widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f07494fce99b454b2e2acdc91565d0aeb423f9c3
android/libwvdrmengine/mediadrm/include/WVDrmPlugin.h
Rahul Frias 85da7bdb98 Refactoring to cache service certs and initialization data 
* Extend CdmLicense's stored_init_data_

  [ Merge of http://go/wvgerrit/14661 ]

  CdmLicense will store init data when a server cert must be
  provisioned.  After provisioning, the original init data can be used
  to generate the originally-intended license request.

  To do this before, the caller had to call CdmSession's
  GenerateKeyRequest with an empty InitializationData object.  However,
  the init data's type still had to be set, as did the license type.

  This CL allows the caller to use a truly empty InitializationData
  without a type.  To permit this, CdmLicense now stores a full
  InitializationData object, rather than just a copy of it's data field.

  With this CL, the caller also avoid storing the original license type.
  To accomplish this, CdmSession uses the already-set is_offline_ and
  is_release_ flags from the original call to reconstruct the intended
  license type.  The caller uses the new type kLicenseTypeDeferred.

  To facilitate storing whole InitializationData objects, they are now
  copyable.

  This ultimately simplifies server cert code for the new CE CDM.

* Store service certs in Properties

  [ Merge of http://go/wvgerrit/14664 ]

  This allows CE devices to mimic the Chrome CDM's behavior of sharing
  server certs between sessions.

  This also affects Android behavior.  Previously, provisioned service
  certificates were per-session, while explicitly-set service certs
  were per-DRM-plugin.  Now, both are per-DRM-plugin.

  A DRM plugin is associated with a mediaDrm object. Content
  providers will still be able to retrieve and use different
  certificates. The change here requires an app, that wishes to use
  different provisioned service certificates will have to use
  multiple mediaDrm objects. This is an unlikely scenario.

Change-Id: If2586932784ed046ecab72b5720ff30547e84b97
2015-09-30 10:51:46 -07:00

289 lines
9.2 KiB
C++
Raw Blame History

//
// Copyright 2013 Google Inc. All Rights Reserved.
//
#ifndef WV_DRM_PLUGIN_H_
#define WV_DRM_PLUGIN_H_
#include <stdint.h>
#include <map>
#include "cdm_client_property_set.h"
#include "media/drm/DrmAPI.h"
#include "media/stagefright/foundation/ABase.h"
#include "media/stagefright/foundation/AString.h"
#include "OEMCryptoCENC.h"
#include "utils/Errors.h"
#include "utils/KeyedVector.h"
#include "utils/List.h"
#include "utils/String8.h"
#include "utils/StrongPointer.h"
#include "utils/Vector.h"
#include "wv_cdm_event_listener.h"
#include "wv_content_decryption_module.h"
#include "WVGenericCryptoInterface.h"
namespace wvdrm {
using android::KeyedVector;
using android::List;
using android::status_t;
using android::String8;
using android::Vector;
using std::map;
using wvcdm::CdmKeyStatusMap;
using wvcdm::CdmSessionId;
using wvcdm::CdmResponseType;
using wvcdm::WvContentDecryptionModule;
const OEMCrypto_Algorithm kInvalidCrytpoAlgorithm =
static_cast<OEMCrypto_Algorithm>(-1);
class WVDrmPlugin : public android::DrmPlugin,
public wvcdm::WvCdmEventListener {
public:
WVDrmPlugin(const android::sp<wvcdm::WvContentDecryptionModule>& cdm,
WVGenericCryptoInterface* crypto);
virtual ~WVDrmPlugin();
virtual status_t openSession(Vector<uint8_t>& sessionId);
virtual status_t closeSession(const Vector<uint8_t>& sessionId);
virtual status_t getKeyRequest(
const Vector<uint8_t>& scope,
const Vector<uint8_t>& initData,
const String8& initDataType,
KeyType keyType,
const KeyedVector<String8, String8>& optionalParameters,
Vector<uint8_t>& request,
String8& defaultUrl,
KeyRequestType *keyRequestType);
virtual status_t provideKeyResponse(const Vector<uint8_t>& scope,
const Vector<uint8_t>& response,
Vector<uint8_t>& keySetId);
virtual status_t removeKeys(const Vector<uint8_t>& sessionId);
virtual status_t restoreKeys(const Vector<uint8_t>& sessionId,
const Vector<uint8_t>& keySetId);
virtual status_t queryKeyStatus(
const Vector<uint8_t>& sessionId,
KeyedVector<String8, String8>& infoMap) const;
virtual status_t getProvisionRequest(const String8& cert_type,
const String8& cert_authority,
Vector<uint8_t>& request,
String8& defaultUrl);
virtual status_t provideProvisionResponse(const Vector<uint8_t>& response,
Vector<uint8_t>& certificate,
Vector<uint8_t>& wrapped_key);
virtual status_t unprovisionDevice();
virtual status_t getSecureStop(const Vector<uint8_t>& ssid,
Vector<uint8_t>& secureStop);
virtual status_t getSecureStops(List<Vector<uint8_t> >& secureStops);
virtual status_t releaseAllSecureStops();
virtual status_t releaseSecureStops(const Vector<uint8_t>& ssRelease);
virtual status_t getPropertyString(const String8& name, String8& value) const;
virtual status_t getPropertyByteArray(const String8& name,
Vector<uint8_t>& value) const;
virtual status_t setPropertyString(const String8& name, const String8& value);
virtual status_t setPropertyByteArray(const String8& name,
const Vector<uint8_t>& value);
virtual status_t setCipherAlgorithm(const Vector<uint8_t>& sessionId,
const String8& algorithm);
virtual status_t setMacAlgorithm(const Vector<uint8_t>& sessionId,
const String8& algorithm);
virtual status_t encrypt(const Vector<uint8_t>& sessionId,
const Vector<uint8_t>& keyId,
const Vector<uint8_t>& input,
const Vector<uint8_t>& iv,
Vector<uint8_t>& output);
virtual status_t decrypt(const Vector<uint8_t>& sessionId,
const Vector<uint8_t>& keyId,
const Vector<uint8_t>& input,
const Vector<uint8_t>& iv,
Vector<uint8_t>& output);
virtual status_t sign(const Vector<uint8_t>& sessionId,
const Vector<uint8_t>& keyId,
const Vector<uint8_t>& message,
Vector<uint8_t>& signature);
virtual status_t verify(const Vector<uint8_t>& sessionId,
const Vector<uint8_t>& keyId,
const Vector<uint8_t>& message,
const Vector<uint8_t>& signature,
bool& match);
virtual status_t signRSA(const Vector<uint8_t>& sessionId,
const String8& algorithm,
const Vector<uint8_t>& message,
const Vector<uint8_t>& wrappedKey,
Vector<uint8_t>& signature);
virtual void OnSessionRenewalNeeded(const CdmSessionId& cdmSessionId);
virtual void OnSessionKeysChange(const CdmSessionId& cdmSessionId,
const CdmKeyStatusMap& cdmKeysStatus,
bool hasNewUsableKey);
virtual void OnExpirationUpdate(const CdmSessionId& cdmSessionId,
int64_t newExpiryTimeSeconds);
private:
DISALLOW_EVIL_CONSTRUCTORS(WVDrmPlugin);
struct CryptoSession {
public:
CryptoSession()
: mOecSessionId(-1),
mCipherAlgorithm(kInvalidCrytpoAlgorithm),
mMacAlgorithm(kInvalidCrytpoAlgorithm) {}
CryptoSession(OEMCrypto_SESSION sessionId)
: mOecSessionId(sessionId),
mCipherAlgorithm(kInvalidCrytpoAlgorithm),
mMacAlgorithm(kInvalidCrytpoAlgorithm) {}
OEMCrypto_SESSION oecSessionId() const { return mOecSessionId; }
OEMCrypto_Algorithm cipherAlgorithm() const { return mCipherAlgorithm; }
void setCipherAlgorithm(OEMCrypto_Algorithm newAlgorithm) {
mCipherAlgorithm = newAlgorithm;
}
OEMCrypto_Algorithm macAlgorithm() const { return mMacAlgorithm; }
void setMacAlgorithm(OEMCrypto_Algorithm newAlgorithm) {
mMacAlgorithm = newAlgorithm;
}
private:
OEMCrypto_SESSION mOecSessionId;
OEMCrypto_Algorithm mCipherAlgorithm;
OEMCrypto_Algorithm mMacAlgorithm;
};
class WVClientPropertySet : public wvcdm::CdmClientPropertySet {
public:
WVClientPropertySet()
: mUsePrivacyMode(false), mShareKeys(false), mSessionSharingId(0) {}
virtual ~WVClientPropertySet() {}
virtual const std::string& security_level() const {
return mSecurityLevel;
}
void set_security_level(const std::string& securityLevel) {
mSecurityLevel = securityLevel;
}
virtual bool use_privacy_mode() const {
return mUsePrivacyMode;
}
void set_use_privacy_mode(bool usePrivacyMode) {
mUsePrivacyMode = usePrivacyMode;
}
virtual const std::string& service_certificate() const {
return mServiceCertificate;
}
virtual void set_service_certificate(
const std::string& serviceCertificate) {
mServiceCertificate = serviceCertificate;
}
virtual bool is_session_sharing_enabled() const {
return mShareKeys;
}
void set_is_session_sharing_enabled(bool shareKeys) {
mShareKeys = shareKeys;
}
virtual uint32_t session_sharing_id() const {
return mSessionSharingId;
}
virtual void set_session_sharing_id(uint32_t id) {
mSessionSharingId = id;
}
virtual const std::string& app_id() const {
return mAppId;
}
void set_app_id(const std::string& appId) {
mAppId = appId;
}
private:
DISALLOW_EVIL_CONSTRUCTORS(WVClientPropertySet);
std::string mSecurityLevel;
bool mUsePrivacyMode;
std::string mServiceCertificate;
bool mShareKeys;
uint32_t mSessionSharingId;
std::string mAppId;
} mPropertySet;
android::sp<wvcdm::WvContentDecryptionModule> const mCDM;
WVGenericCryptoInterface* mCrypto;
std::string mOrigin;
map<CdmSessionId, CryptoSession> mCryptoSessions;
status_t queryProperty(const std::string& property,
std::string& stringValue) const;
status_t queryProperty(wvcdm::SecurityLevel securityLevel,
const std::string& property,
std::string& stringValue) const;
status_t queryProperty(const std::string& property,
String8& string8_value) const;
status_t queryProperty(const std::string& property,
Vector<uint8_t>& vector_value) const;
status_t mapAndNotifyOfCdmResponseType(const Vector<uint8_t>& sessionId,
CdmResponseType res);
status_t mapAndNotifyOfOEMCryptoResult(const Vector<uint8_t>& sessionId,
OEMCryptoResult res);
status_t mapOEMCryptoResult(OEMCryptoResult res);
bool initDataResemblesPSSH(const Vector<uint8_t>& initData);
status_t unprovision(const std::string& origin);
const char* determineOrigin() const;
};
} // namespace wvdrm
#endif // WV_DRM_PLUGIN_H_
Reference in New Issue View Git Blame Copy Permalink