1 /*
2  * Copyright (C) 2018 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef CLEARKEY_DRM_PLUGIN_H_
18 #define CLEARKEY_DRM_PLUGIN_H_
19 
20 #include <android/hardware/drm/1.2/IDrmPlugin.h>
21 #include <android/hardware/drm/1.2/IDrmPluginListener.h>
22 
23 #include <map>
24 #include <stdio.h>
25 
26 #include <utils/List.h>
27 
28 #include "DeviceFiles.h"
29 #include "SessionLibrary.h"
30 #include "Utils.h"
31 
32 namespace android {
33 namespace hardware {
34 namespace drm {
35 namespace V1_2 {
36 namespace clearkey {
37 
38 namespace drm = ::android::hardware::drm;
39 using drm::V1_0::EventType;
40 using drm::V1_0::IDrmPluginListener;
41 using drm::V1_0::KeyRequestType;
42 using drm::V1_0::KeyStatus;
43 using drm::V1_0::KeyType;
44 using drm::V1_0::KeyValue;
45 using drm::V1_0::SecureStop;
46 using drm::V1_0::SecureStopId;
47 using drm::V1_0::SessionId;
48 using drm::V1_0::Status;
49 using drm::V1_1::DrmMetricGroup;
50 using drm::V1_1::HdcpLevel;
51 using drm::V1_1::SecureStopRelease;
52 using drm::V1_1::SecurityLevel;
53 using drm::V1_2::IDrmPlugin;
54 using drm::V1_2::KeySetId;
55 using drm::V1_2::OfflineLicenseState;
56 
57 using ::android::hardware::hidl_string;
58 using ::android::hardware::hidl_vec;
59 using ::android::hardware::Return;
60 using ::android::hardware::Void;
61 using ::android::sp;
62 
63 typedef drm::V1_1::KeyRequestType KeyRequestType_V1_1;
64 typedef drm::V1_2::IDrmPluginListener IDrmPluginListener_V1_2;
65 typedef drm::V1_2::KeyStatus KeyStatus_V1_2;
66 typedef drm::V1_2::Status Status_V1_2;
67 typedef drm::V1_2::HdcpLevel HdcpLevel_V1_2;
68 
69 struct DrmPlugin : public IDrmPlugin {
70     explicit DrmPlugin(SessionLibrary* sessionLibrary);
71 
~DrmPluginDrmPlugin72     virtual ~DrmPlugin() { mFileHandle.DeleteAllLicenses(); }
73 
74     Return<void> openSession(openSession_cb _hidl_cb) override;
75     Return<void> openSession_1_1(SecurityLevel securityLevel,
76             openSession_cb _hidl_cb) override;
77 
78     Return<Status> closeSession(const hidl_vec<uint8_t>& sessionId) override;
79 
80     Return<void> getKeyRequest(
81         const hidl_vec<uint8_t>& scope,
82         const hidl_vec<uint8_t>& initData,
83         const hidl_string& mimeType,
84         KeyType keyType,
85         const hidl_vec<KeyValue>& optionalParameters,
86         getKeyRequest_cb _hidl_cb) override;
87 
88     Return<void> getKeyRequest_1_1(
89         const hidl_vec<uint8_t>& scope,
90         const hidl_vec<uint8_t>& initData,
91         const hidl_string& mimeType,
92         KeyType keyType,
93         const hidl_vec<KeyValue>& optionalParameters,
94         getKeyRequest_1_1_cb _hidl_cb) override;
95 
96     Return<void> getKeyRequest_1_2(
97         const hidl_vec<uint8_t>& scope,
98         const hidl_vec<uint8_t>& initData,
99         const hidl_string& mimeType,
100         KeyType keyType,
101         const hidl_vec<KeyValue>& optionalParameters,
102         getKeyRequest_1_2_cb _hidl_cb) override;
103 
104     Return<void> provideKeyResponse(
105         const hidl_vec<uint8_t>& scope,
106         const hidl_vec<uint8_t>& response,
107         provideKeyResponse_cb _hidl_cb) override;
108 
removeKeysDrmPlugin109     Return<Status> removeKeys(const hidl_vec<uint8_t>& sessionId) {
110         if (sessionId.size() == 0) {
111             return Status::BAD_VALUE;
112         }
113         return Status::ERROR_DRM_CANNOT_HANDLE;
114     }
115 
116     Return<Status> restoreKeys(
117         const hidl_vec<uint8_t>& sessionId,
118         const hidl_vec<uint8_t>& keySetId) override;
119 
120     Return<void> queryKeyStatus(
121         const hidl_vec<uint8_t>& sessionId,
122         queryKeyStatus_cb _hidl_cb) override;
123 
getProvisionRequestDrmPlugin124     Return<void> getProvisionRequest(
125         const hidl_string& certificateType,
126         const hidl_string& certificateAuthority,
127         getProvisionRequest_cb _hidl_cb) {
128         UNUSED(certificateType);
129         UNUSED(certificateAuthority);
130 
131         hidl_string defaultUrl;
132         _hidl_cb(Status::ERROR_DRM_CANNOT_HANDLE, hidl_vec<uint8_t>(), defaultUrl);
133         return Void();
134     }
135 
getProvisionRequest_1_2DrmPlugin136     Return<void> getProvisionRequest_1_2(
137         const hidl_string& certificateType,
138         const hidl_string& certificateAuthority,
139         getProvisionRequest_1_2_cb _hidl_cb) {
140         UNUSED(certificateType);
141         UNUSED(certificateAuthority);
142 
143         hidl_string defaultUrl;
144         _hidl_cb(Status_V1_2::ERROR_DRM_CANNOT_HANDLE, hidl_vec<uint8_t>(), defaultUrl);
145         return Void();
146     }
147 
provideProvisionResponseDrmPlugin148     Return<void> provideProvisionResponse(
149         const hidl_vec<uint8_t>& response,
150         provideProvisionResponse_cb _hidl_cb) {
151 
152         if (response.size() == 0) {
153             _hidl_cb(Status::BAD_VALUE, hidl_vec<uint8_t>(), hidl_vec<uint8_t>());
154             return Void();
155         }
156         _hidl_cb(Status::ERROR_DRM_CANNOT_HANDLE, hidl_vec<uint8_t>(), hidl_vec<uint8_t>());
157         return Void();
158     }
159 
getHdcpLevelsDrmPlugin160     Return<void> getHdcpLevels(getHdcpLevels_cb _hidl_cb) {
161         HdcpLevel connectedLevel = HdcpLevel::HDCP_NONE;
162         HdcpLevel maxLevel = HdcpLevel::HDCP_NO_OUTPUT;
163         _hidl_cb(Status::OK, connectedLevel, maxLevel);
164         return Void();
165     }
166 
getHdcpLevels_1_2DrmPlugin167     Return<void> getHdcpLevels_1_2(getHdcpLevels_1_2_cb _hidl_cb) {
168         HdcpLevel_V1_2 connectedLevel = HdcpLevel_V1_2::HDCP_NONE;
169         HdcpLevel_V1_2 maxLevel = HdcpLevel_V1_2::HDCP_NO_OUTPUT;
170         _hidl_cb(Status_V1_2::OK, connectedLevel, maxLevel);
171         return Void();
172     }
173 
174     Return<void> getNumberOfSessions(getNumberOfSessions_cb _hidl_cb) override;
175 
176     Return<void> getSecurityLevel(const hidl_vec<uint8_t>& sessionId,
177             getSecurityLevel_cb _hidl_cb) override;
178 
179     Return<void> getMetrics(getMetrics_cb _hidl_cb) override;
180 
181     Return<void> getOfflineLicenseKeySetIds(getOfflineLicenseKeySetIds_cb _hidl_cb) override;
182 
183     Return<Status> removeOfflineLicense(const KeySetId &keySetId) override;
184 
185     Return<void> getOfflineLicenseState(const KeySetId &keySetId,
186             getOfflineLicenseState_cb _hidl_cb) override;
187 
188     Return<void> getPropertyString(
189         const hidl_string& name,
190         getPropertyString_cb _hidl_cb) override;
191 
192     Return<void> getPropertyByteArray(
193         const hidl_string& name,
194         getPropertyByteArray_cb _hidl_cb) override;
195 
196     Return<Status> setPropertyString(
197             const hidl_string& name, const hidl_string& value) override;
198 
199     Return<Status> setPropertyByteArray(
200             const hidl_string& name, const hidl_vec<uint8_t>& value) override;
201 
setCipherAlgorithmDrmPlugin202     Return<Status> setCipherAlgorithm(
203             const hidl_vec<uint8_t>& sessionId, const hidl_string& algorithm) {
204         if (sessionId.size() == 0 || algorithm.size() == 0) {
205             return Status::BAD_VALUE;
206         }
207         return Status::ERROR_DRM_CANNOT_HANDLE;
208     }
209 
setMacAlgorithmDrmPlugin210     Return<Status> setMacAlgorithm(
211             const hidl_vec<uint8_t>& sessionId, const hidl_string& algorithm) {
212         if (sessionId.size() == 0 || algorithm.size() == 0) {
213             return Status::BAD_VALUE;
214         }
215         return Status::ERROR_DRM_CANNOT_HANDLE;
216     }
217 
encryptDrmPlugin218     Return<void> encrypt(
219             const hidl_vec<uint8_t>& sessionId,
220             const hidl_vec<uint8_t>& keyId,
221             const hidl_vec<uint8_t>& input,
222             const hidl_vec<uint8_t>& iv,
223             encrypt_cb _hidl_cb) {
224         if (sessionId.size() == 0 || keyId.size() == 0 ||
225                 input.size() == 0 || iv.size() == 0) {
226             _hidl_cb(Status::BAD_VALUE, hidl_vec<uint8_t>());
227             return Void();
228         }
229         _hidl_cb(Status::ERROR_DRM_CANNOT_HANDLE, hidl_vec<uint8_t>());
230         return Void();
231     }
232 
decryptDrmPlugin233     Return<void> decrypt(
234             const hidl_vec<uint8_t>& sessionId,
235             const hidl_vec<uint8_t>& keyId,
236             const hidl_vec<uint8_t>& input,
237             const hidl_vec<uint8_t>& iv,
238             decrypt_cb _hidl_cb) {
239         if (sessionId.size() == 0 || keyId.size() == 0 ||
240                 input.size() == 0 || iv.size() == 0) {
241             _hidl_cb(Status::BAD_VALUE, hidl_vec<uint8_t>());
242             return Void();
243         }
244         _hidl_cb(Status::ERROR_DRM_CANNOT_HANDLE, hidl_vec<uint8_t>());
245         return Void();
246     }
247 
signDrmPlugin248     Return<void> sign(
249             const hidl_vec<uint8_t>& sessionId,
250             const hidl_vec<uint8_t>& keyId,
251             const hidl_vec<uint8_t>& message,
252             sign_cb _hidl_cb) {
253         if (sessionId.size() == 0 || keyId.size() == 0 ||
254                 message.size() == 0) {
255             _hidl_cb(Status::BAD_VALUE, hidl_vec<uint8_t>());
256             return Void();
257         }
258         _hidl_cb(Status::ERROR_DRM_CANNOT_HANDLE, hidl_vec<uint8_t>());
259         return Void();
260     }
261 
verifyDrmPlugin262     Return<void> verify(
263             const hidl_vec<uint8_t>& sessionId,
264             const hidl_vec<uint8_t>& keyId,
265             const hidl_vec<uint8_t>& message,
266             const hidl_vec<uint8_t>& signature,
267             verify_cb _hidl_cb) {
268 
269         if (sessionId.size() == 0 || keyId.size() == 0 ||
270                 message.size() == 0 || signature.size() == 0) {
271             _hidl_cb(Status::BAD_VALUE, false);
272             return Void();
273         }
274         _hidl_cb(Status::ERROR_DRM_CANNOT_HANDLE, false);
275         return Void();
276     }
277 
signRSADrmPlugin278     Return<void> signRSA(
279             const hidl_vec<uint8_t>& sessionId,
280             const hidl_string& algorithm,
281             const hidl_vec<uint8_t>& message,
282             const hidl_vec<uint8_t>& wrappedKey,
283             signRSA_cb _hidl_cb) {
284         if (sessionId.size() == 0 || algorithm.size() == 0 ||
285                 message.size() == 0 || wrappedKey.size() == 0) {
286              _hidl_cb(Status::BAD_VALUE, hidl_vec<uint8_t>());
287              return Void();
288          }
289          _hidl_cb(Status::ERROR_DRM_CANNOT_HANDLE, hidl_vec<uint8_t>());
290          return Void();
291     }
292 
setListenerDrmPlugin293     Return<void> setListener(const sp<IDrmPluginListener>& listener) {
294         mListener = listener;
295         mListenerV1_2 = IDrmPluginListener_V1_2::castFrom(listener);
296         return Void();
297     };
298 
sendEventDrmPlugin299     Return<void> sendEvent(
300             EventType eventType,
301             const hidl_vec<uint8_t>& sessionId,
302             const hidl_vec<uint8_t>& data) {
303         if (mListenerV1_2 != NULL) {
304             mListenerV1_2->sendEvent(eventType, sessionId, data);
305         } else if (mListener != NULL) {
306             mListener->sendEvent(eventType, sessionId, data);
307         } else {
308             ALOGE("Null event listener, event not sent");
309         }
310         return Void();
311     }
312 
sendExpirationUpdateDrmPlugin313     Return<void> sendExpirationUpdate(
314             const hidl_vec<uint8_t>& sessionId,
315             int64_t expiryTimeInMS) {
316         if (mListenerV1_2 != NULL) {
317             mListenerV1_2->sendExpirationUpdate(sessionId, expiryTimeInMS);
318         } else if (mListener != NULL) {
319             mListener->sendExpirationUpdate(sessionId, expiryTimeInMS);
320         } else {
321             ALOGE("Null event listener, event not sent");
322         }
323         return Void();
324     }
325 
sendKeysChangeDrmPlugin326     Return<void> sendKeysChange(
327             const hidl_vec<uint8_t>& sessionId,
328             const hidl_vec<KeyStatus>& keyStatusList, bool hasNewUsableKey) {
329         if (mListenerV1_2 != NULL) {
330             mListenerV1_2->sendKeysChange(sessionId, keyStatusList, hasNewUsableKey);
331         } else if (mListener != NULL) {
332             mListener->sendKeysChange(sessionId, keyStatusList, hasNewUsableKey);
333         } else {
334             ALOGE("Null event listener, event not sent");
335         }
336         return Void();
337     }
338 
sendKeysChange_1_2DrmPlugin339     Return<void> sendKeysChange_1_2(
340             const hidl_vec<uint8_t>& sessionId,
341             const hidl_vec<KeyStatus_V1_2>& keyStatusList, bool hasNewUsableKey) {
342         if (mListenerV1_2 != NULL) {
343             mListenerV1_2->sendKeysChange_1_2(sessionId, keyStatusList, hasNewUsableKey);
344         }
345         return Void();
346     }
347 
sendSessionLostStateDrmPlugin348     Return<void> sendSessionLostState(
349             const hidl_vec<uint8_t>& sessionId) {
350         if (mListenerV1_2 != NULL) {
351             mListenerV1_2->sendSessionLostState(sessionId);
352         }
353         return Void();
354     }
355 
356     Return<void> getSecureStops(getSecureStops_cb _hidl_cb);
357 
358     Return<void> getSecureStop(const hidl_vec<uint8_t>& secureStopId,
359             getSecureStop_cb _hidl_cb);
360 
361     Return<Status> releaseSecureStop(const hidl_vec<uint8_t>& ssRelease);
362 
363     Return<Status> releaseAllSecureStops();
364 
365     Return<void> getSecureStopIds(getSecureStopIds_cb _hidl_cb);
366 
367     Return<Status> releaseSecureStops(const SecureStopRelease& ssRelease);
368 
369     Return<Status> removeSecureStop(const hidl_vec<uint8_t>& secureStopId);
370 
371     Return<Status> removeAllSecureStops();
372 
373 private:
374     void initProperties();
375     void installSecureStop(const hidl_vec<uint8_t>& sessionId);
376     bool makeKeySetId(std::string* keySetId);
377     void setPlayPolicy();
378 
379     Return<Status> setSecurityLevel(const hidl_vec<uint8_t>& sessionId,
380             SecurityLevel level);
381 
382     Status_V1_2 getKeyRequestCommon(const hidl_vec<uint8_t>& scope,
383             const hidl_vec<uint8_t>& initData,
384             const hidl_string& mimeType,
385             KeyType keyType,
386             const hidl_vec<KeyValue>& optionalParameters,
387             std::vector<uint8_t> *request,
388             KeyRequestType_V1_1 *getKeyRequestType,
389             std::string *defaultUrl);
390 
391     struct ClearkeySecureStop {
392         std::vector<uint8_t> id;
393         std::vector<uint8_t> data;
394     };
395 
396     std::map<std::vector<uint8_t>, ClearkeySecureStop> mSecureStops;
397     std::vector<KeyValue> mPlayPolicy;
398     std::map<std::string, std::string> mStringProperties;
399     std::map<std::string, std::vector<uint8_t> > mByteArrayProperties;
400     std::map<std::string, std::vector<uint8_t> > mReleaseKeysMap;
401     std::map<std::vector<uint8_t>, SecurityLevel> mSecurityLevel;
402     sp<IDrmPluginListener> mListener;
403     sp<IDrmPluginListener_V1_2> mListenerV1_2;
404     SessionLibrary *mSessionLibrary;
405     int64_t mOpenSessionOkCount;
406     int64_t mCloseSessionOkCount;
407     int64_t mCloseSessionNotOpenedCount;
408     uint32_t mNextSecureStopId;
409 
410     // set by property to mock error scenarios
411     Status_V1_2 mMockError;
412 
processMockErrorDrmPlugin413     void processMockError(const sp<Session> &session) {
414         session->setMockError(mMockError);
415         mMockError = Status_V1_2::OK;
416     }
417 
418     DeviceFiles mFileHandle;
419     Mutex mSecureStopLock;
420 
421     CLEARKEY_DISALLOW_COPY_AND_ASSIGN_AND_NEW(DrmPlugin);
422 };
423 
424 } // namespace clearkey
425 } // namespace V1_2
426 } // namespace drm
427 } // namespace hardware
428 } // namespace android
429 
430 #endif // CLEARKEY_DRM_PLUGIN_H_
431