blob: c1ded7835d51d66cabf1d7be46c0c6af88796a61 [file] [log] [blame]
// Copyright 2016 The Cobalt Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Module Overview: Starboard DRM module
//
// Provides definitions that allow for DRM support, which are common
// between Player and Decoder interfaces.
#ifndef STARBOARD_DRM_H_
#define STARBOARD_DRM_H_
#include "starboard/export.h"
#include "starboard/types.h"
#ifdef __cplusplus
extern "C" {
#endif
// --- Types -----------------------------------------------------------------
// The type of the session request.
// https://www.w3.org/TR/encrypted-media/#idl-def-mediakeymessagetype
typedef enum SbDrmSessionRequestType {
kSbDrmSessionRequestTypeLicenseRequest,
kSbDrmSessionRequestTypeLicenseRenewal,
kSbDrmSessionRequestTypeLicenseRelease,
kSbDrmSessionRequestTypeIndividualizationRequest,
} SbDrmSessionRequestType;
// The status of session related operations.
// Used by |SbDrmSessionUpdateRequestFunc|, |SbDrmSessionUpdatedFunc|, and
// |SbDrmServerCertificateUpdatedFunc| to indicate the status of the operation.
// https://w3c.github.io/encrypted-media/#error-names
typedef enum SbDrmStatus {
kSbDrmStatusSuccess,
kSbDrmStatusTypeError,
kSbDrmStatusNotSupportedError,
kSbDrmStatusInvalidStateError,
kSbDrmStatusQuotaExceededError,
// The kSbDrmStatusUnknownError can be used when the error status cannot be
// mapped to one of the rest errors. New error codes (if needed) should be
// added before kSbDrmStatusUnknownError.
kSbDrmStatusUnknownError,
} SbDrmStatus;
// Status of a particular media key.
// https://www.w3.org/TR/encrypted-media/#idl-def-mediakeystatus
typedef enum SbDrmKeyStatus {
kSbDrmKeyStatusUsable,
kSbDrmKeyStatusExpired,
kSbDrmKeyStatusReleased,
kSbDrmKeyStatusRestricted,
kSbDrmKeyStatusDownscaled,
kSbDrmKeyStatusPending,
kSbDrmKeyStatusError,
} SbDrmKeyStatus;
// A mapping of clear and encrypted bytes for a single subsample. All subsamples
// within a sample must be encrypted with the same encryption parameters. The
// clear bytes always appear first in the sample.
typedef struct SbDrmSubSampleMapping {
// How many bytes of the corresponding subsample are not encrypted
int32_t clear_byte_count;
// How many bytes of the corresponding subsample are encrypted.
int32_t encrypted_byte_count;
} SbDrmSubSampleMapping;
typedef struct SbDrmKeyId {
// The ID of the license (or key) required to decrypt this sample. For
// PlayReady, this is the license GUID in packed little-endian binary form.
uint8_t identifier[16];
int identifier_size;
} SbDrmKeyId;
// Encryption scheme of the input sample, as defined in ISO/IEC 23001 part 7.
typedef enum SbDrmEncryptionScheme {
kSbDrmEncryptionSchemeAesCtr,
kSbDrmEncryptionSchemeAesCbc,
} SbDrmEncryptionScheme;
// Encryption pattern of the input sample, as defined in ISO/IEC 23001 part 7.
typedef struct SbDrmEncryptionPattern {
uint32_t crypt_byte_block;
uint32_t skip_byte_block;
} SbDrmEncryptionPattern;
// All the optional information needed per sample for encrypted samples.
typedef struct SbDrmSampleInfo {
// The encryption scheme of this sample.
SbDrmEncryptionScheme encryption_scheme;
// The encryption pattern of this sample.
SbDrmEncryptionPattern encryption_pattern;
// The Initialization Vector needed to decrypt this sample.
uint8_t initialization_vector[16];
int initialization_vector_size;
// The ID of the license (or key) required to decrypt this sample. For
// PlayReady, this is the license GUID in packed little-endian binary form.
uint8_t identifier[16];
int identifier_size;
// The number of subsamples in this sample, must be at least 1.
int32_t subsample_count;
// The clear/encrypted mapping of each subsample in this sample. This must be
// an array of |subsample_count| mappings.
const SbDrmSubSampleMapping* subsample_mapping;
} SbDrmSampleInfo;
// A handle to a DRM system which can be used with either an SbDecoder or an
// SbPlayer.
typedef struct SbDrmSystemPrivate* SbDrmSystem;
// A callback that will receive generated session update request when requested
// from a SbDrmSystem. |drm_system| will be the DRM system that
// SbDrmGenerateSessionUpdateRequest() was called on. |context| will be the same
// context that was passed into the call to SbDrmCreateSystem().
//
// |status| is the status of the session request.
//
// |type| is the status of the session request.
//
// |error_message| may contain an optional error message when |status| isn't
// |kSbDrmStatusSuccess| to provide more details about the error. It may be
// NULL if |status| is |kSbDrmStatusSuccess| or if no error message can be
// provided.
//
// |ticket| will be the same ticket that was passed to
// SbDrmGenerateSessionUpdateRequest() or |kSbDrmTicketInvalid| if the update
// request was generated by the DRM system.
//
// |session_id| cannot be NULL when |ticket| is |kSbDrmTicketInvalid|, even when
// there was an error generating the request. This allows Cobalt to find and
// reject the correct Promise corresponding to the associated
// SbDrmGenerateSessionUpdateRequest().
typedef void (*SbDrmSessionUpdateRequestFunc)(SbDrmSystem drm_system,
void* context,
int ticket,
SbDrmStatus status,
SbDrmSessionRequestType type,
const char* error_message,
const void* session_id,
int session_id_size,
const void* content,
int content_size,
const char* url);
// A callback for notifications that a session has been added, and subsequent
// encrypted samples are actively ready to be decoded. |drm_system| will be the
// DRM system that SbDrmUpdateSession() was called on. |context| will be the
// same context passed into that call to SbDrmCreateSystem().
//
// |ticket| will be the same ticket that was passed to SbDrmUpdateSession().
//
// |status| is the status of the session request.
//
// |error_message| may contain an optional error message when |status| isn't
// |kSbDrmStatusSuccess| to provide more details about the error. It may be
// NULL if |status| is |kSbDrmStatusSuccess| or if no error message can be
// provided.
// |succeeded| is whether the session was successfully updated or not.
typedef void (*SbDrmSessionUpdatedFunc)(SbDrmSystem drm_system,
void* context,
int ticket,
SbDrmStatus status,
const char* error_message,
const void* session_id,
int session_id_size);
// A callback for notifications that the status of one or more keys in a session
// has been changed. A pointer to an array of all keys |key_ids| of the session
// and their new status will be passed along. Any keys not in the list are
// considered as deleted.
//
// |number_of_keys| is the number of keys.
//
// |key_ids| is a pointer to an array of keys.
//
// |key_statuses| is a pointer of a vector contains the status of each key.
typedef void (*SbDrmSessionKeyStatusesChangedFunc)(
SbDrmSystem drm_system,
void* context,
const void* session_id,
int session_id_size,
int number_of_keys,
const SbDrmKeyId* key_ids,
const SbDrmKeyStatus* key_statuses);
// A callback for signalling that a session has been closed by the SbDrmSystem.
typedef void (*SbDrmSessionClosedFunc)(SbDrmSystem drm_system,
void* context,
const void* session_id,
int session_id_size);
// A callback to notify the caller of SbDrmUpdateServerCertificate() whether the
// update has been successfully updated or not.
typedef void (*SbDrmServerCertificateUpdatedFunc)(SbDrmSystem drm_system,
void* context,
int ticket,
SbDrmStatus status,
const char* error_message);
// --- Constants -------------------------------------------------------------
// An invalid SbDrmSystem.
#define kSbDrmSystemInvalid ((SbDrmSystem)NULL)
// A ticket for callback invocations initiated by the DRM system.
#define kSbDrmTicketInvalid kSbInvalidInt
// --- Functions -------------------------------------------------------------
// Indicates whether |drm_system| is a valid SbDrmSystem.
static SB_C_FORCE_INLINE bool SbDrmSystemIsValid(SbDrmSystem drm) {
return drm != kSbDrmSystemInvalid;
}
// Indicates whether |ticket| is a valid ticket.
static SB_C_FORCE_INLINE bool SbDrmTicketIsValid(int ticket) {
return ticket != kSbDrmTicketInvalid;
}
// Creates a new DRM system that can be used when constructing an SbPlayer or an
// SbDecoder.
//
// This function returns |kSbDrmSystemInvalid| if |key_system| is unsupported.
//
// Also see the documentation of SbDrmGenerateSessionUpdateRequest() and
// SbDrmUpdateSession() for more details.
//
// |key_system|: The DRM key system to be created. The value should be in the
// form of "com.example.somesystem". All letters in the value
// should be lowercase and will be matched exactly with known DRM key systems of
// the platform. Note the key system will be matched case sensitive. For more
// details, refer to https://w3c.github.io/encrypted-media/#dfn-key-system-s
//
// |context|: A value passed when any of this function's callback parameters are
// called.
//
// |update_request_callback|: A function that is called every time after
// SbDrmGenerateSessionUpdateRequest() is called.
//
// |session_updated_callback|: A function that is called every time after
// SbDrmUpdateSession() is called.
//
// |key_statuses_changed_callback|: A function that can be called to indicate
// that key statuses have changed.
//
// |server_certificate_updated_callback|: A function that is called to report
// whether the server certificate has been successfully updated. It is called
// once and only once. It is possible that the callback is called before the
// function returns.
//
// |session_closed_callback|: A function that can be called to indicate that a
// session has closed.
// If |NULL| is passed for any of the callbacks (|update_request_callback|,
// |session_updated_callback|, |key_statuses_changed_callback|,
// |server_certificate_updated_callback|, or |session_closed_callback|), then
// |kSbDrmSystemInvalid| must be returned.
SB_EXPORT SbDrmSystem SbDrmCreateSystem(
const char* key_system,
void* context,
SbDrmSessionUpdateRequestFunc update_request_callback,
SbDrmSessionUpdatedFunc session_updated_callback,
SbDrmSessionKeyStatusesChangedFunc key_statuses_changed_callback,
SbDrmServerCertificateUpdatedFunc server_certificate_updated_callback,
SbDrmSessionClosedFunc session_closed_callback);
// Asynchronously generates a session update request payload for
// |initialization_data|, of |initialization_data_size|, in case sensitive
// |type|, extracted from the media stream, in |drm_system|'s key system.
//
// This function calls |drm_system|'s |update_request_callback| function,
// which is defined when the DRM system is created by SbDrmCreateSystem. When
// calling that function, this function either sends |context| (also from
// |SbDrmCreateSystem|) and a populated request, or it sends NULL |session_id|
// if an error occurred.
//
// |drm_system|'s |context| may be used to route callbacks back to an object
// instance.
//
// Callbacks may be called either from the current thread before this function
// returns or from another thread.
//
// |drm_system|: The DRM system that defines the key system used for the session
// update request payload as well as the callback function that is called as a
// result of the function being called. Must not be |kSbDrmSystemInvalid|.
//
// |ticket|: The opaque ID that allows to distinguish callbacks from multiple
// concurrent calls to SbDrmGenerateSessionUpdateRequest(), which will be passed
// to |update_request_callback| as-is. It is the responsibility of the caller to
// establish ticket uniqueness, issuing multiple requests with the same ticket
// may result in undefined behavior. The value |kSbDrmTicketInvalid| must not be
// used.
//
// |type|: The case-sensitive type of the session update request payload. Must
// not be NULL.
//
// |initialization_data|: The data for which the session update
// request payload is created. Must not be NULL.
//
// |initialization_data_size|: The size of the session update request payload.
SB_EXPORT void SbDrmGenerateSessionUpdateRequest(
SbDrmSystem drm_system,
int ticket,
const char* type,
const void* initialization_data,
int initialization_data_size);
// Update session with |key|, in |drm_system|'s key system, from the license
// server response. Calls |session_updated_callback| with |context| and whether
// the update succeeded. |context| may be used to route callbacks back to an
// object instance. The |key| must not be NULL.
//
// |drm_system| must not be |kSbDrmSystemInvalid|.
// |ticket| is the opaque ID that allows to distinguish callbacks from multiple
// concurrent calls to SbDrmUpdateSession(), which will be passed to
// |session_updated_callback| as-is. It is the responsibility of the caller to
// establish ticket uniqueness, issuing multiple calls with the same ticket may
// result in undefined behavior.
//
// Once the session is successfully updated, an SbPlayer or SbDecoder associated
// with that DRM key system will be able to decrypt encrypted samples.
//
// |drm_system|'s |session_updated_callback| may called either from the current
// thread before this function returns or from another thread.
// The |session_id| must not be NULL.
SB_EXPORT void SbDrmUpdateSession(SbDrmSystem drm_system,
int ticket,
const void* key,
int key_size,
const void* session_id,
int session_id_size);
// Clear any internal states/resources related to the specified |session_id|.
//
// |drm_system| must not be |kSbDrmSystemInvalid|.
// |session_id| must not be NULL.
SB_EXPORT void SbDrmCloseSession(SbDrmSystem drm_system,
const void* session_id,
int session_id_size);
// Returns true if server certificate of |drm_system| can be updated via
// SbDrmUpdateServerCertificate(). The return value should remain the same
// during the life time of |drm_system|.
//
// |drm_system|: The DRM system to check if its server certificate is updatable.
// Must not be |kSbDrmSystemInvalid|.
SB_EXPORT bool SbDrmIsServerCertificateUpdatable(SbDrmSystem drm_system);
// Update the server certificate of |drm_system|. The function can be called
// multiple times. It is possible that a call to it happens before the callback
// of a previous call is called.
// Note that this function should only be called after
// |SbDrmIsServerCertificateUpdatable| is called first and returned true.
//
// |drm_system|: The DRM system whose server certificate is being updated. Must
// not be |kSbDrmSystemInvalid|.
//
// |ticket|: The opaque ID that allows to distinguish callbacks from multiple
// concurrent calls to SbDrmUpdateServerCertificate(), which will be passed to
// |server_certificate_updated_callback| as-is. It is the responsibility of
// the caller to establish ticket uniqueness, issuing multiple requests with
// the same ticket may result in undefined behavior. The value
// |kSbDrmTicketInvalid| must not be used.
//
// |certificate|: Pointer to the server certificate data. Must not be NULL.
//
// |certificate_size|: Size of the server certificate data.
SB_EXPORT void SbDrmUpdateServerCertificate(SbDrmSystem drm_system,
int ticket,
const void* certificate,
int certificate_size);
// Get the metrics of the underlying drm system.
//
// When it is called on an implementation that supports drm system metrics, it
// should return a pointer containing the metrics as a blob, encoded using url
// safe base64 without padding and line wrapping, with the size of the encoded
// result in |size| on return. For example, on Android API level 28 or later, it
// should return the result of MediaDrm.getPropertyByteArray("metrics"), encoded
// using url safe base64 without padding and line wrapping. On systems using
// Widevine CE CDM with oemcrypto 16 or later, it should return the metrics
// retrieved via Cdm::getMetrics(), encoded using url safe base64 without
// padding and line wrapping. The returned pointer should remain valid and its
// content should remain unmodified until the next time this function is called
// on the associated |drm_system| or the |drm_system| is destroyed.
//
// When the metrics is empty on supported system, it should return a non-null
// pointer with |size| set to 0.
//
// It should return NULL when there is no metrics support in the underlying drm
// system, or when the drm system implementation fails to retrieve the metrics.
//
// |drm_system| must not be |kSbDrmSystemInvalid|.
// |size| must not be NULL.
SB_EXPORT const void* SbDrmGetMetrics(SbDrmSystem drm_system, int* size);
// Destroys |drm_system|, which implicitly removes all keys installed in it and
// invalidates all outstanding session update requests. A DRM system cannot be
// destroyed unless any associated SbPlayer or SbDecoder has first been
// destroyed.
//
// All callbacks are guaranteed to be finished when this function returns. As a
// result, if this function is called from a callback that is passed to
// SbDrmCreateSystem(), a deadlock will occur.
//
// |drm_system|: The DRM system to be destroyed. Must not be
// |kSbDrmSystemInvalid|.
SB_EXPORT void SbDrmDestroySystem(SbDrmSystem drm_system);
#ifdef __cplusplus
} // extern "C"
#endif
#endif // STARBOARD_DRM_H_