| /** |
| * Copyright (C) 2017 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| package android.hardware.drm@1.1; |
| |
| import @1.0::IDrmPlugin; |
| import @1.0::IDrmPluginListener; |
| import @1.0::KeyedVector; |
| import @1.0::KeyType; |
| import @1.0::Status; |
| import @1.1::DrmMetricGroup; |
| import @1.1::HdcpLevel; |
| import @1.1::KeyRequestType; |
| import @1.0::SecureStopId; |
| import @1.1::SecureStopRelease; |
| import @1.1::SecurityLevel; |
| import @1.0::SessionId; |
| |
| /** |
| * IDrmPlugin is used to interact with a specific drm plugin that was created by |
| * IDrm::createPlugin. A drm plugin provides methods for obtaining drm keys that |
| * may be used by a codec to decrypt protected video content. |
| */ |
| interface IDrmPlugin extends @1.0::IDrmPlugin { |
| /** |
| * Open a new session at a requested security level. The security level |
| * represents the robustness of the device's DRM implementation. By default, |
| * sessions are opened at the native security level of the device which is |
| * the maximum level that can be supported. Overriding the security level is |
| * necessary when the decrypted frames need to be manipulated, such as for |
| * image compositing. The security level parameter must be equal to or lower |
| * than the native level. If the requested level is not supported, the next |
| * lower supported security level must be set. The level can be queried |
| * using {@link #getSecurityLevel}. A session ID is returned. When the |
| * [email protected] openSession is called, which has no securityLevel parameter, the |
| * security level is defaulted to the native security level of the device. |
| * |
| * @return status the status of the call. The status must be OK or one of |
| * the following errors: ERROR_DRM_NOT_PROVISIONED if the device |
| * requires provisioning before it can open a session, |
| * ERROR_DRM_RESOURCE_BUSY if there are insufficent resources available |
| * to open a session, ERROR_DRM_CANNOT_HANDLE if the requested security |
| * level is higher than the native level or lower than the lowest |
| * supported level or if openSession is not supported at the time of |
| * the call, or ERROR_DRM_INVALID_STATE if the HAL is in a state where |
| * a session cannot be opened. |
| * @param level the requested security level |
| * @return sessionId the session ID for the newly opened session |
| */ |
| openSession_1_1(SecurityLevel securityLevel) generates (Status status, |
| SessionId sessionId); |
| |
| /** |
| * A key request/response exchange occurs between the app and a License |
| * Server to obtain the keys required to decrypt the content. |
| * getKeyRequest_1_1() is used to obtain an opaque key request blob that is |
| * delivered to the license server. |
| * |
| * getKeyRequest_1_1() only differs from getKeyRequest() in that additional |
| * values are returned in 1.1::KeyRequestType as compared to |
| * 1.0::KeyRequestType |
| * |
| * @param scope may be a sessionId or a keySetId, depending on the |
| * specified keyType. When the keyType is OFFLINE or STREAMING, |
| * scope should be set to the sessionId the keys will be provided |
| * to. When the keyType is RELEASE, scope should be set to the |
| * keySetId of the keys being released. |
| * @param initData container-specific data, its meaning is interpreted |
| * based on the mime type provided in the mimeType parameter. |
| * It could contain, for example, the content ID, key ID or |
| * other data obtained from the content metadata that is |
| * required to generate the key request. initData may be empty |
| * when keyType is RELEASE. |
| * @param mimeType identifies the mime type of the content |
| * @param keyType specifies if the keys are to be used for streaming, |
| * offline or a release |
| * @param optionalParameters included in the key request message to |
| * allow a client application to provide additional message |
| * parameters to the server. |
| * @return status the status of the call. The status must be OK or one of |
| * the following errors: ERROR_DRM_SESSION_NOT_OPENED if the |
| * session is not opened, ERROR_DRM_NOT_PROVISIONED if the device |
| * requires provisioning before it can generate a key request, |
| * ERROR_DRM_CANNOT_HANDLE if getKeyRequest is not supported |
| * at the time of the call, BAD_VALUE if any parameters are |
| * invalid or ERROR_DRM_INVALID_STATE if the HAL is in a |
| * state where a key request cannot be generated. |
| * @return request if successful, the opaque key request blob is returned |
| * @return requestType indicates type information about the returned |
| * request. The type may be one of INITIAL, RENEWAL, RELEASE, |
| * NONE or UPDATE. An INITIAL request is the first key request |
| * for a license. RENEWAL is a subsequent key request used to |
| * refresh the keys in a license. RELEASE corresponds to a |
| * keyType of RELEASE, which indicates keys are being released. |
| * NONE indicates that no request is needed because the keys are |
| * already loaded. UPDATE indicates that the keys need to be |
| * refetched after the initial license request. |
| * @return defaultUrl the URL that the request may be sent to, if |
| * provided by the drm HAL. The app may choose to override this URL. |
| */ |
| getKeyRequest_1_1(vec<uint8_t> scope, vec<uint8_t> initData, |
| string mimeType, KeyType keyType, KeyedVector optionalParameters) |
| generates (Status status, vec<uint8_t> request, |
| KeyRequestType requestType, string defaultUrl); |
| |
| /** |
| * Return the currently negotiated and max supported HDCP levels. |
| * |
| * The current level is based on the display(s) the device is connected to. |
| * If multiple HDCP-capable displays are simultaneously connected to |
| * separate interfaces, this method returns the lowest negotiated HDCP level |
| * of all interfaces. |
| * |
| * The maximum HDCP level is the highest level that can potentially be |
| * negotiated. It is a constant for any device, i.e. it does not depend on |
| * downstream receiving devices that could be connected. For example, if |
| * the device has HDCP 1.x keys and is capable of negotiating HDCP 1.x, but |
| * does not have HDCP 2.x keys, then the maximum HDCP capability would be |
| * reported as 1.x. If multiple HDCP-capable interfaces are present, it |
| * indicates the highest of the maximum HDCP levels of all interfaces. |
| * |
| * This method should only be used for informational purposes, not for |
| * enforcing compliance with HDCP requirements. Trusted enforcement of HDCP |
| * policies must be handled by the DRM system. |
| * |
| * @return status the status of the call. The status must be OK or |
| * ERROR_DRM_INVALID_STATE if the HAL is in a state where the HDCP |
| * level cannot be queried. |
| * @return connectedLevel the lowest HDCP level for any connected |
| * displays |
| * @return maxLevel the highest HDCP level that can be supported |
| * by the device |
| */ |
| getHdcpLevels() generates (Status status, HdcpLevel connectedLevel, |
| HdcpLevel maxLevel); |
| |
| /** |
| * Return the current number of open sessions and the maximum number of |
| * sessions that may be opened simultaneosly among all DRM instances for the |
| * active DRM scheme. |
| * |
| * @return status the status of the call. The status must be OK or |
| * ERROR_DRM_INVALID_STATE if the HAL is in a state where number of |
| * sessions cannot be queried. |
| * @return currentSessions the number of currently opened sessions |
| * @return maxSessions the maximum number of sessions that the device |
| * can support |
| */ |
| getNumberOfSessions() generates (Status status, uint32_t currentSessions, |
| uint32_t maxSessions); |
| |
| /** |
| * Return the current security level of a session. A session has an initial |
| * security level determined by the robustness of the DRM system's |
| * implementation on the device. |
| * |
| * @param sessionId the session id the call applies to |
| * @return status the status of the call. The status must be OK or one of |
| * the following errors: ERROR_DRM_SESSION_NOT_OPENED if the |
| * session is not opened, BAD_VALUE if the sessionId is invalid or |
| * ERROR_DRM_INVALID_STATE if the HAL is in a state where the |
| * security level cannot be queried. |
| * @return level the current security level for the session |
| */ |
| getSecurityLevel(vec<uint8_t> sessionId) generates(Status status, |
| SecurityLevel level); |
| |
| /** |
| * Returns the plugin-specific metrics. Multiple metric groups may be |
| * returned in one call to getMetrics(). The scope and definition of the |
| * metrics is defined by the plugin. |
| * |
| * @return status the status of the call. The status must be OK or |
| * ERROR_DRM_INVALID_STATE if the metrics are not available to be |
| * returned. |
| * @return metric_groups the collection of metric groups provided by the |
| * plugin. |
| */ |
| getMetrics() generates (Status status, vec<DrmMetricGroup> metric_groups); |
| |
| /** |
| * Get the IDs of all secure stops on the device |
| * |
| * @return status the status of the call. The status must be OK or |
| * ERROR_DRM_INVALID_STATE if the HAL is in a state where the secure stop |
| * IDs cannot be returned. |
| * @return secureStopIds a list of the IDs |
| */ |
| getSecureStopIds() generates |
| (Status status, vec<SecureStopId> secureStopIds); |
| |
| /** |
| * Release secure stops given a release message from the key server |
| * |
| * @param ssRelease the secure stop release message identifying one or more |
| * secure stops to release. ssRelease is opaque, it is passed directly from |
| * a DRM license server through the app and media framework to the vendor |
| * HAL module. The format and content of ssRelease must be defined by the |
| * DRM scheme being implemented according to this HAL. The DRM scheme |
| * can be identified by its UUID which can be queried using |
| * IDrmFactory::isCryptoSchemeSupported. |
| * |
| * @return status the status of the call. The status must be OK or one of |
| * the following errors: BAD_VALUE if ssRelease is invalid or |
| * ERROR_DRM_INVALID_STATE if the HAL is in a state where the secure stop |
| * cannot be released. |
| */ |
| releaseSecureStops(SecureStopRelease ssRelease) generates (Status status); |
| |
| /** |
| * Remove a secure stop given its secure stop ID, without requiring |
| * a secure stop release response message from the key server. |
| * |
| * @param secureStopId the ID of the secure stop to release. |
| * |
| * @return status the status of the call. The status must be OK or one of |
| * the following errors: BAD_VALUE if the secureStopId is invalid or |
| * ERROR_DRM_INVALID_STATE if the HAL is in a state where the secure stop |
| * cannot be released. |
| */ |
| removeSecureStop(SecureStopId secureStopId) generates (Status status); |
| |
| /** |
| * Remove all secure stops on the device without requiring a secure |
| * stop release response message from the key server. |
| * |
| * @return status the status of the call. The status must be OK or |
| * ERROR_DRM_INVALID_STATE if the HAL is in a state where the secure |
| * stops cannot be removed. |
| */ |
| removeAllSecureStops() generates (Status status); |
| }; |