Home | History | Annotate | Download | only in clearkey 
      1 /*
      2  * Copyright (C) 2017 The Android Open Source Project
      3  *
      4  * Licensed under the Apache License, Version 2.0 (the "License");
      5  * you may not use this file except in compliance with the License.
      6  * You may obtain a copy of the License at
      7  *
      8  *      http://www.apache.org/licenses/LICENSE-2.0
      9  *
     10  * Unless required by applicable law or agreed to in writing, software
     11  * distributed under the License is distributed on an "AS IS" BASIS,
     12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13  * See the License for the specific language governing permissions and
     14  * limitations under the License.
     15  */
     16 
     17 //#define LOG_NDEBUG 0
     18 #define LOG_TAG "ClearKeyFetcher"
     19 
     20 #include <algorithm>
     21 #include <inttypes.h>
     22 #include <string>
     23 
     24 #include "ClearKeyFetcher.h"
     25 #include "ecm.h"
     26 #include "LicenseFetcher.h"
     27 
     28 #include <media/stagefright/foundation/ADebug.h>
     29 #include <utils/Log.h>
     30 
     31 namespace android {
     32 namespace clearkeycas {
     33 
     34 ClearKeyFetcher::ClearKeyFetcher(
     35         std::unique_ptr<LicenseFetcher> license_fetcher) :
     36     initialized_(false),
     37     license_fetcher_(std::move(license_fetcher)) {
     38     CHECK(license_fetcher_);
     39 }
     40 
     41 ClearKeyFetcher::~ClearKeyFetcher() {}
     42 
     43 // This is a no-op but other KeyFetcher subclasses require initialization
     44 // so this is necessary to preserve the contract.
     45 status_t ClearKeyFetcher::Init() {
     46     initialized_ = true;
     47     return OK;
     48 }
     49 
     50 status_t ClearKeyFetcher::ObtainKey(const sp<ABuffer>& buffer,
     51         uint64_t* asset_id, std::vector<KeyInfo>* keys) {
     52     CHECK(asset_id);
     53     CHECK(keys);
     54     CHECK(initialized_);
     55     *asset_id = 0;
     56     keys->clear();
     57 
     58     EcmContainer container;
     59     status_t status = container.Parse(buffer);
     60     if (status != OK) {
     61         return status;
     62     }
     63     ALOGV("descriptor_size=%zu", container.descriptor_size());
     64 
     65     // Sanity check to verify that the BroadcastEncryptor is sending a properly
     66     // formed EcmContainer. If it contains two Ecms, the ids should have different
     67     // parity (one odd, one even). This does not necessarily affect decryption
     68     // but indicates a problem with Ecm generation.
     69     if (container.descriptor_size() == 2) {
     70         // XOR the least significant bits to verify different parity.
     71         bool same_parity = (((container.descriptor(0).id() & 0x01) ^
     72                 (container.descriptor(1).id() & 0x01)) == 0);
     73         if (same_parity) {
     74             ALOGW("asset_id=%" PRIu64 ": malformed Ecm, "
     75                     "content keys have same parity, id0=%d, id1=%d",
     76                     container.descriptor(0).ecm().asset_id(),
     77                     container.descriptor(0).id(),
     78                     container.descriptor(1).id());
     79         }
     80     }
     81 
     82     *asset_id = container.descriptor(0).ecm().asset_id();
     83 
     84     // Detect asset_id change. This could be caused by a configuration change
     85     // in the BroadcastEncryptor. This is unusual so log it in case it is an
     86     // operational mistake. This invalidates the current asset_key causing a
     87     // new license to be fetched.
     88     // TODO(rkint): test against BroadcastEncryptor to verify what BE sends on
     89     // asset_id change. If it sends an EcmContainer with 2 Ecms with different
     90     // asset_ids (old and new) then it might be best to prefetch the Emm.
     91     if ((asset_.id() != 0) && (*asset_id != asset_.id())) {
     92         ALOGW("Asset_id change from %llu to %" PRIu64, asset_.id(), *asset_id);
     93         asset_.Clear();
     94     }
     95 
     96     // Fetch license to get asset_id
     97     if (!asset_.has_id()) {
     98         status = license_fetcher_->FetchLicense(*asset_id, &asset_);
     99         if (status != OK) {
    100             *asset_id = 0;
    101             return status;
    102         }
    103         ALOGV("FetchLicense succeeded, has_id=%d", asset_.has_id());
    104     }
    105     keys->resize(container.descriptor_size());
    106 
    107     for (size_t i = 0; i < container.descriptor_size(); ++i) {
    108         status = container.mutable_descriptor(i)->mutable_ecm()->Decrypt(
    109                 container.descriptor(i).ecm().buffer(), asset_);
    110         if (status != OK) {
    111             *asset_id = 0;
    112             keys->clear();
    113             return status;
    114         }
    115         // TODO: if 2 Ecms have same parity, key from Ecm with higher id
    116         // should be keys[1].
    117         KeyInfo key;
    118         key.key_id = container.descriptor(i).id();
    119         key.key_bytes = container.descriptor(i).ecm().content_key();
    120 
    121         keys->at(key.key_id & 1) = key;
    122     }
    123     return OK;
    124 }
    125 
    126 }  // namespace clearkeycas
    127 }  // namespace android
    128