drm/1.2/ICryptoPlugin.hal

/**
 * Copyright (C) 2018 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package android.hardware.drm@1.2;

import @1.0::DestinationBuffer;
import @1.0::ICryptoPlugin;
import @1.0::Mode;
import @1.0::Pattern;
import @1.0::SessionId;
import @1.0::SharedBuffer;
import @1.0::SubSample;

/**
 * ICryptoPlugin is the HAL for vendor-provided crypto plugins.
 * It allows crypto sessions to be opened and operated on, to
 * load crypto keys for a codec to decrypt protected video content.
 */
interface ICryptoPlugin extends @1.0::ICryptoPlugin {

    /**
     * Decrypt an array of subsamples from the source memory buffer to the
     * destination memory buffer.
     *
     * decrypt_1_2() only differs from decrypt() in that additional status
     * codes must be returned.
     *
     * @param secure a flag to indicate if a secure decoder is being used. This
     *     enables the plugin to configure buffer modes to work consistently with
     *     a secure decoder.
     * @param the keyId for the key that is used to do the the decryption. The
     *     keyId refers to a key in the associated MediaDrm instance.
     * @param iv the initialization vector to use
     * @param mode the crypto mode to use
     * @param pattern the crypto pattern to use
     * @param subSamples a vector of subsamples indicating the number
     *     of clear and encrypted bytes to process. This allows the decrypt
     *     call to operate on a range of subsamples in a single call
     * @param source the input buffer for the decryption
     * @param offset the offset of the first byte of encrypted data from
     *     the base of the source buffer
     * @param destination the output buffer for the decryption
     * @return status the status of the call. The status must be OK or one
     *     of the following errors:
     *     ERROR_DRM_NO_LICENSE if no license keys have been loaded
     *     ERROR_DRM_LICENSE_EXPIRED if the license keys have expired
     *     ERROR_DRM_RESOURCE_BUSY if the resources required to perform
     *         the decryption are not available
     *     ERROR_DRM_INSUFFICIENT_OUTPUT_PROTECTION if required output
     *         protections are not active
     *     ERROR_DRM_INSUFFICIENT_SECURITY if the security level of the
     *         device is not sufficient to meet the requirements in
     *         the license policy
     *     ERROR_DRM_FRAME_TOO_LARGE if the frame being decrypted into
     *         the secure output buffer exceeds the size of the buffer
     *     ERROR_DRM_SESSION_NOT_OPENED if the decrypt session is not
     *         opened
     *     ERROR_DRM_DECRYPT if the decrypt operation fails
     *     ERROR_DRM_INVALID_STATE if the device is in a state where it
     *         is not able to perform decryption
     *     ERROR_DRM_CANNOT_HANDLE in other failure cases.
     *
     * @return bytesWritten the number of bytes output from the decryption
     * @return detailedError if the error is a vendor-specific error, the
     *     vendor's crypto HAL may provide a detailed error string to help
     *     describe the error.
     */
    decrypt_1_2(bool secure, uint8_t[16] keyId, uint8_t[16] iv, Mode mode,
        Pattern pattern, vec<SubSample> subSamples,
            SharedBuffer source, uint64_t offset, DestinationBuffer destination)
        generates(Status status, uint32_t bytesWritten, string detailedError);
};