Implement robustness strings in requestMediaKeySystemAccess().

media/base/key_systems.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "media/base/key_systems.h"
 
 #include <string>
 
 #include "base/containers/hash_tables.h"
 #include "base/lazy_instance.h"
@@ skipping 57 matching lines @@
     {"vp8.0", EME_CODEC_WEBM_VP8},
     {"vp9", EME_CODEC_WEBM_VP9},
     {"vp9.0", EME_CODEC_WEBM_VP9},
 #if defined(USE_PROPRIETARY_CODECS)
     {"mp4a", EME_CODEC_MP4_AAC},
     {"avc1", EME_CODEC_MP4_AVC1},
     {"avc3", EME_CODEC_MP4_AVC1}
 #endif  // defined(USE_PROPRIETARY_CODECS)
 };
 
+static EmeRequirementSupport ConvertSessionTypeSupport(

[ddorwin, 2015/03/13 19:24:47]

Should we just eliminate EmeSessionTypeSupport?

[sandersd (OOO until July 31), 2015/03/13 20:11:56]

Probably. I really don't want to have an INVALID EmeRequirementSupport value
though, so I'd want to rip that check out. Is that okay?

[ddorwin, 2015/03/16 23:25:07]

Acknowledged.

We also have PERMISSION_PREFERRED, which may not make sense for session types.

+    EmeSessionTypeSupport support) {
+  switch (support) {
+    case EME_SESSION_TYPE_INVALID:
+      NOTREACHED();
+      return EME_REQUIREMENT_NOT_SUPPORTED;
+    case EME_SESSION_TYPE_NOT_SUPPORTED:
+      return EME_REQUIREMENT_NOT_SUPPORTED;
+    case EME_SESSION_TYPE_SUPPORTED_WITH_PERMISSION:
+      return EME_REQUIREMENT_SUPPORTED_WITH_PERMISSION;
+    case EME_SESSION_TYPE_SUPPORTED:
+      return EME_REQUIREMENT_SUPPORTED;
+  }
+  NOTREACHED();
+  return EME_REQUIREMENT_NOT_SUPPORTED;
+}
+
 static void AddClearKey(std::vector<KeySystemInfo>* concrete_key_systems) {
   KeySystemInfo info;
   info.key_system = kClearKeyKeySystem;
 
   // On Android, Vorbis, VP8, AAC and AVC1 are supported in MediaCodec:
   // http://developer.android.com/guide/appendix/media-formats.html
   // VP9 support is device dependent.
 
   info.supported_init_data_types = EME_INIT_DATA_TYPE_WEBM;
   info.supported_codecs = EME_CODEC_WEBM_ALL;
@@ skipping 94 matching lines @@
       bool is_prefixed);
 
   std::string GetKeySystemNameForUMA(const std::string& key_system) const;
 
   bool UseAesDecryptor(const std::string& concrete_key_system);
 
 #if defined(ENABLE_PEPPER_CDMS)
   std::string GetPepperType(const std::string& concrete_key_system);
 #endif
 
-  bool IsPersistentLicenseSessionSupported(
+  EmeRequirementSupport GetRobustnessRequirementSupport(
       const std::string& key_system,
-      bool is_permission_granted);
+      EmeMediaType media_type,
+      EmeRobustness robustness);
 
-  bool IsPersistentReleaseMessageSessionSupported(
+  EmeRequirementSupport GetPersistentLicenseSessionSupport(
+      const std::string& key_system);
+
+  EmeRequirementSupport GetPersistentReleaseMessageSessionSupport(
+      const std::string& key_system);
+
+  EmeRequirementSupport GetPersistentStateRequirementSupport(
       const std::string& key_system,
-      bool is_permission_granted);
+      EmeFeatureRequirement requirement);
 
-  bool IsPersistentStateRequirementSupported(
+  EmeRequirementSupport GetDistinctiveIdentifierRequirementSupport(
       const std::string& key_system,
-      EmeFeatureRequirement requirement,
-      bool is_permission_granted);
-
-  bool IsDistinctiveIdentifierRequirementSupported(
-      const std::string& key_system,
-      EmeFeatureRequirement requirement,
-      bool is_permission_granted);
+      EmeFeatureRequirement requirement);
 
   void AddContainerMask(const std::string& container, uint32 mask);
   void AddCodecMask(const std::string& codec, uint32 mask);
 
  private:
   void InitializeUMAInfo();
 
   void UpdateSupportedKeySystems();
 
   void AddConcreteSupportedKeySystems(
@@ skipping 166 matching lines @@
 }
 
 void KeySystems::AddConcreteSupportedKeySystems(
     const std::vector<KeySystemInfo>& concrete_key_systems) {
   DCHECK(thread_checker_.CalledOnValidThread());
   DCHECK(concrete_key_system_map_.empty());
   DCHECK(parent_key_system_map_.empty());
 
   for (const KeySystemInfo& info : concrete_key_systems) {
     DCHECK(!info.key_system.empty());
-    DCHECK_NE(info.persistent_license_support, EME_SESSION_TYPE_INVALID);
-    DCHECK_NE(info.persistent_release_message_support,
-              EME_SESSION_TYPE_INVALID);
-    // TODO(sandersd): Add REQUESTABLE and REQUESTABLE_WITH_PERMISSION for
-    // persistent_state_support once we can block access per-CDM-instance
-    // (http://crbug.com/457482).
-    DCHECK(info.persistent_state_support == EME_FEATURE_NOT_SUPPORTED ||
-           info.persistent_state_support == EME_FEATURE_ALWAYS_ENABLED);
-// TODO(sandersd): Allow REQUESTABLE_WITH_PERMISSION for all key systems on
-// all platforms once we have proper enforcement (http://crbug.com/457482).
-// On Chrome OS, an ID will not be used without permission, but we cannot
-// currently prevent the CDM from requesting the permission again when no
-// there was no initial prompt. Thus, we block "not-allowed" below.
-#if defined(OS_CHROMEOS)
-    DCHECK(info.distinctive_identifier_support == EME_FEATURE_NOT_SUPPORTED ||
-           (info.distinctive_identifier_support ==
-                EME_FEATURE_REQUESTABLE_WITH_PERMISSION &&
-            info.key_system == kWidevineKeySystem) ||
-           info.distinctive_identifier_support == EME_FEATURE_ALWAYS_ENABLED);
-#else
-    DCHECK(info.distinctive_identifier_support == EME_FEATURE_NOT_SUPPORTED ||
-           info.distinctive_identifier_support == EME_FEATURE_ALWAYS_ENABLED);
-#endif
+    DCHECK(info.max_audio_robustness != EmeRobustness::INVALID);
+    DCHECK(info.max_video_robustness != EmeRobustness::INVALID);
+    DCHECK(info.persistent_license_support != EME_SESSION_TYPE_INVALID);
+    DCHECK(info.persistent_release_message_support != EME_SESSION_TYPE_INVALID);
+    DCHECK(info.persistent_state_support != EME_FEATURE_INVALID);

[ddorwin, 2015/03/13 19:24:47]

Note: We've only addressed the TODO for desktop. Ditto below.
This happens to be fine for all known registrations.

[sandersd (OOO until July 31), 2015/03/13 20:11:56]

Done.

+    DCHECK(info.distinctive_identifier_support != EME_FEATURE_INVALID);
+    // Distinctive identifiers cannot be requestable without permission.
+    DCHECK(info.distinctive_identifier_support != EME_FEATURE_REQUESTABLE);
     if (info.persistent_state_support == EME_FEATURE_NOT_SUPPORTED) {
-      DCHECK_EQ(info.persistent_license_support,
-                EME_SESSION_TYPE_NOT_SUPPORTED);
-      DCHECK_EQ(info.persistent_release_message_support,
-                EME_SESSION_TYPE_NOT_SUPPORTED);
+      DCHECK(info.persistent_license_support == EME_SESSION_TYPE_NOT_SUPPORTED);
+      DCHECK(info.persistent_release_message_support ==
+             EME_SESSION_TYPE_NOT_SUPPORTED);
     }
     DCHECK(!IsSupportedKeySystem(info.key_system))
         << "Key system '" << info.key_system << "' already registered";
     DCHECK(!parent_key_system_map_.count(info.key_system))
         <<  "'" << info.key_system << "' is already registered as a parent";
 #if defined(ENABLE_PEPPER_CDMS)
     DCHECK_EQ(info.use_aes_decryptor, info.pepper_type.empty());
 #endif
 
     concrete_key_system_map_[info.key_system] = info;
@@ skipping 178 matching lines @@
       DLOG(FATAL) << concrete_key_system << " is not a known concrete system";
       return std::string();
   }
 
   const std::string& type = key_system_iter->second.pepper_type;
   DLOG_IF(FATAL, type.empty()) << concrete_key_system << " is not Pepper-based";
   return type;
 }
 #endif
 
-bool KeySystems::IsPersistentLicenseSessionSupported(
+EmeRequirementSupport KeySystems::GetRobustnessRequirementSupport(
     const std::string& key_system,
-    bool is_permission_granted) {
+    EmeMediaType media_type,
+    EmeRobustness robustness) {
+  DCHECK(thread_checker_.CalledOnValidThread());
+
+  if (robustness == EmeRobustness::INVALID)
+    return EME_REQUIREMENT_NOT_SUPPORTED;
+  if (robustness == EmeRobustness::EMPTY)
+    return EME_REQUIREMENT_SUPPORTED;
+
+  KeySystemInfoMap::const_iterator key_system_iter =
+      concrete_key_system_map_.find(key_system);
+  if (key_system_iter == concrete_key_system_map_.end()) {
+    NOTREACHED();
+    return EME_REQUIREMENT_NOT_SUPPORTED;
+  }
+
+  EmeRobustness max_robustness = EmeRobustness::INVALID;
+  switch (media_type) {
+    case EmeMediaType::AUDIO:
+      max_robustness = key_system_iter->second.max_audio_robustness;
+      break;
+    case EmeMediaType::VIDEO:
+      max_robustness = key_system_iter->second.max_video_robustness;
+      break;
+  }
+
+#if defined(OS_CHROMEOS)
+  if (key_system == kWidevineKeySystem) {
+    // CrOS Widevine supports L1 when remote attestation succeeds, but the
+    // encrypted media permission is required to do so. Even when not strictly
+    // requred, we prefer to support L1 for video because it allows hardware
+    // acceleration to be used.
+    // TODO(sandersd): Only recommend permission when hardware acceleration is
+    // available for the specific codecs requested.
+    EmeRequirementSupport recommendation =
+        (media_type == EmeMediaType::VIDEO)
+            ? EME_REQUIREMENT_SUPPORTED_PERMISSION_RECOMMENDED
+            : EME_REQUIREMENT_SUPPORTED;
+    return (robustness <= max_robustness)
+        ? recommendation
+        : EME_REQUIREMENT_SUPPORTED_WITH_PERMISSION;
+  }
+#endif  // defined(OS_CHROMEOS)
+
+  return (robustness <= max_robustness)
+      ? EME_REQUIREMENT_SUPPORTED
+      : EME_REQUIREMENT_NOT_SUPPORTED;
+}
+
+EmeRequirementSupport KeySystems::GetPersistentLicenseSessionSupport(
+    const std::string& key_system) {
   DCHECK(thread_checker_.CalledOnValidThread());
 
   KeySystemInfoMap::const_iterator key_system_iter =
       concrete_key_system_map_.find(key_system);
   if (key_system_iter == concrete_key_system_map_.end()) {
     NOTREACHED();
-    return false;
+    return EME_REQUIREMENT_NOT_SUPPORTED;
   }
-
-  switch (key_system_iter->second.persistent_license_support) {
-    case EME_SESSION_TYPE_INVALID:
-      NOTREACHED();
-      return false;
-    case EME_SESSION_TYPE_NOT_SUPPORTED:
-      return false;
-    case EME_SESSION_TYPE_SUPPORTED_WITH_PERMISSION:
-      return is_permission_granted;
-    case EME_SESSION_TYPE_SUPPORTED:
-      return true;
-  }
-
-  NOTREACHED();
-  return false;
+  return ConvertSessionTypeSupport(
+      key_system_iter->second.persistent_license_support);
 }
 
-bool KeySystems::IsPersistentReleaseMessageSessionSupported(
-    const std::string& key_system,
-    bool is_permission_granted) {
+EmeRequirementSupport KeySystems::GetPersistentReleaseMessageSessionSupport(
+    const std::string& key_system) {
   DCHECK(thread_checker_.CalledOnValidThread());
 
   KeySystemInfoMap::const_iterator key_system_iter =
       concrete_key_system_map_.find(key_system);
   if (key_system_iter == concrete_key_system_map_.end()) {
     NOTREACHED();
-    return false;
+    return EME_REQUIREMENT_NOT_SUPPORTED;
   }
-
-  switch (key_system_iter->second.persistent_release_message_support) {
-    case EME_SESSION_TYPE_INVALID:
-      NOTREACHED();
-      return false;
-    case EME_SESSION_TYPE_NOT_SUPPORTED:
-      return false;
-    case EME_SESSION_TYPE_SUPPORTED_WITH_PERMISSION:
-      return is_permission_granted;
-    case EME_SESSION_TYPE_SUPPORTED:
-      return true;
-  }
-
-  NOTREACHED();
-  return false;
+  return ConvertSessionTypeSupport(
+      key_system_iter->second.persistent_release_message_support);
 }
 
-bool KeySystems::IsPersistentStateRequirementSupported(
+EmeRequirementSupport KeySystems::GetPersistentStateRequirementSupport(
     const std::string& key_system,
-    EmeFeatureRequirement requirement,
-    bool is_permission_granted) {
+    EmeFeatureRequirement requirement) {
   DCHECK(thread_checker_.CalledOnValidThread());
 
   KeySystemInfoMap::const_iterator key_system_iter =
       concrete_key_system_map_.find(key_system);
   if (key_system_iter == concrete_key_system_map_.end()) {
     NOTREACHED();
-    return false;
+    return EME_REQUIREMENT_NOT_SUPPORTED;
   }
 
-  switch (key_system_iter->second.persistent_state_support) {
-    case EME_FEATURE_INVALID:
-      NOTREACHED();
-      return false;
-    case EME_FEATURE_NOT_SUPPORTED:
-      return requirement != EME_FEATURE_REQUIRED;
-    case EME_FEATURE_REQUESTABLE_WITH_PERMISSION:
-      return (requirement != EME_FEATURE_REQUIRED) || is_permission_granted;
-    case EME_FEATURE_REQUESTABLE:
-      return true;
-    case EME_FEATURE_ALWAYS_ENABLED:
-      // Persistent state does not require user permission, but the session
-      // types that use it might.
-      return requirement != EME_FEATURE_NOT_ALLOWED;
+  EmeFeatureSupport support = key_system_iter->second.persistent_state_support;
+  if (support == EME_FEATURE_NOT_SUPPORTED &&
+      requirement == EME_FEATURE_REQUIRED) {
+    return EME_REQUIREMENT_NOT_SUPPORTED;
+  }
+  if (support == EME_FEATURE_ALWAYS_ENABLED &&
+      requirement == EME_FEATURE_NOT_ALLOWED) {
+    return EME_REQUIREMENT_NOT_SUPPORTED;
   }
 
-  NOTREACHED();
-  return false;
+  // Permission is required only if the feature requires it; permission may
+  // still be required for individual persistent session types. Permission
+  // for optional requirements will be handled when they are resolved to
+  // a specific value.
+  if (support == EME_FEATURE_REQUESTABLE_WITH_PERMISSION &&
+      requirement == EME_FEATURE_REQUIRED) {
+    return EME_REQUIREMENT_SUPPORTED_WITH_PERMISSION;
+  }
+  return EME_REQUIREMENT_SUPPORTED;
 }
 
-bool KeySystems::IsDistinctiveIdentifierRequirementSupported(
+EmeRequirementSupport KeySystems::GetDistinctiveIdentifierRequirementSupport(
     const std::string& key_system,
-    EmeFeatureRequirement requirement,
-    bool is_permission_granted) {
+    EmeFeatureRequirement requirement) {
   DCHECK(thread_checker_.CalledOnValidThread());
 
   KeySystemInfoMap::const_iterator key_system_iter =
       concrete_key_system_map_.find(key_system);
   if (key_system_iter == concrete_key_system_map_.end()) {
     NOTREACHED();
-    return false;
+    return EME_REQUIREMENT_NOT_SUPPORTED;
   }
 
-  switch (key_system_iter->second.distinctive_identifier_support) {
-    case EME_FEATURE_INVALID:
-      NOTREACHED();
-      return false;
-    case EME_FEATURE_NOT_SUPPORTED:
-      return requirement != EME_FEATURE_REQUIRED;
-    case EME_FEATURE_REQUESTABLE_WITH_PERMISSION:
-      // TODO(sandersd): Remove this hack once crbug.com/457482 and
-      // crbug.com/460616 are addressed.
-      // We cannot currently enforce "not-allowed", so don't allow it.
-      // Note: Removing this check will expose crbug.com/460616.
-      if (requirement == EME_FEATURE_NOT_ALLOWED)
-        return false;
-      return (requirement != EME_FEATURE_REQUIRED) || is_permission_granted;
-    case EME_FEATURE_REQUESTABLE:
-      NOTREACHED();
-      return true;
-    case EME_FEATURE_ALWAYS_ENABLED:
-      // Distinctive identifiers always require user permission.
-      return (requirement != EME_FEATURE_NOT_ALLOWED) && is_permission_granted;
+  EmeFeatureSupport support =
+      key_system_iter->second.distinctive_identifier_support;
+  if (support == EME_FEATURE_NOT_SUPPORTED &&
+      requirement == EME_FEATURE_REQUIRED) {
+    return EME_REQUIREMENT_NOT_SUPPORTED;
+  }
+  if (support == EME_FEATURE_ALWAYS_ENABLED &&
+      requirement == EME_FEATURE_NOT_ALLOWED) {
+    return EME_REQUIREMENT_NOT_SUPPORTED;
   }
 
-  NOTREACHED();
-  return false;
+  // Permission is always required, but permission for optional requirements
+  // will be handled when they are resolved to a specific value.
+  if (requirement == EME_FEATURE_REQUIRED) {
+    return EME_REQUIREMENT_SUPPORTED_WITH_PERMISSION;
+  }
+  return EME_REQUIREMENT_SUPPORTED;
 }
 
 void KeySystems::AddContainerMask(const std::string& container, uint32 mask) {
   DCHECK(thread_checker_.CalledOnValidThread());
   DCHECK(!container_to_codec_mask_map_.count(container));
   container_to_codec_mask_map_[container] = static_cast<EmeCodec>(mask);
 }
 
 void KeySystems::AddCodecMask(const std::string& codec, uint32 mask) {
   DCHECK(thread_checker_.CalledOnValidThread());
@@ skipping 84 matching lines @@
 bool CanUseAesDecryptor(const std::string& concrete_key_system) {
   return KeySystems::GetInstance().UseAesDecryptor(concrete_key_system);
 }
 
 #if defined(ENABLE_PEPPER_CDMS)
 std::string GetPepperType(const std::string& concrete_key_system) {
   return KeySystems::GetInstance().GetPepperType(concrete_key_system);
 }
 #endif
 
-bool IsPersistentLicenseSessionSupported(
+EmeRequirementSupport GetRobustnessRequirementSupport(
     const std::string& key_system,
-    bool is_permission_granted) {
-  return KeySystems::GetInstance().IsPersistentLicenseSessionSupported(
-      key_system, is_permission_granted);
+    EmeMediaType media_type,
+    EmeRobustness robustness) {
+  return KeySystems::GetInstance().GetRobustnessRequirementSupport(
+      key_system, media_type, robustness);
 }
 
-bool IsPersistentReleaseMessageSessionSupported(
-    const std::string& key_system,
-    bool is_permission_granted) {
-  return KeySystems::GetInstance().IsPersistentReleaseMessageSessionSupported(
-      key_system, is_permission_granted);
+EmeRequirementSupport GetPersistentLicenseSessionSupport(
+    const std::string& key_system) {
+  return KeySystems::GetInstance().GetPersistentLicenseSessionSupport(
+      key_system);
 }
 
-bool IsPersistentStateRequirementSupported(
-    const std::string& key_system,
-    EmeFeatureRequirement requirement,
-    bool is_permission_granted) {
-  return KeySystems::GetInstance().IsPersistentStateRequirementSupported(
-      key_system, requirement, is_permission_granted);
+EmeRequirementSupport GetPersistentReleaseMessageSessionSupport(
+    const std::string& key_system) {
+  return KeySystems::GetInstance().GetPersistentReleaseMessageSessionSupport(
+      key_system);
 }
 
-bool IsDistinctiveIdentifierRequirementSupported(
+EmeRequirementSupport GetPersistentStateRequirementSupport(
     const std::string& key_system,
-    EmeFeatureRequirement requirement,
-    bool is_permission_granted) {
-  return KeySystems::GetInstance().IsDistinctiveIdentifierRequirementSupported(
-      key_system, requirement, is_permission_granted);
+    EmeFeatureRequirement requirement) {
+  return KeySystems::GetInstance().GetPersistentStateRequirementSupport(
+      key_system, requirement);
+}
+
+EmeRequirementSupport GetDistinctiveIdentifierRequirementSupport(
+    const std::string& key_system,
+    EmeFeatureRequirement requirement) {
+  return KeySystems::GetInstance().GetDistinctiveIdentifierRequirementSupport(
+      key_system, requirement);
 }
 
 // These two functions are for testing purpose only. The declaration in the
 // header file is guarded by "#if defined(UNIT_TEST)" so that they can be used
 // by tests but not non-test code. However, this .cc file is compiled as part of
 // "media" where "UNIT_TEST" is not defined. So we need to specify
 // "MEDIA_EXPORT" here again so that they are visible to tests.
 
 MEDIA_EXPORT void AddContainerMask(const std::string& container, uint32 mask) {
   KeySystems::GetInstance().AddContainerMask(container, mask);
 }
 
 MEDIA_EXPORT void AddCodecMask(const std::string& codec, uint32 mask) {
   KeySystems::GetInstance().AddCodecMask(codec, mask);
 }
 
 }  // namespace media