Initial import of Widevine Common Encryption DRM engine

Builds libwvmdrmengine.so, which is loaded by the new MediaDrm APIs to support playback of Widevine/CENC protected content. Change-Id: I6f57dd37083dfd96c402cb9dd137c7d74edc8f1c
2013-03-21 17:39:02 -07:00
parent 38334efbe7
commit 1a8aa0dd05
211 changed files with 51913 additions and 144 deletions
--- a/libwvdrmengine/cdm/core/src/license_protocol.proto
+++ b/libwvdrmengine/cdm/core/src/license_protocol.proto
@@ -0,0 +1,224 @@
+syntax = "proto2";
+
+package video_widevine_server.sdk;
+
+option optimize_for = LITE_RUNTIME;
+
+enum LicenseType {
+  STREAMING = 1;
+  OFFLINE = 2;
+}
+
+// LicenseIdentification is propagated from LicenseRequest to License,
+// incrementing version with each iteration.
+message LicenseIdentification {
+  optional bytes request_id = 1;
+  optional bytes session_id = 2;
+  optional bytes purchase_id = 3;
+  optional LicenseType type = 4;
+  optional int32 version = 5;
+}
+
+message License {
+  message Policy {
+    // Indicates that playback of the content is allowed.
+    optional bool can_play = 1 [default = false];
+
+    // Indicates that the license may be persisted to non-volatile
+    // storage for offline use.
+    optional bool can_persist = 2 [default = false];
+
+    // Indicates that renewal of this license is allowed.
+    optional bool can_renew = 3 [default = false];
+
+    // For the |*duration*| fields, playback must halt when
+    // license_start_time (seconds since the epoch (UTC)) +
+    // license_duration_seconds is exceeded. A value of 0
+    // indicates that there is no limit to the duration.
+
+    // Indicates the rental window.
+    optional int64 rental_duration_seconds = 4 [default = 0];
+
+    // Indicates the viewing window, once playback has begun.
+    optional int64 playback_duration_seconds = 5 [default = 0];
+
+    // Indicates the time window for this specific license.
+    optional int64 license_duration_seconds = 6 [default = 0];
+
+    // The |renewal*| fields only apply if |can_renew| is true.
+
+    // The window of time, in which playback is allowed to continue while
+    // renewal is attempted, yet unsuccessful due to backend problems with
+    // the license server.
+    optional int64 renewal_recovery_duration_seconds = 7 [default = 0];
+
+    // All renewal requests for this license shall be directed to the
+    // specified URL.
+    optional string renewal_server_url = 8;
+
+    // How many seconds after license_start_time, before renewal is first
+    // attempted.
+    optional int64 renewal_delay_seconds = 9 [default = 0];
+
+    // Specifies the delay in seconds between subsequent license
+    // renewal requests, in case of failure.
+    optional int64 renewal_retry_interval_seconds = 10 [default = 0];
+
+    // Indicates that the license shall be sent for renewal when usage is
+    // started.
+    optional bool renew_with_usage = 11 [default = false];
+  }
+
+  message KeyContainer {
+    enum KeyType {
+      // Exactly one key of this type must appear.
+      SIGNING = 1;
+      CONTENT = 2;
+    }
+
+    // The SecurityLevel enumeration allows the server to communicate the level
+    // of robustness required by the client, in order to use the key.
+    enum SecurityLevel {
+      // Software-based whitebox crypto is required.
+      SW_SECURE_CRYPTO = 1;
+
+      // Software crypto and an obfuscated decoder is required.
+      SW_SECURE_DECODE = 2;
+
+      // The key material and crypto operations must be performed within a
+      // hardware backed trusted execution environment.
+      HW_SECURE_CRYPTO = 3;
+
+      // The crypto and decoding of content must be performed within a hardware
+      // backed trusted execution environment.
+      HW_SECURE_DECODE = 4;
+
+      // The crypto, decoding and all handling of the media (compressed and
+      // uncompressed) must be handled within a hardware backed trusted
+      // execution environment.
+      HW_SECURE_ALL = 5;
+    }
+
+    message KeyControl {
+      // |key_control| is documented here:
+      // https://docs.google.com/a/google.com/document/d/17eDxzzGpPc2qSm7zW68_5ensuxbHErYCvD3IxSKETRo/edit#
+      // If present, the key control must be communicated to the secure
+      // environment prior to any usage.
+      optional bytes struct = 1;
+      optional bytes iv = 2;
+    }
+
+    message OutputProtection {
+      // Indicates whether HDCP is required on digital outputs, and which
+      // version should be used.
+      enum HDCP {
+        HDCP_NONE = 0;
+        HDCP_V1 = 1;
+        HDCP_V2 = 2;
+      }
+      optional HDCP hdcp = 1 [default = HDCP_NONE];
+
+      // Indicate the CGMS setting to be inserted on analog output.
+      enum CGMS {
+        CGMS_NONE = 42;
+        COPY_FREE = 0;
+        COPY_ONCE = 2;
+        COPY_NEVER = 3;
+      }
+      optional CGMS cgms_flags = 2 [default = CGMS_NONE];
+    }
+    optional bytes id = 1;
+    optional bytes iv = 2;
+    optional bytes key = 3;
+    optional KeyType type = 4;
+    optional SecurityLevel level = 5 [default = SW_SECURE_CRYPTO];
+    optional OutputProtection required_protection = 6;
+    optional OutputProtection requested_protection = 7;
+    optional KeyControl key_control = 8;
+  }
+
+  optional LicenseIdentification id = 1;
+  optional Policy policy = 2;
+  repeated KeyContainer key = 3;
+  optional int64 license_start_time = 4;
+}
+
+message LicenseRequest {
+  message ClientIdentification {
+    enum TokenType {
+      KEYBOX = 0;
+    }
+
+    message NameValue {
+      optional string name = 1;
+      optional string value = 2;
+    }
+
+    optional TokenType type = 1;
+    optional bytes token = 2;
+    repeated NameValue client_info = 3;
+  }
+
+  message ContentIdentification {
+    message CENC  {
+      repeated bytes pssh = 1;
+      optional LicenseType license_type = 2;
+      optional bytes request_id = 3;  // Opaque, client-specified.
+    }
+
+    message WebM {
+      optional bytes header = 1;
+      optional LicenseType license_type = 2;
+      optional bytes request_id = 3;  // Opaque, client-specified.
+    }
+
+    message ExistingLicense {
+      optional LicenseIdentification license_id = 1;
+      optional int64 seconds_since_started = 2;
+    }
+
+    // Exactly one of these must be present.
+    optional CENC cenc_id = 1;
+    optional WebM webm_id = 2;
+    optional ExistingLicense license = 3;
+  }
+
+  enum RequestType {
+    NEW = 1;
+    RENEWAL = 2;
+    RELEASE = 3;
+  }
+
+  optional ClientIdentification client_id = 1;
+  optional ContentIdentification content_id = 2;
+  optional RequestType type = 3;
+  optional int64 request_time = 4;
+  optional bytes key_control_nonce = 5;
+}
+
+message SignedMessage {
+  enum MessageType {
+    LICENSE_REQUEST = 1;
+    LICENSE = 2;
+  }
+
+  optional MessageType type = 1;
+  optional bytes msg = 2;
+  optional bytes signature = 3;
+}
+
+// This message is used to pass optional data on initial license issuance.
+message SessionInit {
+  optional string session_id = 1;
+  optional string purchase_id = 2;
+  optional string master_signing_key = 3;
+  optional string signing_key = 4;
+  optional int64 license_start_time = 5;
+}
+
+// This message is used by the server to preserve and restore session state.
+message SessionState {
+  optional LicenseIdentification license_id = 1;
+  optional bytes signing_key = 2;
+  optional uint32 keybox_system_id = 3;
+}