Revert "Fix MediaDrm security level APIs"
This reverts commit 778639efbe1db003487f788a4e7f513414bcfd7c.
Reason for revert: Build cop here. The CL topic that I'm reverting broke several builds: Drm.h's openSession(Vector<uint8_t> &sessionId) hides overloaded virtual function openSession(DrmPlugin::SecurityLevel securityLevel, ..) from IDrm.h.
https://android-build.googleplex.com/builds/submitted/4598692/full-eng/latest/view/logs/build_error.log
Change-Id: I86bb202125b17bdeea12c414f3eca2a9e016dac2
diff --git a/api/current.txt b/api/current.txt
index d4f1586c..3944b45 100644
--- a/api/current.txt
+++ b/api/current.txt
@@ -23371,7 +23371,6 @@
method public android.media.MediaDrm.CryptoSession getCryptoSession(byte[], java.lang.String, java.lang.String);
method public android.media.MediaDrm.KeyRequest getKeyRequest(byte[], byte[], java.lang.String, int, java.util.HashMap<java.lang.String, java.lang.String>) throws android.media.NotProvisionedException;
method public int getMaxHdcpLevel();
- method public static int getMaxSecurityLevel();
method public int getMaxSessionCount();
method public android.os.PersistableBundle getMetrics();
method public int getOpenSessionCount();
@@ -23385,7 +23384,6 @@
method public static boolean isCryptoSchemeSupported(java.util.UUID);
method public static boolean isCryptoSchemeSupported(java.util.UUID, java.lang.String);
method public byte[] openSession() throws android.media.NotProvisionedException, android.media.ResourceBusyException;
- method public byte[] openSession(int) throws android.media.NotProvisionedException, android.media.ResourceBusyException;
method public byte[] provideKeyResponse(byte[], byte[]) throws android.media.DeniedByServerException, android.media.NotProvisionedException;
method public void provideProvisionResponse(byte[]) throws android.media.DeniedByServerException;
method public java.util.HashMap<java.lang.String, java.lang.String> queryKeyStatus(byte[]);
@@ -23401,6 +23399,7 @@
method public void setOnKeyStatusChangeListener(android.media.MediaDrm.OnKeyStatusChangeListener, android.os.Handler);
method public void setPropertyByteArray(java.lang.String, byte[]);
method public void setPropertyString(java.lang.String, java.lang.String);
+ method public void setSecurityLevel(byte[], int);
field public static final deprecated int EVENT_KEY_EXPIRED = 3; // 0x3
field public static final int EVENT_KEY_REQUIRED = 2; // 0x2
field public static final deprecated int EVENT_PROVISION_REQUIRED = 1; // 0x1
diff --git a/media/java/android/media/MediaDrm.java b/media/java/android/media/MediaDrm.java
index 279e05f..90fcaab 100644
--- a/media/java/android/media/MediaDrm.java
+++ b/media/java/android/media/MediaDrm.java
@@ -634,39 +634,8 @@
* @throws ResourceBusyException if required resources are in use
*/
@NonNull
- public byte[] openSession() throws NotProvisionedException,
- ResourceBusyException {
- return openSession(getMaxSecurityLevel());
- }
-
- /**
- * Open a new session at a requested security level. The security level
- * represents the robustness of the device's DRM implementation. By default,
- * sessions are opened at the native security level of the device.
- * Overriding the security level is necessary when the decrypted frames need
- * to be manipulated, such as for image compositing. The security level
- * parameter must be lower than the native level. Reducing the security
- * level will typically limit the content to lower resolutions, as
- * determined by the license policy. If the requested level is not
- * supported, the next lower supported security level will be set. The level
- * can be queried using {@link #getSecurityLevel}. A session
- * ID is returned.
- *
- * @param level the new security level, one of
- * {@link #SW_SECURE_CRYPTO}, {@link #SW_SECURE_DECODE},
- * {@link #HW_SECURE_CRYPTO}, {@link #HW_SECURE_DECODE} or
- * {@link #HW_SECURE_ALL}.
- *
- * @throws NotProvisionedException if provisioning is needed
- * @throws ResourceBusyException if required resources are in use
- * @throws IllegalArgumentException if the requested security level is
- * higher than the native level or lower than the lowest supported level or
- * if the device does not support specifying the security level when opening
- * a session
- */
- @NonNull
- public native byte[] openSession(@SecurityLevel int level) throws
- NotProvisionedException, ResourceBusyException;
+ public native byte[] openSession() throws NotProvisionedException,
+ ResourceBusyException;
/**
* Close a session on the MediaDrm object that was previously opened
@@ -1140,7 +1109,7 @@
*/
@Retention(RetentionPolicy.SOURCE)
@IntDef({SECURITY_LEVEL_UNKNOWN, SW_SECURE_CRYPTO, SW_SECURE_DECODE,
- HW_SECURE_CRYPTO, HW_SECURE_DECODE, HW_SECURE_ALL})
+ HW_SECURE_CRYPTO, HW_SECURE_DECODE, HW_SECURE_ALL})
public @interface SecurityLevel {}
/**
@@ -1150,55 +1119,39 @@
public static final int SECURITY_LEVEL_UNKNOWN = 0;
/**
- * DRM key management uses software-based whitebox crypto.
+ * Software-based whitebox crypto
*/
public static final int SW_SECURE_CRYPTO = 1;
/**
- * DRM key management and decoding use software-based whitebox crypto.
+ * Software-based whitebox crypto and an obfuscated decoder
*/
- public static final int SW_SECURE_DECODE = 2;
+ public static final int SW_SECURE_DECODE = 2;
/**
- * DRM key management and crypto operations are performed within a hardware
- * backed trusted execution environment.
+ * DRM key management and crypto operations are performed within a
+ * hardware backed trusted execution environment
*/
public static final int HW_SECURE_CRYPTO = 3;
/**
- * DRM key management, crypto operations and decoding of content are
- * performed within a hardware backed trusted execution environment.
+ * DRM key management, crypto operations and decoding of content
+ * are performed within a hardware backed trusted execution environment
*/
- public static final int HW_SECURE_DECODE = 4;
+ public static final int HW_SECURE_DECODE = 4;
/**
* DRM key management, crypto operations, decoding of content and all
- * handling of the media (compressed and uncompressed) is handled within a
- * hardware backed trusted execution environment.
+ * handling of the media (compressed and uncompressed) is handled within
+ * a hardware backed trusted execution environment.
*/
public static final int HW_SECURE_ALL = 5;
/**
- * The maximum security level supported by the device. This is the default
- * security level when a session is opened.
- * @hide
- */
- public static final int SECURITY_LEVEL_MAX = 6;
-
- /**
- * The maximum security level supported by the device. This is the default
- * security level when a session is opened.
- */
- @SecurityLevel
- public static final int getMaxSecurityLevel() {
- return SECURITY_LEVEL_MAX;
- }
-
- /**
- * Return the current security level of a session. A session has an initial
- * security level determined by the robustness of the DRM system's
- * implementation on the device. The security level may be changed at the
- * time a session is opened using {@link #openSession}.
+ * Return the current security level of a session. A session
+ * has an initial security level determined by the robustness of
+ * the DRM system's implementation on the device. The security
+ * level may be adjusted using {@link #setSecurityLevel}.
* @param sessionId the session to query.
* <p>
* @return one of {@link #SECURITY_LEVEL_UNKNOWN},
@@ -1210,6 +1163,21 @@
public native int getSecurityLevel(@NonNull byte[] sessionId);
/**
+ * Set the security level of a session. This can be useful if specific
+ * attributes of a lower security level are needed by an application,
+ * such as image manipulation or compositing. Reducing the security
+ * level will typically limit decryption to lower content resolutions,
+ * depending on the license policy.
+ * @param sessionId the session to set the security level on.
+ * @param level the new security level, one of
+ * {@link #SW_SECURE_CRYPTO}, {@link #SW_SECURE_DECODE},
+ * {@link #HW_SECURE_CRYPTO}, {@link #HW_SECURE_DECODE} or
+ * {@link #HW_SECURE_ALL}.
+ */
+ public native void setSecurityLevel(@NonNull byte[] sessionId,
+ @SecurityLevel int level);
+
+ /**
* String property name: identifies the maker of the DRM plugin
*/
public static final String PROPERTY_VENDOR = "vendor";
diff --git a/media/jni/android_media_MediaDrm.cpp b/media/jni/android_media_MediaDrm.cpp
index d7f51d4..4f06caa 100644
--- a/media/jni/android_media_MediaDrm.cpp
+++ b/media/jni/android_media_MediaDrm.cpp
@@ -145,7 +145,6 @@
struct SecurityLevels {
jint kSecurityLevelUnknown;
- jint kSecurityLevelMax;
jint kSecurityLevelSwSecureCrypto;
jint kSecurityLevelSwSecureDecode;
jint kSecurityLevelHwSecureCrypto;
@@ -684,10 +683,6 @@
GET_STATIC_FIELD_ID(field, clazz, "HW_SECURE_ALL", "I");
gSecurityLevels.kSecurityLevelHwSecureAll = env->GetStaticIntField(clazz, field);
- jmethodID getMaxSecurityLevel;
- GET_STATIC_METHOD_ID(getMaxSecurityLevel, clazz, "getMaxSecurityLevel", "()I");
- gSecurityLevels.kSecurityLevelMax = env->CallStaticIntMethod(clazz, getMaxSecurityLevel);
-
FIND_CLASS(clazz, "android/media/MediaDrm$KeyRequest");
GET_FIELD_ID(gFields.keyRequest.data, clazz, "mData", "[B");
GET_FIELD_ID(gFields.keyRequest.defaultUrl, clazz, "mDefaultUrl", "Ljava/lang/String;");
@@ -818,7 +813,7 @@
}
static jbyteArray android_media_MediaDrm_openSession(
- JNIEnv *env, jobject thiz, jint jlevel) {
+ JNIEnv *env, jobject thiz) {
sp<IDrm> drm = GetDrm(env, thiz);
if (drm == NULL) {
@@ -828,26 +823,7 @@
}
Vector<uint8_t> sessionId;
- DrmPlugin::SecurityLevel level;
-
- if (jlevel == gSecurityLevels.kSecurityLevelMax) {
- level = DrmPlugin::kSecurityLevelMax;
- } else if (jlevel == gSecurityLevels.kSecurityLevelSwSecureCrypto) {
- level = DrmPlugin::kSecurityLevelSwSecureCrypto;
- } else if (jlevel == gSecurityLevels.kSecurityLevelSwSecureDecode) {
- level = DrmPlugin::kSecurityLevelSwSecureDecode;
- } else if (jlevel == gSecurityLevels.kSecurityLevelHwSecureCrypto) {
- level = DrmPlugin::kSecurityLevelHwSecureCrypto;
- } else if (jlevel == gSecurityLevels.kSecurityLevelHwSecureDecode) {
- level = DrmPlugin::kSecurityLevelHwSecureDecode;
- } else if (jlevel == gSecurityLevels.kSecurityLevelHwSecureAll) {
- level = DrmPlugin::kSecurityLevelHwSecureAll;
- } else {
- jniThrowException(env, "java/lang/IllegalArgumentException", "Invalid security level");
- return NULL;
- }
-
- status_t err = drm->openSession(level, sessionId);
+ status_t err = drm->openSession(sessionId);
if (throwExceptionAsNecessary(env, err, "Failed to open session")) {
return NULL;
@@ -1369,6 +1345,40 @@
}
+static void android_media_MediaDrm_setSecurityLevel(JNIEnv *env,
+ jobject thiz, jbyteArray jsessionId, jint jlevel) {
+ sp<IDrm> drm = GetDrm(env, thiz);
+
+ if (!CheckSession(env, drm, jsessionId)) {
+ return;
+ }
+
+ Vector<uint8_t> sessionId(JByteArrayToVector(env, jsessionId));
+ DrmPlugin::SecurityLevel level;
+
+ if (jlevel == gSecurityLevels.kSecurityLevelSwSecureCrypto) {
+ level = DrmPlugin::kSecurityLevelSwSecureCrypto;
+ } else if (jlevel == gSecurityLevels.kSecurityLevelSwSecureDecode) {
+ level = DrmPlugin::kSecurityLevelSwSecureDecode;
+ } else if (jlevel == gSecurityLevels.kSecurityLevelHwSecureCrypto) {
+ level = DrmPlugin::kSecurityLevelHwSecureCrypto;
+ } else if (jlevel == gSecurityLevels.kSecurityLevelHwSecureDecode) {
+ level = DrmPlugin::kSecurityLevelHwSecureDecode;
+ } else if (jlevel == gSecurityLevels.kSecurityLevelHwSecureAll) {
+ level = DrmPlugin::kSecurityLevelHwSecureAll;
+ } else {
+ jniThrowException(env, "java/lang/IllegalArgumentException", "Invalid security level");
+ return;
+ }
+
+ status_t err = drm->setSecurityLevel(sessionId, level);
+
+ if (throwExceptionAsNecessary(env, err, "Failed to set security level")) {
+ return;
+ }
+}
+
+
static jstring android_media_MediaDrm_getPropertyString(
JNIEnv *env, jobject thiz, jstring jname) {
sp<IDrm> drm = GetDrm(env, thiz);
@@ -1714,7 +1724,7 @@
{ "isCryptoSchemeSupportedNative", "([BLjava/lang/String;)Z",
(void *)android_media_MediaDrm_isCryptoSchemeSupportedNative },
- { "openSession", "(I)[B",
+ { "openSession", "()[B",
(void *)android_media_MediaDrm_openSession },
{ "closeSession", "([B)V",
@@ -1775,6 +1785,9 @@
{ "getSecurityLevel", "([B)I",
(void *)android_media_MediaDrm_getSecurityLevel },
+ { "setSecurityLevel", "([BI)V",
+ (void *)android_media_MediaDrm_setSecurityLevel },
+
{ "getPropertyString", "(Ljava/lang/String;)Ljava/lang/String;",
(void *)android_media_MediaDrm_getPropertyString },