DrmAPI.h revision bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3
1bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker/* 256c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker * Copyright (C) 2013 The Android Open Source Project 356c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker * 456c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker * Licensed under the Apache License, Version 2.0 (the "License"); 556c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker * you may not use this file except in compliance with the License. 656c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker * You may obtain a copy of the License at 756c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker * 856c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker * http://www.apache.org/licenses/LICENSE-2.0 956c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker * 1056c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker * Unless required by applicable law or agreed to in writing, software 1156c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker * distributed under the License is distributed on an "AS IS" BASIS, 1256c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1356c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker * See the License for the specific language governing permissions and 1456c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker * limitations under the License. 1556c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker */ 1656c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 1756c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker#ifndef DRM_API_H_ 1856c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker#define DRM_API_H_ 1956c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 2056c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker#include <utils/List.h> 2156c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker#include <utils/String8.h> 2256c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker#include <utils/Vector.h> 2356c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker#include <utils/KeyedVector.h> 2456c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker#include <utils/RefBase.h> 2556c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker#include <media/stagefright/foundation/ABase.h> 2656c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 2756c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker// Loadable DrmEngine shared libraries should define the entry points 2856c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker// createDrmFactory and createCryptoFactory as shown below: 2956c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker// 3056c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker// extern "C" { 3156c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker// extern android::DrmFactory *createDrmFactory(); 3256c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker// extern android::CryptoFactory *createCryptoFactory(); 3356c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker// } 3456c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 3556c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinkernamespace android { 3656c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 3756c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker struct DrmPlugin; 3856c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 3956c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // DRMs are implemented in DrmEngine plugins, which are dynamically 4056c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // loadable shared libraries that implement the entry points 4156c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // createDrmFactory and createCryptoFactory. createDrmFactory 4256c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // constructs and returns an instance of a DrmFactory object. Similarly, 4356c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // createCryptoFactory creates an instance of a CryptoFactory object. 4456c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // When a MediaCrypto or MediaDrm object needs to be constructed, all 4556c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // available DrmEngines present in the plugins directory on the device 4656c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // are scanned for a matching DrmEngine that can support the crypto 4756c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // scheme. When a match is found, the DrmEngine's createCryptoPlugin and 4856c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // createDrmPlugin methods are used to create CryptoPlugin or 4956c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // DrmPlugin instances to support that DRM scheme. 5056c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 5156c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker class DrmFactory { 5256c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker public: 5356c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker DrmFactory() {} 5456c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker virtual ~DrmFactory() {} 5556c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 5656c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // DrmFactory::isCryptoSchemeSupported can be called to determine 5756c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // if the plugin factory is able to construct plugins that support a 5856c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // given crypto scheme, which is specified by a UUID. 5956c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker virtual bool isCryptoSchemeSupported(const uint8_t uuid[16]) = 0; 6056c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 6156c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // Construct a DrmPlugin for the crypto scheme specified by UUID. 6256c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker virtual status_t createDrmPlugin( 6356c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker const uint8_t uuid[16], DrmPlugin **plugin) = 0; 6456c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 6556c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker private: 6656c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker DrmFactory(const DrmFactory &); 6756c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker DrmFactory &operator=(const DrmFactory &); 6856c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker }; 6956c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 7056c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker class DrmPlugin { 7156c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker public: 7256c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker enum EventType { 7356c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker kDrmPluginEventProvisionRequired, 74bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker kDrmPluginEventKeyNeeded, 75bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker kDrmPluginEventKeyExpired, 7656c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker kDrmPluginEventVendorDefined 7756c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker }; 7856c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 79bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // Drm keys can be for offline content or for online streaming. 80bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // Offline keys are persisted on the device and may be used when the device 8156c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // is disconnected from the network. 82bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker enum KeyType { 83bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker kKeyType_Offline, 84bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker kKeyType_Streaming 8556c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker }; 8656c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 8756c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker DrmPlugin() {} 8856c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker virtual ~DrmPlugin() {} 8956c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 9056c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // Open a new session with the DrmPlugin object. A session ID is returned 9156c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // in the sessionId parameter. 9256c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker virtual status_t openSession(Vector<uint8_t> &sessionId) = 0; 9356c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 9456c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // Close a session on the DrmPlugin object. 9556c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker virtual status_t closeSession(Vector<uint8_t> const &sessionId) = 0; 9656c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 97bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // A key request/response exchange occurs between the app and a License 98bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // Server to obtain the keys required to decrypt the content. getKeyRequest() 99bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // is used to obtain an opaque key request blob that is delivered to the 10056c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // license server. 10156c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // 102bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // The init data passed to getKeyRequest is container-specific and its 10356c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // meaning is interpreted based on the mime type provided in the mimeType 104bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // parameter to getKeyRequest. It could contain, for example, the content 10556c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // ID, key ID or other data obtained from the content metadata that is required 106bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // in generating the key request. 10756c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // 108bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // keyType specifes if the keys are to be used for streaming or offline content 10956c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // 110bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // optionalParameters are included in the key request message to allow a 111bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // client application to provide additional message parameters to the server. 11256c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // 113bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // If successful, the opaque key request blob is returned to the caller. 11456c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker virtual status_t 115bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker getKeyRequest(Vector<uint8_t> const &sessionId, 116bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> const &initData, 117bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker String8 const &mimeType, KeyType keyType, 118bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker KeyedVector<String8, String8> const &optionalParameters, 119bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> &request, String8 &defaultUrl) = 0; 12056c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 121bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // After a key response is received by the app, it is provided to the 122bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // Drm plugin using provideKeyResponse. Returns the id of the key set 123bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // in keySetId. The keySetId can be used by removeKeys or restoreKeys 124bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // when the keys are used for offline content. 125bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker virtual status_t provideKeyResponse(Vector<uint8_t> const &sessionId, 126bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> const &response, 127bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> &keySetId) = 0; 12856c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 129bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // Remove the persisted keys associated with an offline license for a session. 130bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker virtual status_t removeKeys(Vector<uint8_t> const &keySetId) = 0; 131bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker 132bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // Restore persisted offline keys into a new session. keySetId identifies 133bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // the keys to load, obtained from a prior call to provideKeyResponse(). 134bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker virtual status_t restoreKeys(Vector<uint8_t> const &sessionId, 135bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> const &keySetId) = 0; 13656c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 13756c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // Request an informative description of the license for the session. The status 13856c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // is in the form of {name, value} pairs. Since DRM license policies vary by 13956c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // vendor, the specific status field names are determined by each DRM vendor. 14056c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // Refer to your DRM provider documentation for definitions of the field names 14156c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // for a particular DrmEngine. 14256c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker virtual status_t 143bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker queryKeyStatus(Vector<uint8_t> const &sessionId, 144bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker KeyedVector<String8, String8> &infoMap) const = 0; 14556c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 14656c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // A provision request/response exchange occurs between the app and a 14756c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // provisioning server to retrieve a device certificate. getProvisionRequest 148bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // is used to obtain an opaque key request blob that is delivered to the 14956c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // provisioning server. 15056c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // 15156c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // If successful, the opaque provision request blob is returned to the caller. 15256c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker virtual status_t getProvisionRequest(Vector<uint8_t> &request, 15356c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker String8 &defaultUrl) = 0; 15456c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 15556c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // After a provision response is received by the app, it is provided to the 15656c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // Drm plugin using provideProvisionResponse. 15756c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker virtual status_t provideProvisionResponse(Vector<uint8_t> const &response) = 0; 15856c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 15956c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // A means of enforcing the contractual requirement for a concurrent stream 16056c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // limit per subscriber across devices is provided via SecureStop. SecureStop 16156c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // is a means of securely monitoring the lifetime of sessions. Since playback 16256c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // on a device can be interrupted due to reboot, power failure, etc. a means 16356c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // of persisting the lifetime information on the device is needed. 16456c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // 16556c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // A signed version of the sessionID is written to persistent storage on the 16656c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // device when each MediaCrypto object is created. The sessionID is signed by 16756c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // the device private key to prevent tampering. 16856c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // 16956c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // In the normal case, playback will be completed, the session destroyed and 17056c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // the Secure Stops will be queried. The App queries secure stops and forwards 17156c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // the secure stop message to the server which verifies the signature and 17256c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // notifies the server side database that the session destruction has been 17356c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // confirmed. The persisted record on the client is only removed after positive 17456c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // confirmation that the server received the message using releaseSecureStops(). 17556c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker virtual status_t getSecureStops(List<Vector<uint8_t> > &secureStops) = 0; 17656c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker virtual status_t releaseSecureStops(Vector<uint8_t> const &ssRelease) = 0; 17756c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 17856c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // Read a property value given the device property string. There are a few forms 17956c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // of property access methods, depending on the data type returned. 18056c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // Since DRM plugin properties may vary, additional field names may be defined 18156c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // by each DRM vendor. Refer to your DRM provider documentation for definitions 18256c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // of its additional field names. 18356c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // 18456c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // Standard values are: 18556c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // "vendor" [string] identifies the maker of the plugin 18656c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // "version" [string] identifies the version of the plugin 18756c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // "description" [string] describes the plugin 18856c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // 'deviceUniqueId' [byte array] The device unique identifier is established 18956c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // during device provisioning and provides a means of uniquely identifying 19056c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // each device. 19156c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker virtual status_t getPropertyString(String8 const &name, String8 &value ) const = 0; 19256c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker virtual status_t getPropertyByteArray(String8 const &name, 19356c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker Vector<uint8_t> &value ) const = 0; 19456c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 19556c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // Write a property value given the device property string. There are a few forms 19656c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // of property setting methods, depending on the data type. 19756c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // Since DRM plugin properties may vary, additional field names may be defined 19856c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // by each DRM vendor. Refer to your DRM provider documentation for definitions 19956c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // of its field names. 20056c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker virtual status_t setPropertyString(String8 const &name, 20156c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker String8 const &value ) = 0; 20256c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker virtual status_t setPropertyByteArray(String8 const &name, 20356c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker Vector<uint8_t> const &value ) = 0; 20456c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 205bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // The following methods implement operations on a CryptoSession to support 206bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // encrypt, decrypt, sign verify operations on operator-provided 207bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // session keys. 208bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker 209bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // 210bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // The algorithm string conforms to JCA Standard Names for Cipher 211bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // Transforms and is case insensitive. For example "AES/CBC/PKCS5Padding". 212bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // 213bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // Return OK if the algorithm is supported, otherwise return BAD_VALUE 214bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // 215bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker virtual status_t setCipherAlgorithm(Vector<uint8_t> const &sessionId, 216bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker String8 const &algorithm) = 0; 217bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker 218bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // 219bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // The algorithm string conforms to JCA Standard Names for Mac 220bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // Algorithms and is case insensitive. For example "HmacSHA256". 221bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // 222bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // Return OK if the algorithm is supported, otherwise return BAD_VALUE 223bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // 224bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker virtual status_t setMacAlgorithm(Vector<uint8_t> const &sessionId, 225bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker String8 const &algorithm) = 0; 226bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker 227bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // Encrypt the provided input buffer with the cipher algorithm 228bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // specified by setCipherAlgorithm and the key selected by keyId, 229bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // and return the encrypted data. 230bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker virtual status_t encrypt(Vector<uint8_t> const &sessionId, 231bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> const &keyId, 232bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> const &input, 233bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> const &iv, 234bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> &output) = 0; 235bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker 236bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // Decrypt the provided input buffer with the cipher algorithm 237bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // specified by setCipherAlgorithm and the key selected by keyId, 238bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // and return the decrypted data. 239bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker virtual status_t decrypt(Vector<uint8_t> const &sessionId, 240bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> const &keyId, 241bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> const &input, 242bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> const &iv, 243bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> &output) = 0; 244bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker 245bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // Compute a signature on the provided message using the mac algorithm 246bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // specified by setMacAlgorithm and the key selected by keyId, 247bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // and return the signature. 248bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker virtual status_t sign(Vector<uint8_t> const &sessionId, 249bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> const &keyId, 250bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> const &message, 251bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> &signature) = 0; 252bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker 253bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // Compute a signature on the provided message using the mac algorithm 254bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // specified by setMacAlgorithm and the key selected by keyId, 255bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // and compare with the expected result. Set result to true or 256bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker // false depending on the outcome. 257bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker virtual status_t verify(Vector<uint8_t> const &sessionId, 258bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> const &keyId, 259bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> const &message, 260bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker Vector<uint8_t> const &signature, 261bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker bool &match) = 0; 262bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker 263bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker 264bcbd78bd246f1e68e44b4a6d6257dbfcec8e65b3Jeff Tinker 26556c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker // TODO: provide way to send an event 26656c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker private: 26756c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker DISALLOW_EVIL_CONSTRUCTORS(DrmPlugin); 26856c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker }; 26956c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 27056c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker} // namespace android 27156c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker 27256c78c47d8c22621a8a23375d8a6c63d99a9335dJeff Tinker#endif // DRM_API_H_ 273