Treble HAL interfaces for drm+crypto
b/32815560
Tests: Make completes successfully
Change-Id: Id65cfef95094ccd9a9e95fa567651f94b66aaa51
diff --git a/drm/Android.bp b/drm/Android.bp
new file mode 100644
index 0000000..412e162
--- /dev/null
+++ b/drm/Android.bp
@@ -0,0 +1,5 @@
+// This is an autogenerated file, do not edit.
+subdirs = [
+ "crypto/1.0",
+ "drm/1.0",
+]
diff --git a/drm/crypto/1.0/Android.bp b/drm/crypto/1.0/Android.bp
new file mode 100644
index 0000000..dd6805d
--- /dev/null
+++ b/drm/crypto/1.0/Android.bp
@@ -0,0 +1,64 @@
+// This file is autogenerated by hidl-gen. Do not edit manually.
+
+genrule {
+ name: "android.hardware.drm.crypto@1.0_genc++",
+ tools: ["hidl-gen"],
+ cmd: "$(location hidl-gen) -o $(genDir) -Lc++ -randroid.hardware:hardware/interfaces -randroid.hidl:system/libhidl/transport android.hardware.drm.crypto@1.0",
+ srcs: [
+ "types.hal",
+ "ICryptoFactory.hal",
+ "ICryptoPlugin.hal",
+ ],
+ out: [
+ "android/hardware/drm/crypto/1.0/types.cpp",
+ "android/hardware/drm/crypto/1.0/CryptoFactoryAll.cpp",
+ "android/hardware/drm/crypto/1.0/CryptoPluginAll.cpp",
+ ],
+}
+
+genrule {
+ name: "android.hardware.drm.crypto@1.0_genc++_headers",
+ tools: ["hidl-gen"],
+ cmd: "$(location hidl-gen) -o $(genDir) -Lc++ -randroid.hardware:hardware/interfaces -randroid.hidl:system/libhidl/transport android.hardware.drm.crypto@1.0",
+ srcs: [
+ "types.hal",
+ "ICryptoFactory.hal",
+ "ICryptoPlugin.hal",
+ ],
+ out: [
+ "android/hardware/drm/crypto/1.0/types.h",
+ "android/hardware/drm/crypto/1.0/ICryptoFactory.h",
+ "android/hardware/drm/crypto/1.0/IHwCryptoFactory.h",
+ "android/hardware/drm/crypto/1.0/BnCryptoFactory.h",
+ "android/hardware/drm/crypto/1.0/BpCryptoFactory.h",
+ "android/hardware/drm/crypto/1.0/BsCryptoFactory.h",
+ "android/hardware/drm/crypto/1.0/ICryptoPlugin.h",
+ "android/hardware/drm/crypto/1.0/IHwCryptoPlugin.h",
+ "android/hardware/drm/crypto/1.0/BnCryptoPlugin.h",
+ "android/hardware/drm/crypto/1.0/BpCryptoPlugin.h",
+ "android/hardware/drm/crypto/1.0/BsCryptoPlugin.h",
+ ],
+}
+
+cc_library_shared {
+ name: "android.hardware.drm.crypto@1.0",
+ generated_sources: ["android.hardware.drm.crypto@1.0_genc++"],
+ generated_headers: ["android.hardware.drm.crypto@1.0_genc++_headers"],
+ export_generated_headers: ["android.hardware.drm.crypto@1.0_genc++_headers"],
+ shared_libs: [
+ "libhidlbase",
+ "libhidltransport",
+ "libhwbinder",
+ "liblog",
+ "libutils",
+ "libcutils",
+ "android.hidl.base@1.0",
+ ],
+ export_shared_lib_headers: [
+ "libhidlbase",
+ "libhidltransport",
+ "libhwbinder",
+ "libutils",
+ "android.hidl.base@1.0",
+ ],
+}
diff --git a/drm/crypto/1.0/ICryptoFactory.hal b/drm/crypto/1.0/ICryptoFactory.hal
new file mode 100644
index 0000000..58f86df
--- /dev/null
+++ b/drm/crypto/1.0/ICryptoFactory.hal
@@ -0,0 +1,55 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.drm.crypto@1.0;
+
+import ICryptoPlugin;
+
+/**
+ * Ref: frameworks/native/include/media/hardware/CryptoAPI.h:CryptoFactory
+ *
+ * ICryptoFactory is the main entry point for interacting with a vendor's
+ * crypto HAL to create crypto plugins. Crypto plugins create crypto sessions
+ * which are used by a codec to decrypt protected video content.
+ */
+interface ICryptoFactory {
+ /*
+ * Determine if a crypto scheme is supported by this HAL
+ *
+ * @param uuid identifies the crypto scheme in question
+ * @return isSupported must be true only if the scheme is supported
+ */
+ isCryptoSchemeSupported(uint8_t[16] uuid) generates(bool isSupported);
+
+ /*
+ * Create a crypto plugin for the specified uuid and scheme-specific
+ * initialization data.
+ *
+ * @param uuid uniquely identifies the drm scheme. See
+ * http://dashif.org/identifiers/protection for uuid assignments
+ * @param initData scheme-specific init data.
+ * @return the status of the call
+ * @return the created ICryptoPlugin
+ */
+ createPlugin(uint8_t[16] uuid, vec<uint8_t> initData)
+ generates (Status status, ICryptoPlugin cryptoPlugin);
+
+ /*
+ * Destroy a previously created crypto plugin
+ *
+ * @return status the status of the call
+ */
+ destroyPlugin() generates(Status status);
+};
diff --git a/drm/crypto/1.0/ICryptoPlugin.hal b/drm/crypto/1.0/ICryptoPlugin.hal
new file mode 100644
index 0000000..1255fdb
--- /dev/null
+++ b/drm/crypto/1.0/ICryptoPlugin.hal
@@ -0,0 +1,84 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.drm.crypto@1.0;
+
+import android.hardware.drm.crypto@1.0::types;
+
+/**
+ * Ref: frameworks/native/include/media/hardware/CryptoAPI.h:CryptoPlugin
+ *
+ * ICryptoPlugin is the HAL for vendor-provided crypto plugins.
+ * It allows crypto sessions to be opened and operated on, to
+ * load crypto keys for a codec to decrypt protected video content.
+ */
+interface ICryptoPlugin {
+ /*
+ * Check if the specified mime-type requires a secure decoder
+ * component.
+ *
+ * @param mime The content mime-type
+ * @return secureRequired must be true only if a secure decoder is required
+ * for the specified mime-type
+ */
+ requiresSecureDecoderComponent(string mime)
+ generates(bool secureRequired);
+
+ /*
+ * Notify a plugin of the currently configured resolution
+ *
+ * @param width - the display resolutions's width
+ * @param height - the display resolution's height
+ */
+ notifyResolution(uint32_t width, uint32_t height);
+
+ /*
+ * Associate a mediadrm session with this crypto session
+ *
+ * @param sessionId the MediaDrm session ID to associate with this crypto
+ * session
+ * @return the status of the call
+ */
+ setMediaDrmSession(vec<uint8_t> sessionId) generates(Status status);
+
+ /*
+ * Decrypt an array of subsamples from the source memory buffer to the
+ * destination memory buffer.
+ *
+ * @param secure a flag to indicate if a secure decoder is being used. This
+ * enables the plugin to configure buffer modes to work consistently with
+ * a secure decoder.
+ * @param the keyId for the key that should be used to do the
+ * the decryption. The keyId refers to a key in the associated
+ * MediaDrm instance.
+ * @param iv the initialization vector to use
+ * @param mode the crypto mode to use
+ * @param pattern the crypto pattern to use
+ * @param subSamples a vector of subsamples indicating the number
+ * of clear and encrypted bytes to process. This allows the decrypt
+ * call to operate on a range of subsamples in a single call
+ * @param source the input buffer for the decryption
+ * @param destination the output buffer for the decryption
+ * @return status the status of the call
+ * @return bytesWritten the number of bytes output from the decryption
+ * @return detailedError if the error is a vendor-specific error, the
+ * vendor's crypto HAL may provide a detailed error string to help
+ * describe the error.
+ */
+ decrypt(bool secure, uint8_t[16] keyId, uint8_t[16] iv, Mode mode,
+ Pattern pattern, vec<SubSample> subSamples,
+ memory source, DestinationBuffer destination)
+ generates(Status status, uint32_t bytesWritten, string detailedError);
+};
diff --git a/drm/crypto/1.0/types.hal b/drm/crypto/1.0/types.hal
new file mode 100644
index 0000000..7e853b8
--- /dev/null
+++ b/drm/crypto/1.0/types.hal
@@ -0,0 +1,135 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.drm.crypto@1.0;
+
+enum Status : uint32_t {
+ /**
+ * The Crypto Plugin must return ERROR_DRM_NO_LICENSE if decryption is
+ * attempted when the license keys have not been loaded into the crypto
+ * session.
+ */
+ ERROR_DRM_NO_LICENSE,
+
+ /**
+ * The Crypto Plugin must return ERROR_DRM_LICENSE_EXPIRED if decryption
+ * is attempted when the license keys have expired and are no longer usable.
+ */
+ ERROR_DRM_LICENSE_EXPIRED,
+
+ /**
+ * The Crypto Plugin must return ERROR_DRM_RESOURCE_BUSY when a required
+ * crypto resource cannot be allocated while attempting decryption.
+ */
+ ERROR_DRM_RESOURCE_BUSY,
+
+ /**
+ * The Crypto Plugin must return ERROR_DRM_INSUFFICIENT_OUTPUT_PROTECTION
+ * when the output protection level enabled on the device is not
+ * sufficient to meet the requirements in the license policy. HDCP is an
+ * example of a form of output protection.
+ */
+ ERROR_DRM_INSUFFICIENT_OUTPUT_PROTECTION,
+
+ /**
+ * The Crypto Plugin must return ERROR_DRM_SESSION_NOT_OPENED when
+ * decryption is attempted on a session that is not opened.
+ */
+ ERROR_DRM_SESSION_NOT_OPENED,
+
+ /**
+ * The Crypto Plugin must return ERROR_DRM_CANNOT_HANDLE when an operation
+ * is attempted that cannot be supported by the crypto system of the device.
+ */
+ ERROR_DRM_CANNOT_HANDLE,
+
+ /**
+ * The Crypto Plugin must return ERROR_UNKNOWN_CRYPTO_EXCEPTION in any
+ * fatal condition that is not covered by the other error messages.
+ */
+ ERROR_UNKNOWN_CRYPTO_EXCEPTION,
+};
+
+/**
+ * Enumerate the supported crypto modes
+ */
+enum Mode : uint32_t {
+ UNENCRYPTED = 0, // Samples are unencrypted
+ AES_CTR = 1, // Samples are encrypted with AES CTR mode
+ AES_CBC_CTS = 2, // Samples are encrypted with AES CBC CTS mode
+ AES_CBC = 3, // Samples are encrypted with AES CBC mode
+};
+
+/**
+ * A subsample consists of some number of bytes of clear (unencrypted)
+ * data followed by a number of bytes of encrypted data.
+ */
+struct SubSample {
+ uint32_t numBytesOfClearData;
+ uint32_t numBytesOfEncryptedData;
+};
+
+/**
+ * A crypto Pattern is a repeating sequence of encrypted and clear blocks
+ * occuring within the bytes indicated by mNumBytesOfEncryptedDatad bytes
+ * of a subsample. Patterns are used to reduce the CPU overhead of
+ * decrypting samples. As an example, HLS uses 1:9 patterns where every
+ * 10th block is encrypted.
+ */
+struct Pattern {
+ /**
+ * The number of blocks to be encrypted in the pattern. If zero,
+ * pattern encryption is inoperative.
+ */
+ uint32_t encryptBlocks;
+
+ /**
+ * The number of blocks to be skipped (left clear) in the pattern. If
+ * zero, pattern encryption is inoperative.
+ */
+ uint32_t skipBlocks;
+};
+
+enum BufferType : uint32_t {
+ SHARED_MEMORY = 0,
+ NATIVE_HANDLE = 1,
+};
+
+
+/**
+ * A decrypt destination buffer can be either normal user-space shared
+ * memory for the non-secure decrypt case, or it can be a secure buffer
+ * which is referenced by a native-handle. The native handle is allocated
+ * by the vendor's buffer allocator.
+ */
+struct DestinationBuffer {
+ /**
+ * The type of the buffer
+ */
+ BufferType type;
+
+ /**
+ * If type == SHARED_MEMORY, the decrypted data must be written
+ * to user-space non-secure shared memory.
+ */
+ memory nonsecureMemory;
+
+ /**
+ * If type == NATIVE_HANDLE, the decrypted data must be written
+ * to secure memory referenced by the vendor's buffer allocator.
+ */
+ handle secureMemory;
+};
diff --git a/drm/drm/1.0/Android.bp b/drm/drm/1.0/Android.bp
new file mode 100644
index 0000000..8f198c7
--- /dev/null
+++ b/drm/drm/1.0/Android.bp
@@ -0,0 +1,72 @@
+// This file is autogenerated by hidl-gen. Do not edit manually.
+
+genrule {
+ name: "android.hardware.drm.drm@1.0_genc++",
+ tools: ["hidl-gen"],
+ cmd: "$(location hidl-gen) -o $(genDir) -Lc++ -randroid.hardware:hardware/interfaces -randroid.hidl:system/libhidl/transport android.hardware.drm.drm@1.0",
+ srcs: [
+ "types.hal",
+ "IDrmFactory.hal",
+ "IDrmPlugin.hal",
+ "IDrmPluginListener.hal",
+ ],
+ out: [
+ "android/hardware/drm/drm/1.0/types.cpp",
+ "android/hardware/drm/drm/1.0/DrmFactoryAll.cpp",
+ "android/hardware/drm/drm/1.0/DrmPluginAll.cpp",
+ "android/hardware/drm/drm/1.0/DrmPluginListenerAll.cpp",
+ ],
+}
+
+genrule {
+ name: "android.hardware.drm.drm@1.0_genc++_headers",
+ tools: ["hidl-gen"],
+ cmd: "$(location hidl-gen) -o $(genDir) -Lc++ -randroid.hardware:hardware/interfaces -randroid.hidl:system/libhidl/transport android.hardware.drm.drm@1.0",
+ srcs: [
+ "types.hal",
+ "IDrmFactory.hal",
+ "IDrmPlugin.hal",
+ "IDrmPluginListener.hal",
+ ],
+ out: [
+ "android/hardware/drm/drm/1.0/types.h",
+ "android/hardware/drm/drm/1.0/IDrmFactory.h",
+ "android/hardware/drm/drm/1.0/IHwDrmFactory.h",
+ "android/hardware/drm/drm/1.0/BnDrmFactory.h",
+ "android/hardware/drm/drm/1.0/BpDrmFactory.h",
+ "android/hardware/drm/drm/1.0/BsDrmFactory.h",
+ "android/hardware/drm/drm/1.0/IDrmPlugin.h",
+ "android/hardware/drm/drm/1.0/IHwDrmPlugin.h",
+ "android/hardware/drm/drm/1.0/BnDrmPlugin.h",
+ "android/hardware/drm/drm/1.0/BpDrmPlugin.h",
+ "android/hardware/drm/drm/1.0/BsDrmPlugin.h",
+ "android/hardware/drm/drm/1.0/IDrmPluginListener.h",
+ "android/hardware/drm/drm/1.0/IHwDrmPluginListener.h",
+ "android/hardware/drm/drm/1.0/BnDrmPluginListener.h",
+ "android/hardware/drm/drm/1.0/BpDrmPluginListener.h",
+ "android/hardware/drm/drm/1.0/BsDrmPluginListener.h",
+ ],
+}
+
+cc_library_shared {
+ name: "android.hardware.drm.drm@1.0",
+ generated_sources: ["android.hardware.drm.drm@1.0_genc++"],
+ generated_headers: ["android.hardware.drm.drm@1.0_genc++_headers"],
+ export_generated_headers: ["android.hardware.drm.drm@1.0_genc++_headers"],
+ shared_libs: [
+ "libhidlbase",
+ "libhidltransport",
+ "libhwbinder",
+ "liblog",
+ "libutils",
+ "libcutils",
+ "android.hidl.base@1.0",
+ ],
+ export_shared_lib_headers: [
+ "libhidlbase",
+ "libhidltransport",
+ "libhwbinder",
+ "libutils",
+ "android.hidl.base@1.0",
+ ],
+}
diff --git a/drm/drm/1.0/Android.mk b/drm/drm/1.0/Android.mk
new file mode 100644
index 0000000..fe12192
--- /dev/null
+++ b/drm/drm/1.0/Android.mk
@@ -0,0 +1,438 @@
+# This file is autogenerated by hidl-gen. Do not edit manually.
+
+LOCAL_PATH := $(call my-dir)
+
+################################################################################
+
+include $(CLEAR_VARS)
+LOCAL_MODULE := android.hardware.drm.drm@1.0-java
+LOCAL_MODULE_CLASS := JAVA_LIBRARIES
+
+intermediates := $(local-generated-sources-dir)
+
+HIDL := $(HOST_OUT_EXECUTABLES)/hidl-gen$(HOST_EXECUTABLE_SUFFIX)
+
+LOCAL_JAVA_LIBRARIES := \
+ android.hidl.base@1.0-java \
+
+
+#
+# Build types.hal (EventType)
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/EventType.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::types.EventType
+
+$(GEN): $(LOCAL_PATH)/types.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+#
+# Build types.hal (KeyRequestType)
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyRequestType.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::types.KeyRequestType
+
+$(GEN): $(LOCAL_PATH)/types.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+#
+# Build types.hal (KeyStatus)
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyStatus.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::types.KeyStatus
+
+$(GEN): $(LOCAL_PATH)/types.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+#
+# Build types.hal (KeyStatusType)
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyStatusType.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::types.KeyStatusType
+
+$(GEN): $(LOCAL_PATH)/types.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+#
+# Build types.hal (KeyType)
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyType.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::types.KeyType
+
+$(GEN): $(LOCAL_PATH)/types.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+#
+# Build types.hal (KeyValue)
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyValue.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::types.KeyValue
+
+$(GEN): $(LOCAL_PATH)/types.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+#
+# Build types.hal (SecureStop)
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/SecureStop.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::types.SecureStop
+
+$(GEN): $(LOCAL_PATH)/types.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+#
+# Build IDrmFactory.hal
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/IDrmFactory.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/IDrmFactory.hal
+$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/IDrmPlugin.hal
+$(GEN): $(LOCAL_PATH)/IDrmPlugin.hal
+$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/types.hal
+$(GEN): $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::IDrmFactory
+
+$(GEN): $(LOCAL_PATH)/IDrmFactory.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+#
+# Build IDrmPlugin.hal
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/IDrmPlugin.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/IDrmPlugin.hal
+$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/IDrmPluginListener.hal
+$(GEN): $(LOCAL_PATH)/IDrmPluginListener.hal
+$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/types.hal
+$(GEN): $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::IDrmPlugin
+
+$(GEN): $(LOCAL_PATH)/IDrmPlugin.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+#
+# Build IDrmPluginListener.hal
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/IDrmPluginListener.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/IDrmPluginListener.hal
+$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/types.hal
+$(GEN): $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::IDrmPluginListener
+
+$(GEN): $(LOCAL_PATH)/IDrmPluginListener.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+include $(BUILD_JAVA_LIBRARY)
+
+
+################################################################################
+
+include $(CLEAR_VARS)
+LOCAL_MODULE := android.hardware.drm.drm@1.0-java-static
+LOCAL_MODULE_CLASS := JAVA_LIBRARIES
+
+intermediates := $(local-generated-sources-dir)
+
+HIDL := $(HOST_OUT_EXECUTABLES)/hidl-gen$(HOST_EXECUTABLE_SUFFIX)
+
+LOCAL_STATIC_JAVA_LIBRARIES := \
+ android.hidl.base@1.0-java-static \
+
+
+#
+# Build types.hal (EventType)
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/EventType.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::types.EventType
+
+$(GEN): $(LOCAL_PATH)/types.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+#
+# Build types.hal (KeyRequestType)
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyRequestType.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::types.KeyRequestType
+
+$(GEN): $(LOCAL_PATH)/types.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+#
+# Build types.hal (KeyStatus)
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyStatus.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::types.KeyStatus
+
+$(GEN): $(LOCAL_PATH)/types.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+#
+# Build types.hal (KeyStatusType)
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyStatusType.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::types.KeyStatusType
+
+$(GEN): $(LOCAL_PATH)/types.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+#
+# Build types.hal (KeyType)
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyType.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::types.KeyType
+
+$(GEN): $(LOCAL_PATH)/types.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+#
+# Build types.hal (KeyValue)
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/KeyValue.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::types.KeyValue
+
+$(GEN): $(LOCAL_PATH)/types.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+#
+# Build types.hal (SecureStop)
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/SecureStop.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::types.SecureStop
+
+$(GEN): $(LOCAL_PATH)/types.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+#
+# Build IDrmFactory.hal
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/IDrmFactory.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/IDrmFactory.hal
+$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/IDrmPlugin.hal
+$(GEN): $(LOCAL_PATH)/IDrmPlugin.hal
+$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/types.hal
+$(GEN): $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::IDrmFactory
+
+$(GEN): $(LOCAL_PATH)/IDrmFactory.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+#
+# Build IDrmPlugin.hal
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/IDrmPlugin.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/IDrmPlugin.hal
+$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/IDrmPluginListener.hal
+$(GEN): $(LOCAL_PATH)/IDrmPluginListener.hal
+$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/types.hal
+$(GEN): $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::IDrmPlugin
+
+$(GEN): $(LOCAL_PATH)/IDrmPlugin.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+#
+# Build IDrmPluginListener.hal
+#
+GEN := $(intermediates)/android/hardware/drm/drm/1.0/IDrmPluginListener.java
+$(GEN): $(HIDL)
+$(GEN): PRIVATE_HIDL := $(HIDL)
+$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/IDrmPluginListener.hal
+$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/types.hal
+$(GEN): $(LOCAL_PATH)/types.hal
+$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
+$(GEN): PRIVATE_CUSTOM_TOOL = \
+ $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
+ -Ljava \
+ -randroid.hardware:hardware/interfaces \
+ -randroid.hidl:system/libhidl/transport \
+ android.hardware.drm.drm@1.0::IDrmPluginListener
+
+$(GEN): $(LOCAL_PATH)/IDrmPluginListener.hal
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+include $(BUILD_STATIC_JAVA_LIBRARY)
+
+
+
+include $(call all-makefiles-under,$(LOCAL_PATH))
diff --git a/drm/drm/1.0/IDrmFactory.hal b/drm/drm/1.0/IDrmFactory.hal
new file mode 100644
index 0000000..a4ee0f1
--- /dev/null
+++ b/drm/drm/1.0/IDrmFactory.hal
@@ -0,0 +1,56 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.drm.drm@1.0;
+
+import IDrmPlugin;
+
+/**
+ * Ref: frameworks/native/include/media/drm/DrmAPI.h:DrmFactory
+ *
+ * IDrmFactory is the main entry point for interacting with a vendor's
+ * drm HAL to create drm plugin instances. A drm plugin instance
+ * creates drm sessions which are used to obtain keys for a crypto
+ * session so it can decrypt* protected video content.
+ */
+
+interface IDrmFactory {
+ /*
+ * Determine if a crypto scheme is supported by this HAL
+ *
+ * @param uuid identifies the crypto scheme in question
+ * @return isSupported must be true only if the scheme is supported
+ */
+ isCryptoSchemeSupported(uint8_t[16] uuid) generates(bool isSupported);
+
+ /*
+ * Create a drm plugin instance for the specified uuid and scheme-specific
+ * initialization data.
+ *
+ * @param uuid uniquely identifies the drm scheme. See
+ * http://dashif.org/identifiers/protection for uuid assignments
+ * @param initData scheme-specific init data.
+ * @return the status of the call
+ * @return the created IDrmPlugin
+ */
+ createPlugin(uint8_t[16] uuid, vec<uint8_t> initData)
+ generates (Status status, IDrmPlugin drmPlugin);
+
+ /*
+ * Destroy a previously created drm plugin
+ * @return status the status of the call
+ */
+ destroyPlugin() generates(Status status);
+};
diff --git a/drm/drm/1.0/IDrmPlugin.hal b/drm/drm/1.0/IDrmPlugin.hal
new file mode 100644
index 0000000..7f396d9
--- /dev/null
+++ b/drm/drm/1.0/IDrmPlugin.hal
@@ -0,0 +1,444 @@
+/**
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.drm.drm@1.0;
+
+import IDrmPluginListener;
+
+/**
+ * Ref: frameworks/native/include/media/drm/DrmAPI.h:DrmPlugin
+ *
+ * IDrmPlugin is used to interact with a specific drm plugin that was
+ * created by IDrm::createPlugin. A drm plugin provides methods for
+ * obtaining drm keys that may be used by a codec to decrypt protected
+ * video content.
+ */
+interface IDrmPlugin {
+
+ /**
+ * Open a new session with the DrmPlugin object. A session ID is returned
+ * in the sessionId parameter.
+ * @return status the status of the call
+ */
+ openSession() generates (SessionId sessionId, Status status);
+
+ /**
+ * Close a session on the DrmPlugin object
+ *
+ * @param sessionId the session id the call applies to
+ * @return status the status of the call
+ */
+ closeSession(SessionId sessionId) generates (Status status);
+
+ /**
+ * A key request/response exchange occurs between the app and a License
+ * Server to obtain the keys required to decrypt the content.
+ * getKeyRequest() is used to obtain an opaque key request blob that is
+ * delivered to the license server.
+ *
+ * @param scope may be a sessionId or a keySetId, depending on the
+ * specified keyType. When the keyType is OFFLINE or STREAMING,
+ * scope should be set to the sessionId the keys will be provided to.
+ * When the keyType is RELEASE, scope should be set to the keySetId
+ * of the keys being released.
+ * @param initData container-specific data, its meaning is interpreted
+ * based on the mime type provided in the mimeType parameter. It could
+ * contain, for example, the content ID, key ID or other data obtained
+ * from the content metadata that is required to generate the key request.
+ * initData may be empty when keyType is RELEASE.
+ * @param mimeType identifies the mime type of the content
+ * @param keyType specifies if the keys are to be used for streaming,
+ * offline or a release
+ * @param optionalParameters included in the key request message to
+ * allow a client application to provide additional message parameters to
+ * the server.
+ *
+ * @return request if successful, the opaque key request blob is returned
+ * @return requestType indicates type information about the returned
+ * request. The type may be one of INITIAL, RENEWAL or RELEASE. An
+ * INITIAL request is the first key request for a license. RENEWAL is a
+ * subsequent key request used to refresh the keys in a license. RELEASE
+ * corresponds to a keyType of RELEASE, which indicates keys are being
+ * released.
+ * @return status the status of the call
+ * @return defaultUrl the URL that the request may be sent to, if
+ * provided by the drm HAL. The app may choose to override this
+ * URL.
+ */
+ getKeyRequest(vec<uint8_t> scope, vec<uint8_t> initData,
+ string mimeType, KeyType keyType, KeyedVector optionalParameters)
+ generates (vec<uint8_t> request, KeyRequestType requestType,
+ Status status, string defaultUrl);
+
+ /**
+ * After a key response is received by the app, it is provided to the
+ * Drm plugin using provideKeyResponse.
+ *
+ * @param scope may be a sessionId or a keySetId depending on the type
+ * of the response. Scope should be set to the sessionId when the response
+ * is for either streaming or offline key requests. Scope should be set to
+ * the keySetId when the response is for a release request.
+ * @param response the response from the key server that is being
+ * provided to the drm HAL.
+ *
+ * @return keySetId when the response is for an offline key request, a
+ * keySetId is returned in the keySetId vector parameter that can be used
+ * to later restore the keys to a new session with the method restoreKeys.
+ * When the response is for a streaming or release request, no keySetId is
+ * returned.
+ *
+ * @return status the status of the call
+ */
+ provideKeyResponse(vec<uint8_t> scope,
+ vec<uint8_t> response) generates (vec<uint8_t> keySetId, Status status);
+
+ /**
+ * Remove the current keys from a session
+ *
+ * @param sessionId the session id the call applies to
+ * @return status the status of the call
+ */
+ removeKeys(SessionId sessionId) generates (Status status);
+
+ /**
+ * Restore persisted offline keys into a new session
+ *
+ * @param sessionId the session id the call applies to
+ * @param keySetId identifies the keys to load, obtained from a prior
+ * call to provideKeyResponse().
+ * @return status the status of the call
+ */
+ restoreKeys(SessionId sessionId,
+ vec<uint8_t> keySetId) generates (Status status);
+
+ /*
+ * Request an informative description of the license for the session. The
+ * status is in the form of {name, value} pairs. Since DRM license policies
+ * vary by vendor, the specific status field names are determined by each
+ * DRM vendor. Refer to your DRM provider documentation for definitions of
+ * the field names for a particular drm scheme.
+ *
+ * @param sessionId the session id the call applies to
+ * @return infoList a list of name value pairs describing the license
+ * @return status the status of the call
+ */
+ queryKeyStatus(SessionId sessionId)
+ generates (KeyedVector infoList, Status status);
+
+ /**
+ * A provision request/response exchange occurs between the app and a
+ * provisioning server to retrieve a device certificate. getProvisionRequest
+ * is used to obtain an opaque key request blob that is delivered to the
+ * provisioning server.
+ *
+ * @param certificateType the type of certificate requested, e.g. "X.509"
+ * @param certificateAuthority identifies the certificate authority. A
+ * certificate authority (CA) is an entity which issues digital certificates
+ * for use by other parties. It is an example of a trusted third party
+ * @return if successful the opaque certirequest blob is returned
+ * @return status the status of the call
+ */
+ getProvisionRequest(string certificateType, string certificateAuthority)
+ generates (vec<uint8_t> request, string defaultUrl, Status status);
+
+ /**
+ * After a provision response is received by the app from a provisioning
+ * server, it can be provided to the Drm HAL using provideProvisionResponse.
+ *
+ * @param response the opaque provisioning response received by the
+ * app from a provisioning server
+ * @return certificate the public certificate resulting from the provisioning
+ * operation, if any. An empty vector indicates that no certificate was
+ * returned.
+ * @return wrappedKey an opaque object containing encrypted private key
+ * material to be used by signRSA when computing an RSA signature on a
+ * message, see the signRSA method.
+ * @return status the status of the call
+ */
+ provideProvisionResponse(vec<uint8_t> response)
+ generates (vec<uint8_t> certificate, vec<uint8_t> wrappedKey,
+ Status status);
+
+ /**
+ * SecureStop is a way of enforcing the concurrent stream limit per
+ * subscriber. It can securely monitor the lifetime of sessions across
+ * device reboots by periodically persisting the session lifetime
+ * status in secure storage.
+ *
+ * A signed version of the sessionID is written to persistent storage on the
+ * device when each MediaCrypto object is created and periodically during
+ * playback. The sessionID is signed by the device private key to prevent
+ * tampering.
+ *
+ * When playback is completed the session is destroyed, and the secure
+ * stops are queried by the app. The app then delivers the secure stop
+ * message to a server which verifies the signature to confirm that the
+ * session and its keys have been removed from the device. The persisted
+ * record on the device is removed after receiving and verifying the
+ * signed response from the server.
+ */
+
+ /**
+ * Get all secure stops on the device
+ *
+ * @return secureStops a list of the secure stop opaque objects
+ * @return status the status of the call
+ */
+ getSecureStops() generates
+ (vec<SecureStop> secureStops, Status status);
+
+ /**
+ * Get all secure stops by secure stop ID
+ *
+ * @param secureStopId the ID of the secure stop to return. The
+ * secure stop ID is delivered by the key server as part of the key
+ * response and must also be known by the app.
+ *
+ * @return the secure stop opaque object
+ * @return status the status of the call
+ */
+ getSecureStop(SecureStopId secureStopId)
+ generates (SecureStop secureStop, Status status);
+
+ /**
+ * Release all secure stops on the device
+ *
+ * @return status the status of the call
+ */
+ releaseAllSecureStops() generates (Status status);
+
+ /**
+ * Release a secure stop by secure stop ID
+ *
+ * @param secureStopId the ID of the secure stop to release. The
+ * secure stop ID is delivered by the key server as part of the key
+ * response and must also be known by the app.
+ *
+ * @return status the status of the call
+ */
+ releaseSecureStop(vec<uint8_t> secureStopId) generates (Status status);
+
+ /**
+ * A drm scheme can have properties that are settable and readable
+ * by an app. There are a few forms of property access methods,
+ * depending on the data type of the property.
+ *
+ * Property values defined by the public API are:
+ * "vendor" [string] identifies the maker of the drm scheme
+ * "version" [string] identifies the version of the drm scheme
+ * "description" [string] describes the drm scheme
+ * 'deviceUniqueId' [byte array] The device unique identifier is
+ * established during device provisioning and provides a means of
+ * uniquely identifying each device.
+ *
+ * Since drm scheme properties may vary, additional field names may be
+ * defined by each DRM vendor. Refer to your DRM provider documentation
+ * for definitions of its additional field names.
+ */
+
+ /**
+ * Read a string property value given the property name.
+ *
+ * @param propertyName the name of the property
+ * @return the property value string
+ * @return status the status of the call
+ */
+ getPropertyString(string propertyName)
+ generates (string value, Status status);
+
+ /**
+ * Read a byte array property value given the property name.
+ *
+ * @param propertyName the name of the property
+ * @return the property value byte array
+ * @return status the status of the call
+ */
+ getPropertyByteArray(string propertyName)
+ generates (vec<uint8_t> value, Status status);
+
+ /**
+ * Write a property string value given the property name
+ *
+ * @param propertyName the name of the property
+ * @param value the value to write
+ * @return status the status of the call
+ */
+ setPropertyString(string propertyName, string value )
+ generates (Status status);
+
+ /**
+ * Write a property byte array value given the property name
+ *
+ * @param propertyName the name of the property
+ * @param value the value to write
+ * @return status the status of the call
+ */
+ setPropertyByteArray(string propertyName, vec<uint8_t> value )
+ generates (Status status);
+
+ /**
+ * The following methods implement operations on a CryptoSession to support
+ * encrypt, decrypt, sign verify operations on operator-provided
+ * session keys.
+ */
+
+ /**
+ * Set the cipher algorithm to be used for the specified session.
+ *
+ * @param sessionId the session id the call applies to
+ * @param algorithm the algorithm to use. The string conforms to JCA
+ * Standard Names for Cipher Transforms and is case insensitive. An
+ * example algorithm is "AES/CBC/PKCS5Padding".
+ * @return status the status of the call
+ */
+ setCipherAlgorithm(SessionId sessionId, string algorithm)
+ generates (Status status);
+
+ /**
+ * Set the MAC algorithm to be used for computing hashes in a session.
+ *
+ * @param sessionId the session id the call applies to
+ * @param algorithm the algorithm to use. The string conforms to JCA
+ * Standard Names for Mac Algorithms and is case insensitive. An example MAC
+ * algorithm string is "HmacSHA256".
+ * @return status the status of the call
+ */
+ setMacAlgorithm(SessionId sessionId, string algorithm)
+ generates (Status status);
+
+ /**
+ * Encrypt the provided input buffer with the cipher algorithm specified by
+ * setCipherAlgorithm and the key selected by keyId, and return the
+ * encrypted data.
+ *
+ * @param sessionId the session id the call applies to
+ * @param keyId the ID of the key to use for encryption
+ * @param input the input data to encrypt
+ * @param iv the initialization vector to use for encryption
+ * @return output the decrypted data
+ * @return status the status of the call
+ */
+ encrypt(SessionId sessionId, vec<uint8_t> keyId, vec<uint8_t> input,
+ vec<uint8_t> iv)
+ generates (vec<uint8_t> output, Status status);
+
+ /**
+ * Decrypt the provided input buffer with the cipher algorithm
+ * specified by setCipherAlgorithm and the key selected by keyId,
+ * and return the decrypted data.
+ *
+ * @param sessionId the session id the call applies to
+ * @param keyId the ID of the key to use for decryption
+ * @param input the input data to decrypt
+ * @param iv the initialization vector to use for decryption
+ * @return output the decrypted data
+ * @return status the status of the call
+ */
+ decrypt(SessionId sessionId, vec<uint8_t> keyId, vec<uint8_t> input,
+ vec<uint8_t> iv) generates (vec<uint8_t> output, Status status);
+
+ /**
+ * Compute a signature over the provided message using the mac algorithm
+ * specified by setMacAlgorithm and the key selected by keyId and return
+ * the signature.
+ *
+ * @param sessionId the session id the call applies to
+ * @param keyId the ID of the key to use for decryption
+ * @param message the message to compute a signature over
+ * @return the computed signature
+ * @return status the status of the call
+ */
+ sign(SessionId sessionId, vec<uint8_t> keyId, vec<uint8_t> message)
+ generates (vec<uint8_t> signature, Status status);
+
+ /**
+ * Compute a hash of the provided message using the mac algorithm specified
+ * by setMacAlgorithm and the key selected by keyId, and compare with the
+ * expected result.
+ *
+ * @param sessionId the session id the call applies to
+ * @param keyId the ID of the key to use for decryption
+ * @param message the message to compute a hash of
+ * @return status the status of the call
+ */
+ verify(SessionId sessionId, vec<uint8_t> keyId, vec<uint8_t> message,
+ vec<uint8_t> signature) generates (bool match, Status status);
+
+ /**
+ * Compute an RSA signature on the provided message using the specified
+ * algorithm.
+ *
+ * @param algorithm the signing algorithm, such as "RSASSA-PSS-SHA1"
+ * or "PKCS1-BlockType1"
+ * @param sessionId the session id the call applies to
+ * @param wrappedKey the private key returned during provisioning
+ * as returned by provideProvisionResponse.
+ * @return signature the RSA signature computed over the message
+ * @return status the status of the call
+ */
+ signRSA(SessionId sessionId, string algorithm, vec<uint8_t> message,
+ vec<uint8_t> wrappedkey)
+ generates (vec<uint8_t> signature, Status status);
+
+ /**
+ * Set a listener for a drm session. This allows the drm HAL to
+ * make asynchronous calls back to the client of IDrm.
+ *
+ * @param listener instance of IDrmPluginListener to receive the events
+ */
+ setListener(IDrmPluginListener listener);
+
+ /**
+ * HAL implementations call the following methods to deliver events to the
+ * listener
+ */
+
+ /**
+ * Legacy event sending method, it sends events of various types using a
+ * single overloaded set of parameters. This form is deprecated.
+ *
+ * @param eventType the type of the event
+ * @param sessionId identifies the session the event originated from
+ * @param data event-specific data blob
+ */
+ oneway sendEvent(EventType eventType, SessionId sessionId,
+ vec<uint8_t> data);
+
+ /**
+ * Send a license expiration update to the listener. The expiration
+ * update indicates how long the current keys are valid before they
+ * need to be renewed.
+ *
+ * @param sessionId identifies the session the event originated from
+ * @param expiryTimeInMS the time when the keys need to be renewed.
+ * The time is in milliseconds, relative to the Unix epoch. A time of 0
+ * indicates that the keys never expire.
+ */
+ oneway sendExpirationUpdate(SessionId sessionId, int64_t expiryTimeInMS);
+
+ /**
+ * Send a keys change event to the listener. The keys change event
+ * indicates the status of each key in the session. `Keys can be
+ * indicated as being usable, expired, outputnotallowed or statuspending.
+ *
+ * @param sessionId identifies the session the event originated from
+ * @param keyStatusList indicates the status for each key ID in the
+ * session.
+ * @param hasNewUsableKey indicates if the event includes at least one
+ * key that has become usable.
+ */
+ oneway sendKeysChange(SessionId sessionId, vec<KeyStatus> keyStatusList,
+ bool hasNewUsableKey);
+};
diff --git a/drm/drm/1.0/IDrmPluginListener.hal b/drm/drm/1.0/IDrmPluginListener.hal
new file mode 100644
index 0000000..fe2d998
--- /dev/null
+++ b/drm/drm/1.0/IDrmPluginListener.hal
@@ -0,0 +1,66 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.drm.drm@1.0;
+
+import android.hardware.drm.drm@1.0::types;
+
+/**
+ * Ref: frameworks/native/include/media/drm/DrmAPI.h:DrmPluginListener
+ */
+
+/**
+ * IDrmPluginListener is a listener interface for Drm events sent from an
+ * IDrmPlugin instance.
+ */
+interface IDrmPluginListener {
+
+ /**
+ * Legacy event sending method, it sends events of various types using a
+ * single overloaded set of parameters. This form is deprecated.
+ *
+ * @param eventType the type of the event
+ * @param sessionId identifies the session the event originated from
+ * @param data event-specific data blob
+ */
+ sendEvent(EventType eventType, SessionId sessionId, vec<uint8_t> data);
+
+ /**
+ * Send a license expiration update to the listener. The expiration
+ * update indicates how long the current keys are valid before they
+ * need to be renewed.
+ *
+ * @param sessionId identifies the session the event originated from
+ * @param expiryTimeInMS the time when the keys need to be renewed.
+ * The time is in milliseconds, relative to the Unix epoch. A time
+ * of 0 indicates that the keys never expire.
+ */
+ sendExpirationUpdate(SessionId sessionId, int64_t expiryTimeInMS);
+
+ /**
+ * Send a keys change event to the listener. The keys change event
+ * indicates the status of each key in the session. Keys can be
+ * indicated as being usable, expired, outputnotallowed or statuspending.
+ *
+ * @param sessionId identifies the session the event originated from
+ * @param keyStatusList indicates the status for each key ID in the
+ * session.
+ * @param hasNewUsableKey indicates if the event includes at least one
+ * key that has become usable.
+ */
+ sendKeysChange(SessionId sessionId, vec<KeyStatus> keyStatusList,
+ bool hasNewUsableKey);
+};
diff --git a/drm/drm/1.0/types.hal b/drm/drm/1.0/types.hal
new file mode 100644
index 0000000..05101c9
--- /dev/null
+++ b/drm/drm/1.0/types.hal
@@ -0,0 +1,228 @@
+/**
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.drm.drm@1.0;
+
+enum Status : uint32_t {
+ /**
+ * The DRM plugin must return ERROR_DRM_NO_LICENSE, when decryption is
+ * attempted and no license keys have been provided.
+ */
+ ERROR_DRM_NO_LICENSE,
+
+ /**
+ * ERROR_DRM_LICENSE_EXPIRED must be returned when an attempt is made
+ * to use a license and the keys in that license have expired.
+ */
+ ERROR_DRM_LICENSE_EXPIRED,
+
+ /**
+ * The DRM plugin must return ERROR_DRM_SESSION_NOT_OPENED when an
+ * attempt is made to use a session that has not been opened.
+ */
+ ERROR_DRM_SESSION_NOT_OPENED,
+
+ /**
+ * The DRM plugin must return ERROR_DRM_CANNOT_HANDLE when an unsupported
+ * data format or operation is attempted.
+ */
+ ERROR_DRM_CANNOT_HANDLE,
+
+ /**
+ * ERROR_DRM_INVALID_STATE must be returned when the device is in a state
+ * where it is not able to perform decryption.
+ */
+ ERROR_DRM_INVALID_STATE,
+
+ /**
+ * The Drm plugin must return BAD_VALUE whenever an illegal parameter is
+ * passed to one of the interface functions.
+ */
+ BAD_VALUE,
+
+ /**
+ * The DRM plugin must return ERROR_DRM_NOT_PROVISIONED from getKeyRequest,
+ * openSession or provideKeyResponse when the device has not yet been
+ * provisioned.
+ */
+ ERROR_DRM_NOT_PROVISIONED,
+
+ /**
+ * ERROR_DRM_RESOURCE_BUSY must be returned when resources, such as drm
+ * sessions or secure buffers are not available to perform a requested
+ * operation because they are already in use.
+ */
+ ERROR_DRM_RESOURCE_BUSY,
+
+ /**
+ * The Drm Plugin must return ERROR_DRM_DEVICE_REVOKED from
+ * provideProvisionResponse and provideKeyResponse if the response indicates
+ * that the device has been revoked. Device revocation means that the device
+ * is no longer permitted to play content.
+ */
+ ERROR_DRM_DEVICE_REVOKED,
+
+ /**
+ * ERROR_DRM_UNKNOWN must be returned when a fatal failure occurs and no
+ * other defined error is appropriate.
+ */
+ ERROR_DRM_UNKNOWN,
+};
+
+
+/**
+ * EventType enumerates the events that can be delivered by sendEvent
+ */
+enum EventType : uint32_t {
+ /**
+ * This event type indicates that the app needs to request a certificate
+ * from the provisioning server. The request message data is obtained using
+ * getProvisionRequest().
+ */
+ PROVISION_REQUIRED,
+
+ /**
+ * This event type indicates that the app needs to request keys from a
+ * license server. The request message data is obtained using getKeyRequest.
+ */
+ KEY_NEEDED,
+
+ /**
+ * This event type indicates that the licensed usage duration for keys in a
+ * session has expired. The keys are no longer valid.
+ */
+ KEY_EXPIRED,
+
+ /**
+ * This event may indicate some specific vendor-defined condition, see your
+ * DRM provider documentation for details.
+ */
+ VENDOR_DEFINED,
+
+ /**
+ * This event indicates that a session opened by the app has been reclaimed
+ * by the resource manager.
+ */
+ SESSION_RECLAIMED,
+};
+
+enum KeyType : uint32_t {
+ /**
+ * Drm keys can be for offline content or for online streaming.
+ * Offline keys are persisted on the device and may be used when the device
+ * is disconnected from the network.
+ */
+ OFFLINE,
+
+ /**
+ * Keys for streaming are not persisted and require the device to be
+ * connected to the network for periodic renewal.
+ */
+ STREAMING,
+
+ /**
+ * The Release type is used to request that offline keys be no longer
+ * restricted to offline use.
+ */
+ RELEASE,
+};
+
+/**
+ * Enumerate KeyRequestTypes to allow an app to determine the type of a key
+ * request returned from getKeyRequest.
+ */
+enum KeyRequestType : uint32_t {
+ /**
+ * Key request type is for an initial license request
+ */
+ INITIAL,
+
+ /**
+ * Key request type is for license renewal. Renewal requests are used
+ * to extend the validity period for streaming keys.
+ */
+ RENEWAL,
+
+ /**
+ * Key request type is a release. A key release causes offline keys
+ * to become available for streaming.
+ */
+ RELEASE,
+};
+
+/**
+ * Enumerate KeyStatusTypes which indicate the state of a key
+ */
+enum KeyStatusType : uint32_t {
+ /**
+ * The key is currently usable to decrypt media data.
+ */
+ USABLE,
+
+ /**
+ * The key is no longer usable to decrypt media data because its expiration
+ * time has passed.
+ */
+ EXPIRED,
+
+ /**
+ * The key is not currently usable to decrypt media data because its output
+ * requirements cannot currently be met.
+ */
+ OUTPUTNOTALLOWED,
+
+ /**
+ * The status of the key is not yet known and is being determined.
+ */
+ STATUSPENDING,
+
+ /**
+ * The key is not currently usable to decrypt media data because of an
+ * internal error in processing unrelated to input parameters.
+ */
+ INTERNALERROR,
+};
+
+typedef vec<uint8_t> SessionId;
+
+/**
+ * Used by sendKeysChange to report the usability status of each key to the
+ * app.
+ */
+struct KeyStatus
+{
+ vec<uint8_t> keyId;
+ KeyStatusType type;
+};
+
+/**
+ * Simulates a KeyedVector<String8, String8>
+ */
+struct KeyValue {
+ string key;
+ string value;
+};
+
+typedef vec<KeyValue> KeyedVector;
+
+/**
+ * Encapsulates a secure stop opaque object
+ */
+struct SecureStop {
+ vec<uint8_t> opaqueData;
+};
+
+typedef vec<uint8_t> SecureStopId;