From 53b52fe81f2d87db7b30dd5238704f640c7cecfc Mon Sep 17 00:00:00 2001 From: Jeff Tinker Date: Thu, 1 Dec 2016 18:12:56 -0800 Subject: [PATCH] Treble HAL interfaces for drm+crypto b/32815560 Tests: Make completes successfully Change-Id: Id65cfef95094ccd9a9e95fa567651f94b66aaa51 --- drm/Android.bp | 5 + drm/crypto/1.0/Android.bp | 64 +++++ drm/crypto/1.0/ICryptoFactory.hal | 55 ++++ drm/crypto/1.0/ICryptoPlugin.hal | 84 ++++++ drm/crypto/1.0/types.hal | 135 +++++++++ drm/drm/1.0/Android.bp | 72 +++++ drm/drm/1.0/Android.mk | 438 ++++++++++++++++++++++++++++ drm/drm/1.0/IDrmFactory.hal | 56 ++++ drm/drm/1.0/IDrmPlugin.hal | 444 +++++++++++++++++++++++++++++ drm/drm/1.0/IDrmPluginListener.hal | 66 +++++ drm/drm/1.0/types.hal | 228 +++++++++++++++ 11 files changed, 1647 insertions(+) create mode 100644 drm/Android.bp create mode 100644 drm/crypto/1.0/Android.bp create mode 100644 drm/crypto/1.0/ICryptoFactory.hal create mode 100644 drm/crypto/1.0/ICryptoPlugin.hal create mode 100644 drm/crypto/1.0/types.hal create mode 100644 drm/drm/1.0/Android.bp create mode 100644 drm/drm/1.0/Android.mk create mode 100644 drm/drm/1.0/IDrmFactory.hal create mode 100644 drm/drm/1.0/IDrmPlugin.hal create mode 100644 drm/drm/1.0/IDrmPluginListener.hal create mode 100644 drm/drm/1.0/types.hal diff --git a/drm/Android.bp b/drm/Android.bp new file mode 100644 index 0000000000..412e162137 --- /dev/null +++ b/drm/Android.bp @@ -0,0 +1,5 @@ +// This is an autogenerated file, do not edit. +subdirs = [ + "crypto/1.0", + "drm/1.0", +] diff --git a/drm/crypto/1.0/Android.bp b/drm/crypto/1.0/Android.bp new file mode 100644 index 0000000000..dd6805d4c3 --- /dev/null +++ b/drm/crypto/1.0/Android.bp @@ -0,0 +1,64 @@ +// This file is autogenerated by hidl-gen. Do not edit manually. + +genrule { + name: "android.hardware.drm.crypto@1.0_genc++", + tools: ["hidl-gen"], + cmd: "$(location hidl-gen) -o $(genDir) -Lc++ -randroid.hardware:hardware/interfaces -randroid.hidl:system/libhidl/transport android.hardware.drm.crypto@1.0", + srcs: [ + "types.hal", + "ICryptoFactory.hal", + "ICryptoPlugin.hal", + ], + out: [ + "android/hardware/drm/crypto/1.0/types.cpp", + "android/hardware/drm/crypto/1.0/CryptoFactoryAll.cpp", + "android/hardware/drm/crypto/1.0/CryptoPluginAll.cpp", + ], +} + +genrule { + name: "android.hardware.drm.crypto@1.0_genc++_headers", + tools: ["hidl-gen"], + cmd: "$(location hidl-gen) -o $(genDir) -Lc++ -randroid.hardware:hardware/interfaces -randroid.hidl:system/libhidl/transport android.hardware.drm.crypto@1.0", + srcs: [ + "types.hal", + "ICryptoFactory.hal", + "ICryptoPlugin.hal", + ], + out: [ + "android/hardware/drm/crypto/1.0/types.h", + "android/hardware/drm/crypto/1.0/ICryptoFactory.h", + "android/hardware/drm/crypto/1.0/IHwCryptoFactory.h", + "android/hardware/drm/crypto/1.0/BnCryptoFactory.h", + "android/hardware/drm/crypto/1.0/BpCryptoFactory.h", + "android/hardware/drm/crypto/1.0/BsCryptoFactory.h", + "android/hardware/drm/crypto/1.0/ICryptoPlugin.h", + "android/hardware/drm/crypto/1.0/IHwCryptoPlugin.h", + "android/hardware/drm/crypto/1.0/BnCryptoPlugin.h", + "android/hardware/drm/crypto/1.0/BpCryptoPlugin.h", + "android/hardware/drm/crypto/1.0/BsCryptoPlugin.h", + ], +} + +cc_library_shared { + name: "android.hardware.drm.crypto@1.0", + generated_sources: ["android.hardware.drm.crypto@1.0_genc++"], + generated_headers: ["android.hardware.drm.crypto@1.0_genc++_headers"], + export_generated_headers: ["android.hardware.drm.crypto@1.0_genc++_headers"], + shared_libs: [ + "libhidlbase", + "libhidltransport", + "libhwbinder", + "liblog", + "libutils", + "libcutils", + "android.hidl.base@1.0", + ], + export_shared_lib_headers: [ + "libhidlbase", + "libhidltransport", + "libhwbinder", + "libutils", + "android.hidl.base@1.0", + ], +} diff --git a/drm/crypto/1.0/ICryptoFactory.hal b/drm/crypto/1.0/ICryptoFactory.hal new file mode 100644 index 0000000000..58f86df19e --- /dev/null +++ b/drm/crypto/1.0/ICryptoFactory.hal @@ -0,0 +1,55 @@ +/* + * Copyright (C) 2016 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package android.hardware.drm.crypto@1.0; + +import ICryptoPlugin; + +/** + * Ref: frameworks/native/include/media/hardware/CryptoAPI.h:CryptoFactory + * + * ICryptoFactory is the main entry point for interacting with a vendor's + * crypto HAL to create crypto plugins. Crypto plugins create crypto sessions + * which are used by a codec to decrypt protected video content. + */ +interface ICryptoFactory { + /* + * Determine if a crypto scheme is supported by this HAL + * + * @param uuid identifies the crypto scheme in question + * @return isSupported must be true only if the scheme is supported + */ + isCryptoSchemeSupported(uint8_t[16] uuid) generates(bool isSupported); + + /* + * Create a crypto plugin for the specified uuid and scheme-specific + * initialization data. + * + * @param uuid uniquely identifies the drm scheme. See + * http://dashif.org/identifiers/protection for uuid assignments + * @param initData scheme-specific init data. + * @return the status of the call + * @return the created ICryptoPlugin + */ + createPlugin(uint8_t[16] uuid, vec initData) + generates (Status status, ICryptoPlugin cryptoPlugin); + + /* + * Destroy a previously created crypto plugin + * + * @return status the status of the call + */ + destroyPlugin() generates(Status status); +}; diff --git a/drm/crypto/1.0/ICryptoPlugin.hal b/drm/crypto/1.0/ICryptoPlugin.hal new file mode 100644 index 0000000000..1255fdb923 --- /dev/null +++ b/drm/crypto/1.0/ICryptoPlugin.hal @@ -0,0 +1,84 @@ +/* + * Copyright (C) 2016 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package android.hardware.drm.crypto@1.0; + +import android.hardware.drm.crypto@1.0::types; + +/** + * Ref: frameworks/native/include/media/hardware/CryptoAPI.h:CryptoPlugin + * + * ICryptoPlugin is the HAL for vendor-provided crypto plugins. + * It allows crypto sessions to be opened and operated on, to + * load crypto keys for a codec to decrypt protected video content. + */ +interface ICryptoPlugin { + /* + * Check if the specified mime-type requires a secure decoder + * component. + * + * @param mime The content mime-type + * @return secureRequired must be true only if a secure decoder is required + * for the specified mime-type + */ + requiresSecureDecoderComponent(string mime) + generates(bool secureRequired); + + /* + * Notify a plugin of the currently configured resolution + * + * @param width - the display resolutions's width + * @param height - the display resolution's height + */ + notifyResolution(uint32_t width, uint32_t height); + + /* + * Associate a mediadrm session with this crypto session + * + * @param sessionId the MediaDrm session ID to associate with this crypto + * session + * @return the status of the call + */ + setMediaDrmSession(vec sessionId) generates(Status status); + + /* + * Decrypt an array of subsamples from the source memory buffer to the + * destination memory buffer. + * + * @param secure a flag to indicate if a secure decoder is being used. This + * enables the plugin to configure buffer modes to work consistently with + * a secure decoder. + * @param the keyId for the key that should be used to do the + * the decryption. The keyId refers to a key in the associated + * MediaDrm instance. + * @param iv the initialization vector to use + * @param mode the crypto mode to use + * @param pattern the crypto pattern to use + * @param subSamples a vector of subsamples indicating the number + * of clear and encrypted bytes to process. This allows the decrypt + * call to operate on a range of subsamples in a single call + * @param source the input buffer for the decryption + * @param destination the output buffer for the decryption + * @return status the status of the call + * @return bytesWritten the number of bytes output from the decryption + * @return detailedError if the error is a vendor-specific error, the + * vendor's crypto HAL may provide a detailed error string to help + * describe the error. + */ + decrypt(bool secure, uint8_t[16] keyId, uint8_t[16] iv, Mode mode, + Pattern pattern, vec subSamples, + memory source, DestinationBuffer destination) + generates(Status status, uint32_t bytesWritten, string detailedError); +}; diff --git a/drm/crypto/1.0/types.hal b/drm/crypto/1.0/types.hal new file mode 100644 index 0000000000..7e853b8c56 --- /dev/null +++ b/drm/crypto/1.0/types.hal @@ -0,0 +1,135 @@ +/* + * Copyright (C) 2016 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.hardware.drm.crypto@1.0; + +enum Status : uint32_t { + /** + * The Crypto Plugin must return ERROR_DRM_NO_LICENSE if decryption is + * attempted when the license keys have not been loaded into the crypto + * session. + */ + ERROR_DRM_NO_LICENSE, + + /** + * The Crypto Plugin must return ERROR_DRM_LICENSE_EXPIRED if decryption + * is attempted when the license keys have expired and are no longer usable. + */ + ERROR_DRM_LICENSE_EXPIRED, + + /** + * The Crypto Plugin must return ERROR_DRM_RESOURCE_BUSY when a required + * crypto resource cannot be allocated while attempting decryption. + */ + ERROR_DRM_RESOURCE_BUSY, + + /** + * The Crypto Plugin must return ERROR_DRM_INSUFFICIENT_OUTPUT_PROTECTION + * when the output protection level enabled on the device is not + * sufficient to meet the requirements in the license policy. HDCP is an + * example of a form of output protection. + */ + ERROR_DRM_INSUFFICIENT_OUTPUT_PROTECTION, + + /** + * The Crypto Plugin must return ERROR_DRM_SESSION_NOT_OPENED when + * decryption is attempted on a session that is not opened. + */ + ERROR_DRM_SESSION_NOT_OPENED, + + /** + * The Crypto Plugin must return ERROR_DRM_CANNOT_HANDLE when an operation + * is attempted that cannot be supported by the crypto system of the device. + */ + ERROR_DRM_CANNOT_HANDLE, + + /** + * The Crypto Plugin must return ERROR_UNKNOWN_CRYPTO_EXCEPTION in any + * fatal condition that is not covered by the other error messages. + */ + ERROR_UNKNOWN_CRYPTO_EXCEPTION, +}; + +/** + * Enumerate the supported crypto modes + */ +enum Mode : uint32_t { + UNENCRYPTED = 0, // Samples are unencrypted + AES_CTR = 1, // Samples are encrypted with AES CTR mode + AES_CBC_CTS = 2, // Samples are encrypted with AES CBC CTS mode + AES_CBC = 3, // Samples are encrypted with AES CBC mode +}; + +/** + * A subsample consists of some number of bytes of clear (unencrypted) + * data followed by a number of bytes of encrypted data. + */ +struct SubSample { + uint32_t numBytesOfClearData; + uint32_t numBytesOfEncryptedData; +}; + +/** + * A crypto Pattern is a repeating sequence of encrypted and clear blocks + * occuring within the bytes indicated by mNumBytesOfEncryptedDatad bytes + * of a subsample. Patterns are used to reduce the CPU overhead of + * decrypting samples. As an example, HLS uses 1:9 patterns where every + * 10th block is encrypted. + */ +struct Pattern { + /** + * The number of blocks to be encrypted in the pattern. If zero, + * pattern encryption is inoperative. + */ + uint32_t encryptBlocks; + + /** + * The number of blocks to be skipped (left clear) in the pattern. If + * zero, pattern encryption is inoperative. + */ + uint32_t skipBlocks; +}; + +enum BufferType : uint32_t { + SHARED_MEMORY = 0, + NATIVE_HANDLE = 1, +}; + + +/** + * A decrypt destination buffer can be either normal user-space shared + * memory for the non-secure decrypt case, or it can be a secure buffer + * which is referenced by a native-handle. The native handle is allocated + * by the vendor's buffer allocator. + */ +struct DestinationBuffer { + /** + * The type of the buffer + */ + BufferType type; + + /** + * If type == SHARED_MEMORY, the decrypted data must be written + * to user-space non-secure shared memory. + */ + memory nonsecureMemory; + + /** + * If type == NATIVE_HANDLE, the decrypted data must be written + * to secure memory referenced by the vendor's buffer allocator. + */ + handle secureMemory; +}; diff --git a/drm/drm/1.0/Android.bp b/drm/drm/1.0/Android.bp new file mode 100644 index 0000000000..8f198c7d03 --- /dev/null +++ b/drm/drm/1.0/Android.bp @@ -0,0 +1,72 @@ +// This file is autogenerated by hidl-gen. Do not edit manually. + +genrule { + name: "android.hardware.drm.drm@1.0_genc++", + tools: ["hidl-gen"], + cmd: "$(location hidl-gen) -o $(genDir) -Lc++ -randroid.hardware:hardware/interfaces -randroid.hidl:system/libhidl/transport android.hardware.drm.drm@1.0", + srcs: [ + "types.hal", + "IDrmFactory.hal", + "IDrmPlugin.hal", + "IDrmPluginListener.hal", + ], + out: [ + "android/hardware/drm/drm/1.0/types.cpp", + "android/hardware/drm/drm/1.0/DrmFactoryAll.cpp", + "android/hardware/drm/drm/1.0/DrmPluginAll.cpp", + "android/hardware/drm/drm/1.0/DrmPluginListenerAll.cpp", + ], +} + +genrule { + name: "android.hardware.drm.drm@1.0_genc++_headers", + tools: ["hidl-gen"], + cmd: "$(location hidl-gen) -o $(genDir) -Lc++ -randroid.hardware:hardware/interfaces -randroid.hidl:system/libhidl/transport android.hardware.drm.drm@1.0", + srcs: [ + "types.hal", + "IDrmFactory.hal", + "IDrmPlugin.hal", + "IDrmPluginListener.hal", + ], + out: [ + "android/hardware/drm/drm/1.0/types.h", + "android/hardware/drm/drm/1.0/IDrmFactory.h", + "android/hardware/drm/drm/1.0/IHwDrmFactory.h", + "android/hardware/drm/drm/1.0/BnDrmFactory.h", + "android/hardware/drm/drm/1.0/BpDrmFactory.h", + "android/hardware/drm/drm/1.0/BsDrmFactory.h", + "android/hardware/drm/drm/1.0/IDrmPlugin.h", + "android/hardware/drm/drm/1.0/IHwDrmPlugin.h", + "android/hardware/drm/drm/1.0/BnDrmPlugin.h", + "android/hardware/drm/drm/1.0/BpDrmPlugin.h", + "android/hardware/drm/drm/1.0/BsDrmPlugin.h", + "android/hardware/drm/drm/1.0/IDrmPluginListener.h", + "android/hardware/drm/drm/1.0/IHwDrmPluginListener.h", + "android/hardware/drm/drm/1.0/BnDrmPluginListener.h", + "android/hardware/drm/drm/1.0/BpDrmPluginListener.h", + "android/hardware/drm/drm/1.0/BsDrmPluginListener.h", + ], +} + +cc_library_shared { + name: "android.hardware.drm.drm@1.0", + generated_sources: ["android.hardware.drm.drm@1.0_genc++"], + generated_headers: ["android.hardware.drm.drm@1.0_genc++_headers"], + export_generated_headers: ["android.hardware.drm.drm@1.0_genc++_headers"], + shared_libs: [ + "libhidlbase", + "libhidltransport", + "libhwbinder", + "liblog", + "libutils", + "libcutils", + "android.hidl.base@1.0", + ], + export_shared_lib_headers: [ + "libhidlbase", + "libhidltransport", + "libhwbinder", + "libutils", + "android.hidl.base@1.0", + ], +} diff --git a/drm/drm/1.0/Android.mk b/drm/drm/1.0/Android.mk new file mode 100644 index 0000000000..fe12192266 --- /dev/null +++ b/drm/drm/1.0/Android.mk @@ -0,0 +1,438 @@ +# This file is autogenerated by hidl-gen. Do not edit manually. + +LOCAL_PATH := $(call my-dir) + +################################################################################ + +include $(CLEAR_VARS) +LOCAL_MODULE := android.hardware.drm.drm@1.0-java +LOCAL_MODULE_CLASS := JAVA_LIBRARIES + +intermediates := $(local-generated-sources-dir) + +HIDL := $(HOST_OUT_EXECUTABLES)/hidl-gen$(HOST_EXECUTABLE_SUFFIX) + +LOCAL_JAVA_LIBRARIES := \ + android.hidl.base@1.0-java \ + + +# +# Build types.hal (EventType) +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/EventType.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::types.EventType + +$(GEN): $(LOCAL_PATH)/types.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build types.hal (KeyRequestType) +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyRequestType.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::types.KeyRequestType + +$(GEN): $(LOCAL_PATH)/types.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build types.hal (KeyStatus) +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyStatus.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::types.KeyStatus + +$(GEN): $(LOCAL_PATH)/types.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build types.hal (KeyStatusType) +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyStatusType.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::types.KeyStatusType + +$(GEN): $(LOCAL_PATH)/types.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build types.hal (KeyType) +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyType.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::types.KeyType + +$(GEN): $(LOCAL_PATH)/types.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build types.hal (KeyValue) +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyValue.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::types.KeyValue + +$(GEN): $(LOCAL_PATH)/types.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build types.hal (SecureStop) +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/SecureStop.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::types.SecureStop + +$(GEN): $(LOCAL_PATH)/types.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build IDrmFactory.hal +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/IDrmFactory.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/IDrmFactory.hal +$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/IDrmPlugin.hal +$(GEN): $(LOCAL_PATH)/IDrmPlugin.hal +$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/types.hal +$(GEN): $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::IDrmFactory + +$(GEN): $(LOCAL_PATH)/IDrmFactory.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build IDrmPlugin.hal +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/IDrmPlugin.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/IDrmPlugin.hal +$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/IDrmPluginListener.hal +$(GEN): $(LOCAL_PATH)/IDrmPluginListener.hal +$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/types.hal +$(GEN): $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::IDrmPlugin + +$(GEN): $(LOCAL_PATH)/IDrmPlugin.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build IDrmPluginListener.hal +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/IDrmPluginListener.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/IDrmPluginListener.hal +$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/types.hal +$(GEN): $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::IDrmPluginListener + +$(GEN): $(LOCAL_PATH)/IDrmPluginListener.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) +include $(BUILD_JAVA_LIBRARY) + + +################################################################################ + +include $(CLEAR_VARS) +LOCAL_MODULE := android.hardware.drm.drm@1.0-java-static +LOCAL_MODULE_CLASS := JAVA_LIBRARIES + +intermediates := $(local-generated-sources-dir) + +HIDL := $(HOST_OUT_EXECUTABLES)/hidl-gen$(HOST_EXECUTABLE_SUFFIX) + +LOCAL_STATIC_JAVA_LIBRARIES := \ + android.hidl.base@1.0-java-static \ + + +# +# Build types.hal (EventType) +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/EventType.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::types.EventType + +$(GEN): $(LOCAL_PATH)/types.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build types.hal (KeyRequestType) +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyRequestType.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::types.KeyRequestType + +$(GEN): $(LOCAL_PATH)/types.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build types.hal (KeyStatus) +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyStatus.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::types.KeyStatus + +$(GEN): $(LOCAL_PATH)/types.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build types.hal (KeyStatusType) +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyStatusType.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::types.KeyStatusType + +$(GEN): $(LOCAL_PATH)/types.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build types.hal (KeyType) +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyType.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::types.KeyType + +$(GEN): $(LOCAL_PATH)/types.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build types.hal (KeyValue) +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyValue.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::types.KeyValue + +$(GEN): $(LOCAL_PATH)/types.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build types.hal (SecureStop) +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/SecureStop.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::types.SecureStop + +$(GEN): $(LOCAL_PATH)/types.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build IDrmFactory.hal +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/IDrmFactory.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/IDrmFactory.hal +$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/IDrmPlugin.hal +$(GEN): $(LOCAL_PATH)/IDrmPlugin.hal +$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/types.hal +$(GEN): $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::IDrmFactory + +$(GEN): $(LOCAL_PATH)/IDrmFactory.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build IDrmPlugin.hal +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/IDrmPlugin.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/IDrmPlugin.hal +$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/IDrmPluginListener.hal +$(GEN): $(LOCAL_PATH)/IDrmPluginListener.hal +$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/types.hal +$(GEN): $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::IDrmPlugin + +$(GEN): $(LOCAL_PATH)/IDrmPlugin.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build IDrmPluginListener.hal +# +GEN := $(intermediates)/android/hardware/drm/drm/1.0/IDrmPluginListener.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/IDrmPluginListener.hal +$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/types.hal +$(GEN): $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.drm.drm@1.0::IDrmPluginListener + +$(GEN): $(LOCAL_PATH)/IDrmPluginListener.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) +include $(BUILD_STATIC_JAVA_LIBRARY) + + + +include $(call all-makefiles-under,$(LOCAL_PATH)) diff --git a/drm/drm/1.0/IDrmFactory.hal b/drm/drm/1.0/IDrmFactory.hal new file mode 100644 index 0000000000..a4ee0f1a95 --- /dev/null +++ b/drm/drm/1.0/IDrmFactory.hal @@ -0,0 +1,56 @@ +/* + * Copyright (C) 2016 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package android.hardware.drm.drm@1.0; + +import IDrmPlugin; + +/** + * Ref: frameworks/native/include/media/drm/DrmAPI.h:DrmFactory + * + * IDrmFactory is the main entry point for interacting with a vendor's + * drm HAL to create drm plugin instances. A drm plugin instance + * creates drm sessions which are used to obtain keys for a crypto + * session so it can decrypt* protected video content. + */ + +interface IDrmFactory { + /* + * Determine if a crypto scheme is supported by this HAL + * + * @param uuid identifies the crypto scheme in question + * @return isSupported must be true only if the scheme is supported + */ + isCryptoSchemeSupported(uint8_t[16] uuid) generates(bool isSupported); + + /* + * Create a drm plugin instance for the specified uuid and scheme-specific + * initialization data. + * + * @param uuid uniquely identifies the drm scheme. See + * http://dashif.org/identifiers/protection for uuid assignments + * @param initData scheme-specific init data. + * @return the status of the call + * @return the created IDrmPlugin + */ + createPlugin(uint8_t[16] uuid, vec initData) + generates (Status status, IDrmPlugin drmPlugin); + + /* + * Destroy a previously created drm plugin + * @return status the status of the call + */ + destroyPlugin() generates(Status status); +}; diff --git a/drm/drm/1.0/IDrmPlugin.hal b/drm/drm/1.0/IDrmPlugin.hal new file mode 100644 index 0000000000..7f396d96f6 --- /dev/null +++ b/drm/drm/1.0/IDrmPlugin.hal @@ -0,0 +1,444 @@ +/** + * Copyright (C) 2016 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package android.hardware.drm.drm@1.0; + +import IDrmPluginListener; + +/** + * Ref: frameworks/native/include/media/drm/DrmAPI.h:DrmPlugin + * + * IDrmPlugin is used to interact with a specific drm plugin that was + * created by IDrm::createPlugin. A drm plugin provides methods for + * obtaining drm keys that may be used by a codec to decrypt protected + * video content. + */ +interface IDrmPlugin { + + /** + * Open a new session with the DrmPlugin object. A session ID is returned + * in the sessionId parameter. + * @return status the status of the call + */ + openSession() generates (SessionId sessionId, Status status); + + /** + * Close a session on the DrmPlugin object + * + * @param sessionId the session id the call applies to + * @return status the status of the call + */ + closeSession(SessionId sessionId) generates (Status status); + + /** + * A key request/response exchange occurs between the app and a License + * Server to obtain the keys required to decrypt the content. + * getKeyRequest() is used to obtain an opaque key request blob that is + * delivered to the license server. + * + * @param scope may be a sessionId or a keySetId, depending on the + * specified keyType. When the keyType is OFFLINE or STREAMING, + * scope should be set to the sessionId the keys will be provided to. + * When the keyType is RELEASE, scope should be set to the keySetId + * of the keys being released. + * @param initData container-specific data, its meaning is interpreted + * based on the mime type provided in the mimeType parameter. It could + * contain, for example, the content ID, key ID or other data obtained + * from the content metadata that is required to generate the key request. + * initData may be empty when keyType is RELEASE. + * @param mimeType identifies the mime type of the content + * @param keyType specifies if the keys are to be used for streaming, + * offline or a release + * @param optionalParameters included in the key request message to + * allow a client application to provide additional message parameters to + * the server. + * + * @return request if successful, the opaque key request blob is returned + * @return requestType indicates type information about the returned + * request. The type may be one of INITIAL, RENEWAL or RELEASE. An + * INITIAL request is the first key request for a license. RENEWAL is a + * subsequent key request used to refresh the keys in a license. RELEASE + * corresponds to a keyType of RELEASE, which indicates keys are being + * released. + * @return status the status of the call + * @return defaultUrl the URL that the request may be sent to, if + * provided by the drm HAL. The app may choose to override this + * URL. + */ + getKeyRequest(vec scope, vec initData, + string mimeType, KeyType keyType, KeyedVector optionalParameters) + generates (vec request, KeyRequestType requestType, + Status status, string defaultUrl); + + /** + * After a key response is received by the app, it is provided to the + * Drm plugin using provideKeyResponse. + * + * @param scope may be a sessionId or a keySetId depending on the type + * of the response. Scope should be set to the sessionId when the response + * is for either streaming or offline key requests. Scope should be set to + * the keySetId when the response is for a release request. + * @param response the response from the key server that is being + * provided to the drm HAL. + * + * @return keySetId when the response is for an offline key request, a + * keySetId is returned in the keySetId vector parameter that can be used + * to later restore the keys to a new session with the method restoreKeys. + * When the response is for a streaming or release request, no keySetId is + * returned. + * + * @return status the status of the call + */ + provideKeyResponse(vec scope, + vec response) generates (vec keySetId, Status status); + + /** + * Remove the current keys from a session + * + * @param sessionId the session id the call applies to + * @return status the status of the call + */ + removeKeys(SessionId sessionId) generates (Status status); + + /** + * Restore persisted offline keys into a new session + * + * @param sessionId the session id the call applies to + * @param keySetId identifies the keys to load, obtained from a prior + * call to provideKeyResponse(). + * @return status the status of the call + */ + restoreKeys(SessionId sessionId, + vec keySetId) generates (Status status); + + /* + * Request an informative description of the license for the session. The + * status is in the form of {name, value} pairs. Since DRM license policies + * vary by vendor, the specific status field names are determined by each + * DRM vendor. Refer to your DRM provider documentation for definitions of + * the field names for a particular drm scheme. + * + * @param sessionId the session id the call applies to + * @return infoList a list of name value pairs describing the license + * @return status the status of the call + */ + queryKeyStatus(SessionId sessionId) + generates (KeyedVector infoList, Status status); + + /** + * A provision request/response exchange occurs between the app and a + * provisioning server to retrieve a device certificate. getProvisionRequest + * is used to obtain an opaque key request blob that is delivered to the + * provisioning server. + * + * @param certificateType the type of certificate requested, e.g. "X.509" + * @param certificateAuthority identifies the certificate authority. A + * certificate authority (CA) is an entity which issues digital certificates + * for use by other parties. It is an example of a trusted third party + * @return if successful the opaque certirequest blob is returned + * @return status the status of the call + */ + getProvisionRequest(string certificateType, string certificateAuthority) + generates (vec request, string defaultUrl, Status status); + + /** + * After a provision response is received by the app from a provisioning + * server, it can be provided to the Drm HAL using provideProvisionResponse. + * + * @param response the opaque provisioning response received by the + * app from a provisioning server + * @return certificate the public certificate resulting from the provisioning + * operation, if any. An empty vector indicates that no certificate was + * returned. + * @return wrappedKey an opaque object containing encrypted private key + * material to be used by signRSA when computing an RSA signature on a + * message, see the signRSA method. + * @return status the status of the call + */ + provideProvisionResponse(vec response) + generates (vec certificate, vec wrappedKey, + Status status); + + /** + * SecureStop is a way of enforcing the concurrent stream limit per + * subscriber. It can securely monitor the lifetime of sessions across + * device reboots by periodically persisting the session lifetime + * status in secure storage. + * + * A signed version of the sessionID is written to persistent storage on the + * device when each MediaCrypto object is created and periodically during + * playback. The sessionID is signed by the device private key to prevent + * tampering. + * + * When playback is completed the session is destroyed, and the secure + * stops are queried by the app. The app then delivers the secure stop + * message to a server which verifies the signature to confirm that the + * session and its keys have been removed from the device. The persisted + * record on the device is removed after receiving and verifying the + * signed response from the server. + */ + + /** + * Get all secure stops on the device + * + * @return secureStops a list of the secure stop opaque objects + * @return status the status of the call + */ + getSecureStops() generates + (vec secureStops, Status status); + + /** + * Get all secure stops by secure stop ID + * + * @param secureStopId the ID of the secure stop to return. The + * secure stop ID is delivered by the key server as part of the key + * response and must also be known by the app. + * + * @return the secure stop opaque object + * @return status the status of the call + */ + getSecureStop(SecureStopId secureStopId) + generates (SecureStop secureStop, Status status); + + /** + * Release all secure stops on the device + * + * @return status the status of the call + */ + releaseAllSecureStops() generates (Status status); + + /** + * Release a secure stop by secure stop ID + * + * @param secureStopId the ID of the secure stop to release. The + * secure stop ID is delivered by the key server as part of the key + * response and must also be known by the app. + * + * @return status the status of the call + */ + releaseSecureStop(vec secureStopId) generates (Status status); + + /** + * A drm scheme can have properties that are settable and readable + * by an app. There are a few forms of property access methods, + * depending on the data type of the property. + * + * Property values defined by the public API are: + * "vendor" [string] identifies the maker of the drm scheme + * "version" [string] identifies the version of the drm scheme + * "description" [string] describes the drm scheme + * 'deviceUniqueId' [byte array] The device unique identifier is + * established during device provisioning and provides a means of + * uniquely identifying each device. + * + * Since drm scheme properties may vary, additional field names may be + * defined by each DRM vendor. Refer to your DRM provider documentation + * for definitions of its additional field names. + */ + + /** + * Read a string property value given the property name. + * + * @param propertyName the name of the property + * @return the property value string + * @return status the status of the call + */ + getPropertyString(string propertyName) + generates (string value, Status status); + + /** + * Read a byte array property value given the property name. + * + * @param propertyName the name of the property + * @return the property value byte array + * @return status the status of the call + */ + getPropertyByteArray(string propertyName) + generates (vec value, Status status); + + /** + * Write a property string value given the property name + * + * @param propertyName the name of the property + * @param value the value to write + * @return status the status of the call + */ + setPropertyString(string propertyName, string value ) + generates (Status status); + + /** + * Write a property byte array value given the property name + * + * @param propertyName the name of the property + * @param value the value to write + * @return status the status of the call + */ + setPropertyByteArray(string propertyName, vec value ) + generates (Status status); + + /** + * The following methods implement operations on a CryptoSession to support + * encrypt, decrypt, sign verify operations on operator-provided + * session keys. + */ + + /** + * Set the cipher algorithm to be used for the specified session. + * + * @param sessionId the session id the call applies to + * @param algorithm the algorithm to use. The string conforms to JCA + * Standard Names for Cipher Transforms and is case insensitive. An + * example algorithm is "AES/CBC/PKCS5Padding". + * @return status the status of the call + */ + setCipherAlgorithm(SessionId sessionId, string algorithm) + generates (Status status); + + /** + * Set the MAC algorithm to be used for computing hashes in a session. + * + * @param sessionId the session id the call applies to + * @param algorithm the algorithm to use. The string conforms to JCA + * Standard Names for Mac Algorithms and is case insensitive. An example MAC + * algorithm string is "HmacSHA256". + * @return status the status of the call + */ + setMacAlgorithm(SessionId sessionId, string algorithm) + generates (Status status); + + /** + * Encrypt the provided input buffer with the cipher algorithm specified by + * setCipherAlgorithm and the key selected by keyId, and return the + * encrypted data. + * + * @param sessionId the session id the call applies to + * @param keyId the ID of the key to use for encryption + * @param input the input data to encrypt + * @param iv the initialization vector to use for encryption + * @return output the decrypted data + * @return status the status of the call + */ + encrypt(SessionId sessionId, vec keyId, vec input, + vec iv) + generates (vec output, Status status); + + /** + * Decrypt the provided input buffer with the cipher algorithm + * specified by setCipherAlgorithm and the key selected by keyId, + * and return the decrypted data. + * + * @param sessionId the session id the call applies to + * @param keyId the ID of the key to use for decryption + * @param input the input data to decrypt + * @param iv the initialization vector to use for decryption + * @return output the decrypted data + * @return status the status of the call + */ + decrypt(SessionId sessionId, vec keyId, vec input, + vec iv) generates (vec output, Status status); + + /** + * Compute a signature over the provided message using the mac algorithm + * specified by setMacAlgorithm and the key selected by keyId and return + * the signature. + * + * @param sessionId the session id the call applies to + * @param keyId the ID of the key to use for decryption + * @param message the message to compute a signature over + * @return the computed signature + * @return status the status of the call + */ + sign(SessionId sessionId, vec keyId, vec message) + generates (vec signature, Status status); + + /** + * Compute a hash of the provided message using the mac algorithm specified + * by setMacAlgorithm and the key selected by keyId, and compare with the + * expected result. + * + * @param sessionId the session id the call applies to + * @param keyId the ID of the key to use for decryption + * @param message the message to compute a hash of + * @return status the status of the call + */ + verify(SessionId sessionId, vec keyId, vec message, + vec signature) generates (bool match, Status status); + + /** + * Compute an RSA signature on the provided message using the specified + * algorithm. + * + * @param algorithm the signing algorithm, such as "RSASSA-PSS-SHA1" + * or "PKCS1-BlockType1" + * @param sessionId the session id the call applies to + * @param wrappedKey the private key returned during provisioning + * as returned by provideProvisionResponse. + * @return signature the RSA signature computed over the message + * @return status the status of the call + */ + signRSA(SessionId sessionId, string algorithm, vec message, + vec wrappedkey) + generates (vec signature, Status status); + + /** + * Set a listener for a drm session. This allows the drm HAL to + * make asynchronous calls back to the client of IDrm. + * + * @param listener instance of IDrmPluginListener to receive the events + */ + setListener(IDrmPluginListener listener); + + /** + * HAL implementations call the following methods to deliver events to the + * listener + */ + + /** + * Legacy event sending method, it sends events of various types using a + * single overloaded set of parameters. This form is deprecated. + * + * @param eventType the type of the event + * @param sessionId identifies the session the event originated from + * @param data event-specific data blob + */ + oneway sendEvent(EventType eventType, SessionId sessionId, + vec data); + + /** + * Send a license expiration update to the listener. The expiration + * update indicates how long the current keys are valid before they + * need to be renewed. + * + * @param sessionId identifies the session the event originated from + * @param expiryTimeInMS the time when the keys need to be renewed. + * The time is in milliseconds, relative to the Unix epoch. A time of 0 + * indicates that the keys never expire. + */ + oneway sendExpirationUpdate(SessionId sessionId, int64_t expiryTimeInMS); + + /** + * Send a keys change event to the listener. The keys change event + * indicates the status of each key in the session. `Keys can be + * indicated as being usable, expired, outputnotallowed or statuspending. + * + * @param sessionId identifies the session the event originated from + * @param keyStatusList indicates the status for each key ID in the + * session. + * @param hasNewUsableKey indicates if the event includes at least one + * key that has become usable. + */ + oneway sendKeysChange(SessionId sessionId, vec keyStatusList, + bool hasNewUsableKey); +}; diff --git a/drm/drm/1.0/IDrmPluginListener.hal b/drm/drm/1.0/IDrmPluginListener.hal new file mode 100644 index 0000000000..fe2d998e5d --- /dev/null +++ b/drm/drm/1.0/IDrmPluginListener.hal @@ -0,0 +1,66 @@ +/* + * Copyright (C) 2016 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.hardware.drm.drm@1.0; + +import android.hardware.drm.drm@1.0::types; + +/** + * Ref: frameworks/native/include/media/drm/DrmAPI.h:DrmPluginListener + */ + +/** + * IDrmPluginListener is a listener interface for Drm events sent from an + * IDrmPlugin instance. + */ +interface IDrmPluginListener { + + /** + * Legacy event sending method, it sends events of various types using a + * single overloaded set of parameters. This form is deprecated. + * + * @param eventType the type of the event + * @param sessionId identifies the session the event originated from + * @param data event-specific data blob + */ + sendEvent(EventType eventType, SessionId sessionId, vec data); + + /** + * Send a license expiration update to the listener. The expiration + * update indicates how long the current keys are valid before they + * need to be renewed. + * + * @param sessionId identifies the session the event originated from + * @param expiryTimeInMS the time when the keys need to be renewed. + * The time is in milliseconds, relative to the Unix epoch. A time + * of 0 indicates that the keys never expire. + */ + sendExpirationUpdate(SessionId sessionId, int64_t expiryTimeInMS); + + /** + * Send a keys change event to the listener. The keys change event + * indicates the status of each key in the session. Keys can be + * indicated as being usable, expired, outputnotallowed or statuspending. + * + * @param sessionId identifies the session the event originated from + * @param keyStatusList indicates the status for each key ID in the + * session. + * @param hasNewUsableKey indicates if the event includes at least one + * key that has become usable. + */ + sendKeysChange(SessionId sessionId, vec keyStatusList, + bool hasNewUsableKey); +}; diff --git a/drm/drm/1.0/types.hal b/drm/drm/1.0/types.hal new file mode 100644 index 0000000000..05101c9f1f --- /dev/null +++ b/drm/drm/1.0/types.hal @@ -0,0 +1,228 @@ +/** + * Copyright (C) 2016 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.hardware.drm.drm@1.0; + +enum Status : uint32_t { + /** + * The DRM plugin must return ERROR_DRM_NO_LICENSE, when decryption is + * attempted and no license keys have been provided. + */ + ERROR_DRM_NO_LICENSE, + + /** + * ERROR_DRM_LICENSE_EXPIRED must be returned when an attempt is made + * to use a license and the keys in that license have expired. + */ + ERROR_DRM_LICENSE_EXPIRED, + + /** + * The DRM plugin must return ERROR_DRM_SESSION_NOT_OPENED when an + * attempt is made to use a session that has not been opened. + */ + ERROR_DRM_SESSION_NOT_OPENED, + + /** + * The DRM plugin must return ERROR_DRM_CANNOT_HANDLE when an unsupported + * data format or operation is attempted. + */ + ERROR_DRM_CANNOT_HANDLE, + + /** + * ERROR_DRM_INVALID_STATE must be returned when the device is in a state + * where it is not able to perform decryption. + */ + ERROR_DRM_INVALID_STATE, + + /** + * The Drm plugin must return BAD_VALUE whenever an illegal parameter is + * passed to one of the interface functions. + */ + BAD_VALUE, + + /** + * The DRM plugin must return ERROR_DRM_NOT_PROVISIONED from getKeyRequest, + * openSession or provideKeyResponse when the device has not yet been + * provisioned. + */ + ERROR_DRM_NOT_PROVISIONED, + + /** + * ERROR_DRM_RESOURCE_BUSY must be returned when resources, such as drm + * sessions or secure buffers are not available to perform a requested + * operation because they are already in use. + */ + ERROR_DRM_RESOURCE_BUSY, + + /** + * The Drm Plugin must return ERROR_DRM_DEVICE_REVOKED from + * provideProvisionResponse and provideKeyResponse if the response indicates + * that the device has been revoked. Device revocation means that the device + * is no longer permitted to play content. + */ + ERROR_DRM_DEVICE_REVOKED, + + /** + * ERROR_DRM_UNKNOWN must be returned when a fatal failure occurs and no + * other defined error is appropriate. + */ + ERROR_DRM_UNKNOWN, +}; + + +/** + * EventType enumerates the events that can be delivered by sendEvent + */ +enum EventType : uint32_t { + /** + * This event type indicates that the app needs to request a certificate + * from the provisioning server. The request message data is obtained using + * getProvisionRequest(). + */ + PROVISION_REQUIRED, + + /** + * This event type indicates that the app needs to request keys from a + * license server. The request message data is obtained using getKeyRequest. + */ + KEY_NEEDED, + + /** + * This event type indicates that the licensed usage duration for keys in a + * session has expired. The keys are no longer valid. + */ + KEY_EXPIRED, + + /** + * This event may indicate some specific vendor-defined condition, see your + * DRM provider documentation for details. + */ + VENDOR_DEFINED, + + /** + * This event indicates that a session opened by the app has been reclaimed + * by the resource manager. + */ + SESSION_RECLAIMED, +}; + +enum KeyType : uint32_t { + /** + * Drm keys can be for offline content or for online streaming. + * Offline keys are persisted on the device and may be used when the device + * is disconnected from the network. + */ + OFFLINE, + + /** + * Keys for streaming are not persisted and require the device to be + * connected to the network for periodic renewal. + */ + STREAMING, + + /** + * The Release type is used to request that offline keys be no longer + * restricted to offline use. + */ + RELEASE, +}; + +/** + * Enumerate KeyRequestTypes to allow an app to determine the type of a key + * request returned from getKeyRequest. + */ +enum KeyRequestType : uint32_t { + /** + * Key request type is for an initial license request + */ + INITIAL, + + /** + * Key request type is for license renewal. Renewal requests are used + * to extend the validity period for streaming keys. + */ + RENEWAL, + + /** + * Key request type is a release. A key release causes offline keys + * to become available for streaming. + */ + RELEASE, +}; + +/** + * Enumerate KeyStatusTypes which indicate the state of a key + */ +enum KeyStatusType : uint32_t { + /** + * The key is currently usable to decrypt media data. + */ + USABLE, + + /** + * The key is no longer usable to decrypt media data because its expiration + * time has passed. + */ + EXPIRED, + + /** + * The key is not currently usable to decrypt media data because its output + * requirements cannot currently be met. + */ + OUTPUTNOTALLOWED, + + /** + * The status of the key is not yet known and is being determined. + */ + STATUSPENDING, + + /** + * The key is not currently usable to decrypt media data because of an + * internal error in processing unrelated to input parameters. + */ + INTERNALERROR, +}; + +typedef vec SessionId; + +/** + * Used by sendKeysChange to report the usability status of each key to the + * app. + */ +struct KeyStatus +{ + vec keyId; + KeyStatusType type; +}; + +/** + * Simulates a KeyedVector + */ +struct KeyValue { + string key; + string value; +}; + +typedef vec KeyedVector; + +/** + * Encapsulates a secure stop opaque object + */ +struct SecureStop { + vec opaqueData; +}; + +typedef vec SecureStopId;