File: content_decryption_module.mojom

package info (click to toggle)
chromium 139.0.7258.127-2
  • links: PTS, VCS
  • area: main
  • in suites: forky
  • size: 6,122,156 kB
  • sloc: cpp: 35,100,771; ansic: 7,163,530; javascript: 4,103,002; python: 1,436,920; asm: 946,517; xml: 746,709; pascal: 187,653; perl: 88,691; sh: 88,436; objc: 79,953; sql: 51,488; cs: 44,583; fortran: 24,137; makefile: 22,147; tcl: 15,277; php: 13,980; yacc: 8,984; ruby: 7,485; awk: 3,720; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; sed: 36
file content (239 lines) | stat: -rw-r--r-- 8,185 bytes parent folder | download | duplicates (5) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
 
// Copyright 2014 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

// Next MinVersion: 5

module chromeos.cdm.mojom;

// Provides an interface a CDM implementation in the daemon. This interface is
// meant to translate to the media/base/content_decryption_module.h interface in
// Chrome. The media/base/decryptor.h functionality is also included because
// this implementation ties both of them together and does not need that
// abstracted away, however this only implements the decrypt functionality of
// that interface and not decrypt + decode.
//
// We do not use the corresponding mojo interfaces that already exist in Chrome
// because we need to do version management so we can handle version diffs
// between Chrome and Chrome OS.

// See media::EmeInitDataType.
[Stable, Extensible]
enum EmeInitDataType {
  UNKNOWN,
  WEBM,
  CENC,
  KEYIDS,
};

// See media::CdmSessionType
[Stable, Extensible]
enum CdmSessionType {
  kTemporary,
  kPersistentLicense,
};

// See media::CdmMessageType
[Stable, Extensible]
enum CdmMessageType {
  LICENSE_REQUEST,
  LICENSE_RENEWAL,
  LICENSE_RELEASE,
  INDIVIDUALIZATION_REQUEST,
};

// See media::CdmKeyInformation::KeyStatus
[Stable, Extensible]
enum CdmKeyStatus {
  USABLE,
  INTERNAL_ERROR,
  EXPIRED,
  OUTPUT_RESTRICTED,
  OUTPUT_DOWNSCALED,
  KEY_STATUS_PENDING,
  RELEASED,
  [MinVersion=4] USABLE_IN_FUTURE,
};

// See media::HdcpVersion
[Stable, Extensible]
enum HdcpVersion {
  kHdcpVersionNone,
  kHdcpVersion1_0,
  kHdcpVersion1_1,
  kHdcpVersion1_2,
  kHdcpVersion1_3,
  kHdcpVersion1_4,
  kHdcpVersion2_0,
  kHdcpVersion2_1,
  kHdcpVersion2_2,
  kHdcpVersion2_3,
};

// See media::CdmPromise::Exception
[Stable, Extensible]
enum PromiseException {
  NOT_SUPPORTED_ERROR,
  INVALID_STATE_ERROR,
  QUOTA_EXCEEDED_ERROR,
  TYPE_ERROR,
};

// Transport layer of media::CdmPromise (see media/base/cdm_promise.h).
// - When |success| is true, the promise is resolved and all other fields should
//   be ignored.
// - When |success| is false, the promise is rejected with |exception|,
//   |system_code| and |error_message|.
[Stable]
struct CdmPromiseResult {
  bool success;
  PromiseException exception;
  uint32 system_code;
  string error_message;
};

// Transport layer of media::CdmKeyInformation (see
// media/base/cdm_key_information.h). It is used to specify a key_id and it's
// associated status.
[Stable]
struct CdmKeyInformation {
  array<uint8> key_id;
  CdmKeyStatus status;
  uint32 system_code;
};

[Stable, Extensible]
enum EncryptionScheme {
  kCenc,
  kCbcs
};

[Stable]
struct EncryptionPattern {
  uint32 crypt_byte_block;
  uint32 skip_byte_block;
};

// See media::SubsampleEntry
[Stable]
struct SubsampleEntry {
  uint32 clear_bytes;
  uint32 cipher_bytes;
};

[Stable]
struct DecryptConfig {
  EncryptionScheme encryption_scheme;
  string key_id;
  string iv;
  array<SubsampleEntry> subsamples;
  EncryptionPattern? encryption_pattern;
};

[Stable, Extensible]
enum DecryptStatus {
  kSuccess,
  kNoKey,
  kFailure
};

// Next Method ID: 11
// These method calls originate in the Chrome GPU process and end up in the
// cdm-oemcrypto daemon in ChromeOS.
[Stable, Uuid="cbe7142d-379a-4b23-bfee-a370ab01bdea"]
interface ContentDecryptionModule {
  // Provides a server certificate to be used to encrypt messages to the
  // license server.
  SetServerCertificate@1(array<uint8> certificate_data)
      => (CdmPromiseResult result);

  // Gets the key status if there's a hypothetical key that requires the
  // |min_hdcp_version|. Resolve the |result| with the |key_status| after the
  // operation completes. Reject the |result| if this operation is not
  // supported or unexpected error happened.
  GetStatusForPolicy@2(HdcpVersion min_hdcp_version)
      => (CdmPromiseResult result, CdmKeyStatus key_status);

  // Creates a session with the |init_data_type|, |init_data| and |session_type|
  // provided. If |result.success| is false, the output |session_id| will be
  // empty.
  CreateSessionAndGenerateRequest@3(CdmSessionType session_type,
                                    EmeInitDataType init_data_type,
                                    array<uint8> init_data)
      => (CdmPromiseResult result, string session_id);

  // Loads the session associated with |session_id| and |session_type|.
  // Combinations of |result.success| and |session_id| means:
  //   (true, non-empty) : Session successfully loaded.
  //   (true, empty) : Session not found.
  //   (false, non-empty): N/A; this combination is not allowed.
  //   (false, empty) : Unexpected error. See other fields in |result|.
  LoadSession@4(CdmSessionType session_type, string session_id)
      => (CdmPromiseResult result, string session_id);

  // Updates a session specified by |session_id| with |response|.
  UpdateSession@5(string session_id, array<uint8> response)
      => (CdmPromiseResult result);

  // Closes the session specified by |session_id|.
  CloseSession@6(string session_id) => (CdmPromiseResult result);

  // Removes stored session data associated with the active session specified by
  // |session_id|.
  RemoveSession@7(string session_id) => (CdmPromiseResult result);

  // Decprecated: Do not use.
  DecryptDeprecated@8(array<uint8> encrypted_data, DecryptConfig decrypt_config)
      => (DecryptStatus status, array<uint8> decrypted_data);

  // Returns HW information for a specific key that is passed along as part of
  // HW decrypt+decode. |hw_identifier| is specific to the HW implementation
  // to allow it to correlate the decode session with the context to get the key
  // from.
  [MinVersion=1] GetHwKeyData@9(DecryptConfig decrypt_config,
                                array<uint8> hw_identifier) =>
      (DecryptStatus status, array<uint8> key_data);

  // Used for decrypting to clear, transcrypting to a secure buffer or
  // decrypting to secure memory. If |is_video| is true, then it will be
  // transcrypted to a secure buffer on supported platforms (e.g. AMD). If
  // |secure_handle| is non-zero, then it will be written to the corresponding
  // secure Trust Zone memory (ARM only). |secure_handle| is an identifier for
  // the corresponding secure memory that can be resolved in the TEE and not
  // a handle to the actual resource (we have another FD we use for that).
  // |decrypt_config_in| can be null if the input data is not encrypted.
  // |decrypt_config_out| will be non-null only in the case of transcryption and
  // will specify crypto information for the returned |decrypted_data|.
  [MinVersion=2]
  Decrypt@10(array<uint8> encrypted_data, DecryptConfig? decrypt_config_in,
             bool is_video,
             [MinVersion=3] uint64 secure_handle)
      => (DecryptStatus status, array<uint8> decrypted_data,
          DecryptConfig? decrypt_config_out);
};

// Session callbacks. See media/base/content_decryption_module.h for details.
// Next Method ID: 4
[Stable, Uuid="f08e6938-ac41-48b8-8f55-a381732b932b"]
interface ContentDecryptionModuleClient {
  // Called when the CDM needs to queue a message event to the session object.
  // See http://w3c.github.io/encrypted-media/#dom-evt-message
  OnSessionMessage@0(string session_id, CdmMessageType message_type,
                     array<uint8> message);

  // Called when the session specified by |session_id| is closed. Note that the
  // CDM may close a session at any point, such as in response to a
  // CloseSession() call, when the session is no longer needed, or when system
  // resources are lost.
  // See http://w3c.github.io/encrypted-media/#session-closed
  OnSessionClosed@1(string session_id);

  // Called when there has been a change in the keys in the session or their
  // status. See http://w3c.github.io/encrypted-media/#dom-evt-keystatuseschange
  OnSessionKeysChange@2(string session_id, bool has_additional_usable_key,
                      array<CdmKeyInformation> keys_info);

  // Provide session expiration update for |session_id|.
  // |new_expiry_time_sec| is the number of seconds since epoch (Jan 1, 1970).
  OnSessionExpirationUpdate@3(string session_id, double new_expiry_time_sec);
};