1/* 2 * Copyright (C) 2016 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16package [email protected]; 17 18import [email protected]::types; 19 20/** 21 * Ref: frameworks/native/include/media/hardware/CryptoAPI.h:CryptoPlugin 22 * 23 * ICryptoPlugin is the HAL for vendor-provided crypto plugins. 24 * It allows crypto sessions to be opened and operated on, to 25 * load crypto keys for a codec to decrypt protected video content. 26 */ 27interface ICryptoPlugin { 28 /** 29 * Check if the specified mime-type requires a secure decoder 30 * component. 31 * 32 * @param mime The content mime-type 33 * @return secureRequired must be true only if a secure decoder is required 34 * for the specified mime-type 35 */ 36 requiresSecureDecoderComponent(string mime) 37 generates(bool secureRequired); 38 39 /** 40 * Notify a plugin of the currently configured resolution 41 * 42 * @param width - the display resolutions's width 43 * @param height - the display resolution's height 44 */ 45 notifyResolution(uint32_t width, uint32_t height); 46 47 /** 48 * Associate a mediadrm session with this crypto session 49 * 50 * @param sessionId the MediaDrm session ID to associate with this crypto 51 * session 52 * @return status the status of the call, status must be 53 * ERROR_DRM_SESSION_NOT_OPENED if the session is not opened, or 54 * ERROR_DRM_CANNOT_HANDLE if the operation is not supported by the drm 55 * scheme. 56 */ 57 setMediaDrmSession(vec<uint8_t> sessionId) generates(Status status); 58 59 /** 60 * Set a shared memory base for subsequent decrypt operations. The buffer 61 * base is a hidl_memory which maps shared memory in the HAL module. 62 * After the shared buffer base is established, the decrypt() method 63 * receives SharedBuffer instances which specify the buffer address range 64 * for decrypt source and destination addresses. 65 * 66 * There can be multiple shared buffers per crypto plugin. The buffers 67 * are distinguished by the bufferId. 68 * 69 * @param base the base IMemory of the memory buffer identified by 70 * bufferId 71 * @param bufferId identifies the specific shared buffer for which 72 * the base is being set. 73 */ 74 setSharedBufferBase(memory base, uint32_t bufferId); 75 76 /** 77 * Decrypt an array of subsamples from the source memory buffer to the 78 * destination memory buffer. 79 * 80 * @param secure a flag to indicate if a secure decoder is being used. This 81 * enables the plugin to configure buffer modes to work consistently with 82 * a secure decoder. 83 * @param the keyId for the key that should be used to do the 84 * the decryption. The keyId refers to a key in the associated 85 * MediaDrm instance. 86 * @param iv the initialization vector to use 87 * @param mode the crypto mode to use 88 * @param pattern the crypto pattern to use 89 * @param subSamples a vector of subsamples indicating the number 90 * of clear and encrypted bytes to process. This allows the decrypt 91 * call to operate on a range of subsamples in a single call 92 * @param source the input buffer for the decryption 93 * @param offset the offset of the first byte of encrypted data from 94 * the base of the source buffer 95 * @param destination the output buffer for the decryption 96 * @return status the status of the call. The status must be OK or one of 97 * the following errors: ERROR_DRM_NO_LICENSE if no license keys have been 98 * loaded, ERROR_DRM_LICENSE_EXPIRED if the license keys have expired, 99 * ERROR_DRM_RESOURCE_BUSY if the resources required to perform the 100 * decryption are not available, ERROR_DRM_INSUFFICIENT_OUTPUT_PROTECTION 101 * if required output protections are not active, 102 * ERROR_DRM_SESSION_NOT_OPENED if the decrypt session is not opened, 103 * ERROR_DRM_DECRYPT if the decrypt operation fails, and 104 * ERROR_DRM_CANNOT_HANDLE in other failure cases. 105 * @return bytesWritten the number of bytes output from the decryption 106 * @return detailedError if the error is a vendor-specific error, the 107 * vendor's crypto HAL may provide a detailed error string to help 108 * describe the error. 109 */ 110 decrypt(bool secure, uint8_t[16] keyId, uint8_t[16] iv, Mode mode, 111 Pattern pattern, vec<SubSample> subSamples, 112 SharedBuffer source, uint64_t offset, DestinationBuffer destination) 113 generates(Status status, uint32_t bytesWritten, string detailedError); 114}; 115