Index: content_decryption_module.h |
diff --git a/content_decryption_module.h b/content_decryption_module.h |
index 407b022cb5a75117bf510c0399bb00a136297d9c..2ce0807fd912707303aab4cadbad145ad09b83f1 100644 |
--- a/content_decryption_module.h |
+++ b/content_decryption_module.h |
@@ -81,6 +81,7 @@ class VideoFrame; |
class Host_6; |
class Host_7; |
+class Host_8; |
enum Status { |
kSuccess = 0, |
@@ -305,7 +306,9 @@ enum KeyStatus { |
kUsable = 0, |
kInternalError = 1, |
kExpired = 2, |
- kOutputNotAllowed = 3 |
+ kOutputNotAllowed = 3, |
+ kOutputDownscaled = 4, |
+ kStatusPending = 5 |
}; |
// Used when passing arrays of key information. Does not own the referenced |
@@ -345,6 +348,14 @@ enum QueryResult { |
kQueryFailed |
}; |
+// The Initialization Data Type. The valid types are defined in the spec: |
+// http://w3c.github.io/encrypted-media/initdata-format-registry.html#registry |
+enum InitDataType { |
+ kCenc = 0, |
+ kKeyIds = 1, |
+ kWebM = 2 |
+}; |
+ |
// The type of session to create. The valid types are defined in the spec: |
// https://w3c.github.io/encrypted-media/#idl-def-SessionType |
enum SessionType { |
@@ -803,7 +814,195 @@ class ContentDecryptionModule_7 { |
virtual ~ContentDecryptionModule_7() {} |
}; |
-typedef ContentDecryptionModule_7 ContentDecryptionModule; |
+// ContentDecryptionModule interface that all CDMs need to implement. |
+// The interface is versioned for backward compatibility. |
+// Note: ContentDecryptionModule implementations must use the allocator |
+// provided in CreateCdmInstance() to allocate any Buffer that needs to |
+// be passed back to the caller. Implementations must call Buffer::Destroy() |
+// when a Buffer is created that will never be returned to the caller. |
+class ContentDecryptionModule_8 { |
+ public: |
+ static const int kVersion = 8; |
+ typedef Host_8 Host; |
+ |
+ // Initializes the CDM instance, providing information about permitted |
+ // functionalities. |
+ // If |allow_distinctive_identifier| is false, messages from the CDM, |
+ // such as message events, must not contain a Distinctive Identifier, |
+ // even in an encrypted form. |
+ // If |allow_persistent_state| is false, the CDM must not attempt to |
+ // persist state. Calls to CreateFileIO() will fail. |
+ virtual void Initialize(bool allow_distinctive_identifier, |
+ bool allow_persistent_state) = 0; |
+ |
+ // SetServerCertificate(), CreateSessionAndGenerateRequest(), LoadSession(), |
+ // UpdateSession(), CloseSession(), and RemoveSession() all accept a |
+ // |promise_id|, which must be passed to the completion Host method |
+ // (e.g. Host::OnResolveNewSessionPromise()). |
+ |
+ // Provides a server certificate to be used to encrypt messages to the |
+ // license server. The CDM must respond by calling either |
+ // Host::OnResolvePromise() or Host::OnRejectPromise(). |
+ virtual void SetServerCertificate(uint32_t promise_id, |
+ const uint8_t* server_certificate_data, |
+ uint32_t server_certificate_data_size) = 0; |
+ |
+ // Creates a session given |session_type|, |init_data_type|, and |init_data|. |
+ // The CDM must respond by calling either Host::OnResolveNewSessionPromise() |
+ // or Host::OnRejectPromise(). |
+ virtual void CreateSessionAndGenerateRequest(uint32_t promise_id, |
+ SessionType session_type, |
+ InitDataType init_data_type, |
+ const uint8_t* init_data, |
+ uint32_t init_data_size) = 0; |
+ |
+ // Loads the session of type |session_type| specified by |session_id|. |
+ // The CDM must respond by calling either Host::OnResolveNewSessionPromise() |
+ // or Host::OnRejectPromise(). If the session is not found, call |
+ // Host::OnResolveNewSessionPromise() with session_id = NULL. |
+ virtual void LoadSession(uint32_t promise_id, |
+ SessionType session_type, |
+ const char* session_id, |
+ uint32_t session_id_size) = 0; |
+ |
+ // Updates the session with |response|. The CDM must respond by calling |
+ // either Host::OnResolvePromise() or Host::OnRejectPromise(). |
+ virtual void UpdateSession(uint32_t promise_id, |
+ const char* session_id, |
+ uint32_t session_id_size, |
+ const uint8_t* response, |
+ uint32_t response_size) = 0; |
+ |
+ // Requests that the CDM close the session. The CDM must respond by calling |
+ // either Host::OnResolvePromise() or Host::OnRejectPromise() when the request |
+ // has been processed. This may be before the session is closed. Once the |
+ // session is closed, Host::OnSessionClosed() must also be called. |
+ virtual void CloseSession(uint32_t promise_id, |
+ const char* session_id, |
+ uint32_t session_id_size) = 0; |
+ |
+ // Removes any stored session data associated with this session. Will only be |
+ // called for persistent sessions. The CDM must respond by calling either |
+ // Host::OnResolvePromise() or Host::OnRejectPromise() when the request has |
+ // been processed. |
+ virtual void RemoveSession(uint32_t promise_id, |
+ const char* session_id, |
+ uint32_t session_id_size) = 0; |
+ |
+ // Performs scheduled operation with |context| when the timer fires. |
+ virtual void TimerExpired(void* context) = 0; |
+ |
+ // Decrypts the |encrypted_buffer|. |
+ // |
+ // Returns kSuccess if decryption succeeded, in which case the callee |
+ // should have filled the |decrypted_buffer| and passed the ownership of |
+ // |data| in |decrypted_buffer| to the caller. |
+ // Returns kNoKey if the CDM did not have the necessary decryption key |
+ // to decrypt. |
+ // Returns kDecryptError if any other error happened. |
+ // If the return value is not kSuccess, |decrypted_buffer| should be ignored |
+ // by the caller. |
+ virtual Status Decrypt(const InputBuffer& encrypted_buffer, |
+ DecryptedBlock* decrypted_buffer) = 0; |
+ |
+ // Initializes the CDM audio decoder with |audio_decoder_config|. This |
+ // function must be called before DecryptAndDecodeSamples() is called. |
+ // |
+ // Returns kSuccess if the |audio_decoder_config| is supported and the CDM |
+ // audio decoder is successfully initialized. |
+ // Returns kSessionError if |audio_decoder_config| is not supported. The CDM |
+ // may still be able to do Decrypt(). |
+ // Returns kDeferredInitialization if the CDM is not ready to initialize the |
+ // decoder at this time. Must call Host::OnDeferredInitializationDone() once |
+ // initialization is complete. |
+ virtual Status InitializeAudioDecoder( |
+ const AudioDecoderConfig& audio_decoder_config) = 0; |
+ |
+ // Initializes the CDM video decoder with |video_decoder_config|. This |
+ // function must be called before DecryptAndDecodeFrame() is called. |
+ // |
+ // Returns kSuccess if the |video_decoder_config| is supported and the CDM |
+ // video decoder is successfully initialized. |
+ // Returns kSessionError if |video_decoder_config| is not supported. The CDM |
+ // may still be able to do Decrypt(). |
+ // Returns kDeferredInitialization if the CDM is not ready to initialize the |
+ // decoder at this time. Must call Host::OnDeferredInitializationDone() once |
+ // initialization is complete. |
+ virtual Status InitializeVideoDecoder( |
+ const VideoDecoderConfig& video_decoder_config) = 0; |
+ |
+ // De-initializes the CDM decoder and sets it to an uninitialized state. The |
+ // caller can initialize the decoder again after this call to re-initialize |
+ // it. This can be used to reconfigure the decoder if the configuration |
+ // changes. |
+ virtual void DeinitializeDecoder(StreamType decoder_type) = 0; |
+ |
+ // Resets the CDM decoder to an initialized clean state. All internal buffers |
+ // MUST be flushed. |
+ virtual void ResetDecoder(StreamType decoder_type) = 0; |
+ |
+ // Decrypts the |encrypted_buffer| and decodes the decrypted buffer into a |
+ // |video_frame|. Upon end-of-stream, the caller should call this function |
+ // repeatedly with empty |encrypted_buffer| (|data| == NULL) until only empty |
+ // |video_frame| (|format| == kEmptyVideoFrame) is produced. |
+ // |
+ // Returns kSuccess if decryption and decoding both succeeded, in which case |
+ // the callee will have filled the |video_frame| and passed the ownership of |
+ // |frame_buffer| in |video_frame| to the caller. |
+ // Returns kNoKey if the CDM did not have the necessary decryption key |
+ // to decrypt. |
+ // Returns kNeedMoreData if more data was needed by the decoder to generate |
+ // a decoded frame (e.g. during initialization and end-of-stream). |
+ // Returns kDecryptError if any decryption error happened. |
+ // Returns kDecodeError if any decoding error happened. |
+ // If the return value is not kSuccess, |video_frame| should be ignored by |
+ // the caller. |
+ virtual Status DecryptAndDecodeFrame(const InputBuffer& encrypted_buffer, |
+ VideoFrame* video_frame) = 0; |
+ |
+ // Decrypts the |encrypted_buffer| and decodes the decrypted buffer into |
+ // |audio_frames|. Upon end-of-stream, the caller should call this function |
+ // repeatedly with empty |encrypted_buffer| (|data| == NULL) until only empty |
+ // |audio_frames| is produced. |
+ // |
+ // Returns kSuccess if decryption and decoding both succeeded, in which case |
+ // the callee will have filled |audio_frames| and passed the ownership of |
+ // |data| in |audio_frames| to the caller. |
+ // Returns kNoKey if the CDM did not have the necessary decryption key |
+ // to decrypt. |
+ // Returns kNeedMoreData if more data was needed by the decoder to generate |
+ // audio samples (e.g. during initialization and end-of-stream). |
+ // Returns kDecryptError if any decryption error happened. |
+ // Returns kDecodeError if any decoding error happened. |
+ // If the return value is not kSuccess, |audio_frames| should be ignored by |
+ // the caller. |
+ virtual Status DecryptAndDecodeSamples(const InputBuffer& encrypted_buffer, |
+ AudioFrames* audio_frames) = 0; |
+ |
+ // Called by the host after a platform challenge was initiated via |
+ // Host::SendPlatformChallenge(). |
+ virtual void OnPlatformChallengeResponse( |
+ const PlatformChallengeResponse& response) = 0; |
+ |
+ // Called by the host after a call to Host::QueryOutputProtectionStatus(). The |
+ // |link_mask| is a bit mask of OutputLinkTypes and |output_protection_mask| |
+ // is a bit mask of OutputProtectionMethods. If |result| is kQueryFailed, |
+ // then |link_mask| and |output_protection_mask| are undefined and should |
+ // be ignored. |
+ virtual void OnQueryOutputProtectionStatus( |
+ QueryResult result, |
+ uint32_t link_mask, |
+ uint32_t output_protection_mask) = 0; |
+ |
+ // Destroys the object in the same context as it was created. |
+ virtual void Destroy() = 0; |
+ |
+ protected: |
+ ContentDecryptionModule_8() {} |
+ virtual ~ContentDecryptionModule_8() {} |
+}; |
+ |
+typedef ContentDecryptionModule_8 ContentDecryptionModule; |
// Represents a buffer created by Allocator implementations. |
class Buffer { |
@@ -1090,6 +1289,143 @@ class Host_7 { |
virtual ~Host_7() {} |
}; |
+class Host_8 { |
+ public: |
+ static const int kVersion = 8; |
+ |
+ // Returns a Buffer* containing non-zero members upon success, or NULL on |
+ // failure. The caller owns the Buffer* after this call. The buffer is not |
+ // guaranteed to be zero initialized. The capacity of the allocated Buffer |
+ // is guaranteed to be not less than |capacity|. |
+ virtual Buffer* Allocate(uint32_t capacity) = 0; |
+ |
+ // Requests the host to call ContentDecryptionModule::TimerFired() |delay_ms| |
+ // from now with |context|. |
+ virtual void SetTimer(int64_t delay_ms, void* context) = 0; |
+ |
+ // Returns the current wall time in seconds. |
+ virtual Time GetCurrentWallTime() = 0; |
+ |
+ // Called by the CDM when a session is created or loaded and the value for the |
+ // MediaKeySession's sessionId attribute is available (|session_id|). |
+ // This must be called before OnSessionMessage() or |
+ // OnSessionKeysChange() is called for the same session. |session_id_size| |
+ // should not include null termination. |
+ // When called in response to LoadSession(), the |session_id| must be the |
+ // same as the |session_id| passed in LoadSession(), or NULL if the |
+ // session could not be loaded. |
+ virtual void OnResolveNewSessionPromise(uint32_t promise_id, |
+ const char* session_id, |
+ uint32_t session_id_size) = 0; |
+ |
+ // Called by the CDM when a session is updated or released. |
+ virtual void OnResolvePromise(uint32_t promise_id) = 0; |
+ |
+ // Called by the CDM when an error occurs as a result of one of the |
+ // ContentDecryptionModule calls that accept a |promise_id|. |
+ // |error| must be specified, |error_message| and |system_code| |
+ // are optional. |error_message_size| should not include null termination. |
+ virtual void OnRejectPromise(uint32_t promise_id, |
+ Error error, |
+ uint32_t system_code, |
+ const char* error_message, |
+ uint32_t error_message_size) = 0; |
+ |
+ // Called by the CDM when it has a message for session |session_id|. |
+ // Size parameters should not include null termination. |
+ // |legacy_destination_url| is only for supporting the prefixed EME API and |
+ // is ignored by unprefixed EME. It should only be non-null if |message_type| |
+ // is kLicenseRenewal. |
+ virtual void OnSessionMessage(const char* session_id, |
+ uint32_t session_id_size, |
+ MessageType message_type, |
+ const char* message, |
+ uint32_t message_size, |
+ const char* legacy_destination_url, |
+ uint32_t legacy_destination_url_length) = 0; |
+ |
+ // Called by the CDM when there has been a change in keys or their status for |
+ // session |session_id|. |has_additional_usable_key| should be set if a |
+ // key is newly usable (e.g. new key available, previously expired key has |
+ // been renewed, etc.) and the browser should attempt to resume playback. |
+ // |key_ids| is the list of key ids for this session along with their |
+ // current status. |key_ids_count| is the number of entries in |key_ids|. |
+ // Size parameter for |session_id| should not include null termination. |
+ virtual void OnSessionKeysChange(const char* session_id, |
+ uint32_t session_id_size, |
+ bool has_additional_usable_key, |
+ const KeyInformation* keys_info, |
+ uint32_t keys_info_count) = 0; |
+ |
+ // Called by the CDM when there has been a change in the expiration time for |
+ // session |session_id|. This can happen as the result of an Update() call |
+ // or some other event. If this happens as a result of a call to Update(), |
+ // it must be called before resolving the Update() promise. |new_expiry_time| |
+ // can be 0 to represent "undefined". Size parameter should not include |
+ // null termination. |
+ virtual void OnExpirationChange(const char* session_id, |
+ uint32_t session_id_size, |
+ Time new_expiry_time) = 0; |
+ |
+ // Called by the CDM when session |session_id| is closed. Size |
+ // parameter should not include null termination. |
+ virtual void OnSessionClosed(const char* session_id, |
+ uint32_t session_id_size) = 0; |
+ |
+ // Called by the CDM when an error occurs in session |session_id| |
+ // unrelated to one of the ContentDecryptionModule calls that accept a |
+ // |promise_id|. |error| must be specified, |error_message| and |
+ // |system_code| are optional. Length parameters should not include null |
+ // termination. |
+ // Note: |
+ // - This method is only for supporting prefixed EME API. |
+ // - This method will be ignored by unprefixed EME. All errors reported |
+ // in this method should probably also be reported by one of other methods. |
+ virtual void OnLegacySessionError( |
+ const char* session_id, uint32_t session_id_length, |
+ Error error, |
+ uint32_t system_code, |
+ const char* error_message, uint32_t error_message_length) = 0; |
+ |
+ // The following are optional methods that may not be implemented on all |
+ // platforms. |
+ |
+ // Sends a platform challenge for the given |service_id|. |challenge| is at |
+ // most 256 bits of data to be signed. Once the challenge has been completed, |
+ // the host will call ContentDecryptionModule::OnPlatformChallengeResponse() |
+ // with the signed challenge response and platform certificate. Size |
+ // parameters should not include null termination. |
+ virtual void SendPlatformChallenge(const char* service_id, |
+ uint32_t service_id_size, |
+ const char* challenge, |
+ uint32_t challenge_size) = 0; |
+ |
+ // Attempts to enable output protection (e.g. HDCP) on the display link. The |
+ // |desired_protection_mask| is a bit mask of OutputProtectionMethods. No |
+ // status callback is issued, the CDM must call QueryOutputProtectionStatus() |
+ // periodically to ensure the desired protections are applied. |
+ virtual void EnableOutputProtection(uint32_t desired_protection_mask) = 0; |
+ |
+ // Requests the current output protection status. Once the host has the status |
+ // it will call ContentDecryptionModule::OnQueryOutputProtectionStatus(). |
+ virtual void QueryOutputProtectionStatus() = 0; |
+ |
+ // Must be called by the CDM if it returned kDeferredInitialization during |
+ // InitializeAudioDecoder() or InitializeVideoDecoder(). |
+ virtual void OnDeferredInitializationDone(StreamType stream_type, |
+ Status decoder_status) = 0; |
+ |
+ // Creates a FileIO object from the host to do file IO operation. Returns NULL |
+ // if a FileIO object cannot be obtained. Once a valid FileIO object is |
+ // returned, |client| must be valid until FileIO::Close() is called. The |
+ // CDM can call this method multiple times to operate on different files. |
+ virtual FileIO* CreateFileIO(FileIOClient* client) = 0; |
+ |
+ protected: |
+ Host_8() {} |
+ virtual ~Host_8() {} |
+}; |
+ |
// Represents a decrypted block that has not been decoded. |
class DecryptedBlock { |
public: |