Restrict use of hardware-secure codecs based on the RendererPreference.

media/blink/key_system_config_selector.cc

Index: media/blink/key_system_config_selector.cc
diff --git a/media/blink/key_system_config_selector.cc b/media/blink/key_system_config_selector.cc
index 324a28f6cec6f9c5612ba26d68b6a321e28cac03..07dcfa724442d9f9a8703ea1eea2f89bfda26b01 100644
--- a/media/blink/key_system_config_selector.cc
+++ b/media/blink/key_system_config_selector.cc
@@ -136,6 +136,9 @@ struct KeySystemConfigSelector::SelectionRequest {
   base::Callback<void(const blink::WebString&)> not_supported_cb;
   bool was_permission_requested = false;
   bool is_permission_granted = false;
+#if defined(OS_ANDROID)
+  bool allow_secure_surfaces = false;
+#endif  // defined(OS_ANDROID)
 };
 
 // Accumulates configuration rules to determine if a feature (additional
@@ -157,6 +160,8 @@ class KeySystemConfigSelector::ConfigState {
 
   bool IsIdentifierRecommended() const { return is_identifier_recommended_; }
 
+  bool AreSecureCodecsRequired() const { return are_secure_codecs_required_; }
+
   // Checks whether a rule is compatible with all previously added rules.
   bool IsRuleSupported(EmeConfigRule rule) const {
     switch (rule) {
@@ -392,7 +397,6 @@ KeySystemConfigSelector::GetSupportedConfiguration(
     const blink::WebMediaKeySystemConfiguration& candidate,
     ConfigState* config_state,
     blink::WebMediaKeySystemConfiguration* accumulated_configuration) {
-  // TODO(sandersd): Set state of SECURE_CODECS from renderer pref.
   // From https://w3c.github.io/encrypted-media/#get-supported-configuration
   // 1. Let accumulated configuration be empty. (Done by caller.)
   // 2. If the initDataTypes member is present in candidate configuration, run
@@ -670,6 +674,9 @@ KeySystemConfigSelector::GetSupportedConfiguration(
 
 void KeySystemConfigSelector::SelectConfig(
     const blink::WebString& key_system,
+#if defined(OS_ANDROID)
+    const bool allow_secure_surfaces,
+#endif  // defined(OS_ANDROID)
     const blink::WebVector<blink::WebMediaKeySystemConfiguration>&
         candidate_configurations,
     const blink::WebSecurityOrigin& security_origin,
@@ -697,6 +704,9 @@ void KeySystemConfigSelector::SelectConfig(
   // TODO(sandersd): This should be async, ideally not on the main thread.
   scoped_ptr<SelectionRequest> request(new SelectionRequest());
   request->key_system = key_system_ascii;
+#if defined(OS_ANDROID)
+  request->allow_secure_surfaces = allow_secure_surfaces;
+#endif  // defined(OS_ANDROID)
   request->candidate_configurations = candidate_configurations;
   request->security_origin = security_origin;
   request->succeeded_cb = succeeded_cb;
@@ -721,6 +731,14 @@ void KeySystemConfigSelector::SelectConfigInternal(
     //        new MediaKeySystemAccess object.]
     ConfigState config_state(request->was_permission_requested,
                              request->is_permission_granted);
+#if defined(OS_ANDROID)
+    // On Android, hardware-secure codecs are not allowed when the renderer
+    // preference is not enabled.

[ddorwin, 2015/05/06 02:17:11]

This comment is specific to code outside the function.

[sandersd (OOO until July 31), 2015/05/08 00:37:42]

Done.

+    DCHECK(config_state.IsRuleSupported(
+        EmeConfigRule::SECURE_CODECS_NOT_ALLOWED);
+    if (!request->allow_secure_surfaces)
+      config_state.AddRule(EmeConfigRule::SECURE_CODECS_NOT_ALLOWED);
+#endif  // defined(OS_ANDROID)
     blink::WebMediaKeySystemConfiguration accumulated_configuration;
     ConfigurationSupport support = GetSupportedConfiguration(
         request->key_system, request->candidate_configurations[i],
@@ -741,7 +759,12 @@ void KeySystemConfigSelector::SelectConfigInternal(
                        weak_factory_.GetWeakPtr(), base::Passed(&request)));
         return;
       case CONFIGURATION_SUPPORTED:
+#if defined(OS_ANDROID)
+        request->succeeded_cb.Run(accumulated_configuration,
+                                  config_state.AreSecureCodecsRequired());
+#else
         request->succeeded_cb.Run(accumulated_configuration);
+#endif  // defined(OS_ANDROID)
         return;
     }
   }