can be for offline content or for online streaming. // Drm keys can be for offline content or for online streaming. // Offline licenses are persisted on the device and may be used when the device // Offline keys are persisted on the device and may be used when the device // is disconnected from the network. // is disconnected from the network. enum LicenseType { enum KeyType { kLicenseType_Offline, kKeyType_Offline, kLicenseType_Streaming kKeyType_Streaming }; }; DrmPlugin() {} DrmPlugin() {} Loading @@ -94,38 +94,45 @@ namespace android { // Close a session on the DrmPlugin object. // Close a session on the DrmPlugin object. virtual status_t closeSession(Vector<uint8_t> const &sessionId) = 0; virtual status_t closeSession(Vector<uint8_t> const &sessionId) = 0; // A license request/response exchange occurs between the app and a License // A key request/response exchange occurs between the app and a License // Server to obtain the keys required to decrypt the content. getLicenseRequest() // Server to obtain the keys required to decrypt the content. getKeyRequest() // is used to obtain an opaque license request blob that is delivered to the // is used to obtain an opaque key request blob that is delivered to the // license server. // license server. // // // The init data passed to getLicenseRequest is container-specific and its // The init data passed to getKeyRequest is container-specific and its // meaning is interpreted based on the mime type provided in the mimeType // meaning is interpreted based on the mime type provided in the mimeType // parameter to getLicenseRequest. It could contain, for example, the content // parameter to getKeyRequest. It could contain, for example, the content // ID, key ID or other data obtained from the content metadata that is required // ID, key ID or other data obtained from the content metadata that is required // in generating the license request. // in generating the key request. // // // licenseType specifes if the license is for streaming or offline content // keyType specifes if the keys are to be used for streaming or offline content // // // optionalParameters are included in the license server request message to // optionalParameters are included in the key request message to allow a // allow a client application to provide additional message parameters to the // client application to provide additional message parameters to the server. // server. // // // If successful, the opaque license request blob is returned to the caller. // If successful, the opaque key request blob is returned to the caller. virtual status_t virtual status_t getLicenseRequest(Vector<uint8_t> const &sessionId, getKeyRequest(Vector<uint8_t> const &sessionId, Vector<uint8_t> const &initData, Vector<uint8_t> const &initData, String8 const &mimeType, LicenseType licenseType, String8 const &mimeType, KeyType keyType, KeyedVector<String8, String8> const &optionalParameters, KeyedVector<String8, String8> const &optionalParameters, Vector<uint8_t> &request, String8 &defaultUrl) = 0; Vector<uint8_t> &request, String8 &defaultUrl) = 0; // After a license response is received by the app, it is provided to the // After a key response is received by the app, it is provided to the // Drm plugin using provideLicenseResponse. // Drm plugin using provideKeyResponse. Returns the id of the key set virtual status_t provideLicenseResponse(Vector<uint8_t> const &sessionId, // in keySetId. The keySetId can be used by removeKeys or restoreKeys Vector<uint8_t> const &response) = 0; // when the keys are used for offline content. virtual status_t provideKeyResponse(Vector<uint8_t> const &sessionId, Vector<uint8_t> const &response, Vector<uint8_t> &keySetId) = 0; // Remove the keys associated with a license. // Remove the persisted keys associated with an offline license for a session. virtual status_t removeLicense(Vector<uint8_t> const &sessionId) = 0; virtual status_t removeKeys(Vector<uint8_t> const &keySetId) = 0; // Restore persisted offline keys into a new session. keySetId identifies // the keys to load, obtained from a prior call to provideKeyResponse(). virtual status_t restoreKeys(Vector<uint8_t> const &sessionId, Vector<uint8_t> const &keySetId) = 0; // Request an informative description of the license for the session. The status // Request an informative description of the license for the session. The status // is in the form of {name, value} pairs. Since DRM license policies vary by // is in the form of {name, value} pairs. Since DRM license policies vary by Loading @@ -133,12 +140,12 @@ namespace android { // Refer to your DRM provider documentation for definitions of the field names // Refer to your DRM provider documentation for definitions of the field names // for a particular DrmEngine. // for a particular DrmEngine. virtual status_t virtual status_t queryLicenseStatus(Vector<uint8_t> const &sessionId, queryKeyStatus(Vector<uint8_t> const &sessionId, KeyedVector<String8, String8> &infoMap) const = 0; KeyedVector<String8, String8> &infoMap) const = 0; // A provision request/response exchange occurs between the app and a // A provision request/response exchange occurs between the app and a // provisioning server to retrieve a device certificate. getProvisionRequest // provisioning server to retrieve a device certificate. getProvisionRequest // is used to obtain an opaque license request blob that is delivered to the // is used to obtain an opaque key request blob that is delivered to the // provisioning server. // provisioning server. // // // If successful, the opaque provision request blob is returned to the caller. // If successful, the opaque provision request blob is returned to the caller. Loading Loading @@ -195,6 +202,66 @@ namespace android { virtual status_t setPropertyByteArray(String8 const &name, virtual status_t setPropertyByteArray(String8 const &name, Vector<uint8_t> const &value ) = 0; Vector<uint8_t> const &value ) = 0; // The following methods implement operations on a CryptoSession to support // encrypt, decrypt, sign verify operations on operator-provided // session keys. // // The algorithm string conforms to JCA Standard Names for Cipher // Transforms and is case insensitive. For example "AES/CBC/PKCS5Padding". // // Return OK if the algorithm is supported, otherwise return BAD_VALUE // virtual status_t setCipherAlgorithm(Vector<uint8_t> const &sessionId, String8 const &algorithm) = 0; // // The algorithm string conforms to JCA Standard Names for Mac // Algorithms and is case insensitive. For example "HmacSHA256". // // Return OK if the algorithm is supported, otherwise return BAD_VALUE // virtual status_t setMacAlgorithm(Vector<uint8_t> const &sessionId, String8 const &algorithm) = 0; // Encrypt the provided input buffer with the cipher algorithm // specified by setCipherAlgorithm and the key selected by keyId, // and return the encrypted data. virtual status_t encrypt(Vector<uint8_t> const &sessionId, Vector<uint8_t> const &keyId, Vector<uint8_t> const &input, Vector<uint8_t> const &iv, Vector<uint8_t> &output) = 0; // Decrypt the provided input buffer with the cipher algorithm // specified by setCipherAlgorithm and the key selected by keyId, // and return the decrypted data. virtual status_t decrypt(Vector<uint8_t> const &sessionId, Vector<uint8_t> const &keyId, Vector<uint8_t> const &input, Vector<uint8_t> const &iv, Vector<uint8_t> &output) = 0; // Compute a signature on the provided message using the mac algorithm // specified by setMacAlgorithm and the key selected by keyId, // and return the signature. virtual status_t sign(Vector<uint8_t> const &sessionId, Vector<uint8_t> const &keyId, Vector<uint8_t> const &message, Vector<uint8_t> &signature) = 0; // Compute a signature on the provided message using the mac algorithm // specified by setMacAlgorithm and the key selected by keyId, // and compare with the expected result. Set result to true or // false depending on the outcome. virtual status_t verify(Vector<uint8_t> const &sessionId, Vector<uint8_t> const &keyId, Vector<uint8_t> const &message, Vector<uint8_t> const &signature, bool &match) = 0; // TODO: provide way to send an event // TODO: provide way to send an event private: private: DISALLOW_EVIL_CONSTRUCTORS(DrmPlugin); DISALLOW_EVIL_CONSTRUCTORS(DrmPlugin); Loading Loading
include/media/drm/DrmAPI.h +100 −33 Original line number Original line Diff line number Diff line Loading @@ -71,17 +71,17 @@ namespace android { public: public: enum EventType { enum EventType { kDrmPluginEventProvisionRequired, kDrmPluginEventProvisionRequired, kDrmPluginEventLicenseNeeded, kDrmPluginEventKeyNeeded, kDrmPluginEventLicenseExpired, kDrmPluginEventKeyExpired, kDrmPluginEventVendorDefined kDrmPluginEventVendorDefined }; }; // A license can be for offline content or for online streaming. // Drm keys can be for offline content or for online streaming. // Offline licenses are persisted on the device and may be used when the device // Offline keys are persisted on the device and may be used when the device // is disconnected from the network. // is disconnected from the network. enum LicenseType { enum KeyType { kLicenseType_Offline, kKeyType_Offline, kLicenseType_Streaming kKeyType_Streaming }; }; DrmPlugin() {} DrmPlugin() {} Loading @@ -94,38 +94,45 @@ namespace android { // Close a session on the DrmPlugin object. // Close a session on the DrmPlugin object. virtual status_t closeSession(Vector<uint8_t> const &sessionId) = 0; virtual status_t closeSession(Vector<uint8_t> const &sessionId) = 0; // A license request/response exchange occurs between the app and a License // A key request/response exchange occurs between the app and a License // Server to obtain the keys required to decrypt the content. getLicenseRequest() // Server to obtain the keys required to decrypt the content. getKeyRequest() // is used to obtain an opaque license request blob that is delivered to the // is used to obtain an opaque key request blob that is delivered to the // license server. // license server. // // // The init data passed to getLicenseRequest is container-specific and its // The init data passed to getKeyRequest is container-specific and its // meaning is interpreted based on the mime type provided in the mimeType // meaning is interpreted based on the mime type provided in the mimeType // parameter to getLicenseRequest. It could contain, for example, the content // parameter to getKeyRequest. It could contain, for example, the content // ID, key ID or other data obtained from the content metadata that is required // ID, key ID or other data obtained from the content metadata that is required // in generating the license request. // in generating the key request. // // // licenseType specifes if the license is for streaming or offline content // keyType specifes if the keys are to be used for streaming or offline content // // // optionalParameters are included in the license server request message to // optionalParameters are included in the key request message to allow a // allow a client application to provide additional message parameters to the // client application to provide additional message parameters to the server. // server. // // // If successful, the opaque license request blob is returned to the caller. // If successful, the opaque key request blob is returned to the caller. virtual status_t virtual status_t getLicenseRequest(Vector<uint8_t> const &sessionId, getKeyRequest(Vector<uint8_t> const &sessionId, Vector<uint8_t> const &initData, Vector<uint8_t> const &initData, String8 const &mimeType, LicenseType licenseType, String8 const &mimeType, KeyType keyType, KeyedVector<String8, String8> const &optionalParameters, KeyedVector<String8, String8> const &optionalParameters, Vector<uint8_t> &request, String8 &defaultUrl) = 0; Vector<uint8_t> &request, String8 &defaultUrl) = 0; // After a license response is received by the app, it is provided to the // After a key response is received by the app, it is provided to the // Drm plugin using provideLicenseResponse. // Drm plugin using provideKeyResponse. Returns the id of the key set virtual status_t provideLicenseResponse(Vector<uint8_t> const &sessionId, // in keySetId. The keySetId can be used by removeKeys or restoreKeys Vector<uint8_t> const &response) = 0; // when the keys are used for offline content. virtual status_t provideKeyResponse(Vector<uint8_t> const &sessionId, Vector<uint8_t> const &response, Vector<uint8_t> &keySetId) = 0; // Remove the keys associated with a license. // Remove the persisted keys associated with an offline license for a session. virtual status_t removeLicense(Vector<uint8_t> const &sessionId) = 0; virtual status_t removeKeys(Vector<uint8_t> const &keySetId) = 0; // Restore persisted offline keys into a new session. keySetId identifies // the keys to load, obtained from a prior call to provideKeyResponse(). virtual status_t restoreKeys(Vector<uint8_t> const &sessionId, Vector<uint8_t> const &keySetId) = 0; // Request an informative description of the license for the session. The status // Request an informative description of the license for the session. The status // is in the form of {name, value} pairs. Since DRM license policies vary by // is in the form of {name, value} pairs. Since DRM license policies vary by Loading @@ -133,12 +140,12 @@ namespace android { // Refer to your DRM provider documentation for definitions of the field names // Refer to your DRM provider documentation for definitions of the field names // for a particular DrmEngine. // for a particular DrmEngine. virtual status_t virtual status_t queryLicenseStatus(Vector<uint8_t> const &sessionId, queryKeyStatus(Vector<uint8_t> const &sessionId, KeyedVector<String8, String8> &infoMap) const = 0; KeyedVector<String8, String8> &infoMap) const = 0; // A provision request/response exchange occurs between the app and a // A provision request/response exchange occurs between the app and a // provisioning server to retrieve a device certificate. getProvisionRequest // provisioning server to retrieve a device certificate. getProvisionRequest // is used to obtain an opaque license request blob that is delivered to the // is used to obtain an opaque key request blob that is delivered to the // provisioning server. // provisioning server. // // // If successful, the opaque provision request blob is returned to the caller. // If successful, the opaque provision request blob is returned to the caller. Loading Loading @@ -195,6 +202,66 @@ namespace android { virtual status_t setPropertyByteArray(String8 const &name, virtual status_t setPropertyByteArray(String8 const &name, Vector<uint8_t> const &value ) = 0; Vector<uint8_t> const &value ) = 0; // The following methods implement operations on a CryptoSession to support // encrypt, decrypt, sign verify operations on operator-provided // session keys. // // The algorithm string conforms to JCA Standard Names for Cipher // Transforms and is case insensitive. For example "AES/CBC/PKCS5Padding". // // Return OK if the algorithm is supported, otherwise return BAD_VALUE // virtual status_t setCipherAlgorithm(Vector<uint8_t> const &sessionId, String8 const &algorithm) = 0; // // The algorithm string conforms to JCA Standard Names for Mac // Algorithms and is case insensitive. For example "HmacSHA256". // // Return OK if the algorithm is supported, otherwise return BAD_VALUE // virtual status_t setMacAlgorithm(Vector<uint8_t> const &sessionId, String8 const &algorithm) = 0; // Encrypt the provided input buffer with the cipher algorithm // specified by setCipherAlgorithm and the key selected by keyId, // and return the encrypted data. virtual status_t encrypt(Vector<uint8_t> const &sessionId, Vector<uint8_t> const &keyId, Vector<uint8_t> const &input, Vector<uint8_t> const &iv, Vector<uint8_t> &output) = 0; // Decrypt the provided input buffer with the cipher algorithm // specified by setCipherAlgorithm and the key selected by keyId, // and return the decrypted data. virtual status_t decrypt(Vector<uint8_t> const &sessionId, Vector<uint8_t> const &keyId, Vector<uint8_t> const &input, Vector<uint8_t> const &iv, Vector<uint8_t> &output) = 0; // Compute a signature on the provided message using the mac algorithm // specified by setMacAlgorithm and the key selected by keyId, // and return the signature. virtual status_t sign(Vector<uint8_t> const &sessionId, Vector<uint8_t> const &keyId, Vector<uint8_t> const &message, Vector<uint8_t> &signature) = 0; // Compute a signature on the provided message using the mac algorithm // specified by setMacAlgorithm and the key selected by keyId, // and compare with the expected result. Set result to true or // false depending on the outcome. virtual status_t verify(Vector<uint8_t> const &sessionId, Vector<uint8_t> const &keyId, Vector<uint8_t> const &message, Vector<uint8_t> const &signature, bool &match) = 0; // TODO: provide way to send an event // TODO: provide way to send an event private: private: DISALLOW_EVIL_CONSTRUCTORS(DrmPlugin); DISALLOW_EVIL_CONSTRUCTORS(DrmPlugin); Loading