/** * Copyright (C) 2016 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.hardware.drm@1.0; enum Status : uint32_t { /** * The DRM plugin must return OK when an operation completes without any * errors. */ OK, /** * The DRM plugin must return ERROR_DRM_NO_LICENSE, when decryption is * attempted and no license keys have been provided. */ ERROR_DRM_NO_LICENSE, /** * ERROR_DRM_LICENSE_EXPIRED must be returned when an attempt is made * to use a license and the keys in that license have expired. */ ERROR_DRM_LICENSE_EXPIRED, /** * The DRM plugin must return ERROR_DRM_SESSION_NOT_OPENED when an * attempt is made to use a session that has not been opened. */ ERROR_DRM_SESSION_NOT_OPENED, /** * The DRM plugin must return ERROR_DRM_CANNOT_HANDLE when an unsupported * data format or operation is attempted. */ ERROR_DRM_CANNOT_HANDLE, /** * ERROR_DRM_INVALID_STATE must be returned when the device is in a state * where it is not able to perform decryption. */ ERROR_DRM_INVALID_STATE, /** * The DRM plugin must return BAD_VALUE whenever an illegal parameter is * passed to one of the interface functions. */ BAD_VALUE, /** * The DRM plugin must return ERROR_DRM_NOT_PROVISIONED from getKeyRequest, * openSession or provideKeyResponse when the device has not yet been * provisioned. */ ERROR_DRM_NOT_PROVISIONED, /** * ERROR_DRM_RESOURCE_BUSY must be returned when resources, such as drm * sessions or secure buffers are not available to perform a requested * operation because they are already in use. */ ERROR_DRM_RESOURCE_BUSY, /** * The DRM Plugin must return ERROR_DRM_INSUFFICIENT_OUTPUT_PROTECTION * when the output protection level enabled on the device is not * sufficient to meet the requirements in the license policy. HDCP is an * example of a form of output protection. */ ERROR_DRM_INSUFFICIENT_OUTPUT_PROTECTION, /** * The DRM Plugin must return ERROR_DRM_DEVICE_REVOKED from * provideProvisionResponse and provideKeyResponse if the response indicates * that the device has been revoked. Device revocation means that the device * is no longer permitted to play content. */ ERROR_DRM_DEVICE_REVOKED, /** * The DRM Plugin must return ERROR_DRM_DECRYPT if the CryptoPlugin * decrypt operation fails. */ ERROR_DRM_DECRYPT, /** * ERROR_DRM_UNKNOWN must be returned when a fatal failure occurs and no * other defined error is appropriate. */ ERROR_DRM_UNKNOWN, }; /** * EventType enumerates the events that can be delivered by sendEvent */ enum EventType : uint32_t { /** * This event type indicates that the app needs to request a certificate * from the provisioning server. The request message data is obtained using * getProvisionRequest(). */ PROVISION_REQUIRED, /** * This event type indicates that the app needs to request keys from a * license server. The request message data is obtained using getKeyRequest. */ KEY_NEEDED, /** * This event type indicates that the licensed usage duration for keys in a * session has expired. The keys are no longer valid. */ KEY_EXPIRED, /** * This event may indicate some specific vendor-defined condition, see your * DRM provider documentation for details. */ VENDOR_DEFINED, /** * This event indicates that a session opened by the app has been reclaimed * by the resource manager. */ SESSION_RECLAIMED, }; enum KeyType : uint32_t { /** * Drm keys can be for offline content or for online streaming. * Offline keys are persisted on the device and may be used when the device * is disconnected from the network. */ OFFLINE, /** * Keys for streaming are not persisted and require the device to be * connected to the network for periodic renewal. */ STREAMING, /** * The Release type is used to request that offline keys be no longer * restricted to offline use. */ RELEASE, }; /** * Enumerate KeyRequestTypes to allow an app to determine the type of a key * request returned from getKeyRequest. */ enum KeyRequestType : uint32_t { /** * Key request type is for an initial license request */ INITIAL, /** * Key request type is for license renewal. Renewal requests are used * to extend the validity period for streaming keys. */ RENEWAL, /** * Key request type is a release. A key release causes offline keys * to become available for streaming. */ RELEASE, /** * Key request type is unknown due to some error condition. */ UNKNOWN, }; /** * Enumerate KeyStatusTypes which indicate the state of a key */ enum KeyStatusType : uint32_t { /** * The key is currently usable to decrypt media data. */ USABLE, /** * The key is no longer usable to decrypt media data because its expiration * time has passed. */ EXPIRED, /** * The key is not currently usable to decrypt media data because its output * requirements cannot currently be met. */ OUTPUTNOTALLOWED, /** * The status of the key is not yet known and is being determined. */ STATUSPENDING, /** * The key is not currently usable to decrypt media data because of an * internal error in processing unrelated to input parameters. */ INTERNALERROR, }; typedef vec SessionId; /** * Used by sendKeysChange to report the usability status of each key to the * app. */ struct KeyStatus { vec keyId; KeyStatusType type; }; /** * Simulates a KeyedVector */ struct KeyValue { string key; string value; }; typedef vec KeyedVector; /** * Encapsulates a secure stop opaque object */ struct SecureStop { vec opaqueData; }; typedef vec SecureStopId; /** * Enumerate the supported crypto modes */ enum Mode : uint32_t { UNENCRYPTED = 0, // Samples are unencrypted AES_CTR = 1, // Samples are encrypted with AES CTR mode AES_CBC_CTS = 2, // Samples are encrypted with AES CBC CTS mode AES_CBC = 3, // Samples are encrypted with AES CBC mode }; /** * A subsample consists of some number of bytes of clear (unencrypted) * data followed by a number of bytes of encrypted data. */ struct SubSample { uint32_t numBytesOfClearData; uint32_t numBytesOfEncryptedData; }; /** * A crypto Pattern is a repeating sequence of encrypted and clear blocks * occuring within the bytes indicated by mNumBytesOfEncryptedDatad bytes * of a subsample. Patterns are used to reduce the CPU overhead of * decrypting samples. As an example, HLS uses 1:9 patterns where every * 10th block is encrypted. */ struct Pattern { /** * The number of blocks to be encrypted in the pattern. If zero, * pattern encryption is inoperative. */ uint32_t encryptBlocks; /** * The number of blocks to be skipped (left clear) in the pattern. If * zero, pattern encryption is inoperative. */ uint32_t skipBlocks; }; enum BufferType : uint32_t { SHARED_MEMORY = 0, NATIVE_HANDLE = 1, }; /** * SharedBuffer describes a decrypt buffer which is defined by a bufferId, an * offset and a size. The offset is relative to the shared memory base for the * memory region identified by bufferId, which is established by * setSharedMemoryBase(). */ struct SharedBuffer { /** * The unique buffer identifier */ uint32_t bufferId; /** * The offset from the shared memory base */ uint64_t offset; /** * The size of the shared buffer in bytes */ uint64_t size; }; /** * A decrypt destination buffer can be either normal user-space shared * memory for the non-secure decrypt case, or it can be a secure buffer * which is referenced by a native-handle. The native handle is allocated * by the vendor's buffer allocator. */ struct DestinationBuffer { /** * The type of the buffer */ BufferType type; /** * If type == SHARED_MEMORY, the decrypted data must be written * to user-space non-secure shared memory. */ SharedBuffer nonsecureMemory; /** * If type == NATIVE_HANDLE, the decrypted data must be written * to secure memory referenced by the vendor's buffer allocator. */ handle secureMemory; };