1 /*
2 * Copyright (C) 2018 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 //#define LOG_NDEBUG 0
18 #define LOG_TAG "hidl_ClearKeyCryptoPlugin"
19 #include <utils/Log.h>
20
21 #include "CryptoPlugin.h"
22 #include "SessionLibrary.h"
23 #include "TypeConvert.h"
24
25 #include <hidlmemory/mapping.h>
26
27 namespace android {
28 namespace hardware {
29 namespace drm {
30 namespace V1_4 {
31 namespace clearkey {
32
33 using ::android::hardware::drm::V1_0::BufferType;
34
setSharedBufferBase(const hidl_memory & base,uint32_t bufferId)35 Return<void> CryptoPlugin::setSharedBufferBase(
36 const hidl_memory& base, uint32_t bufferId) {
37 sp<IMemory> hidlMemory = mapMemory(base);
38 ALOGE_IF(hidlMemory == nullptr, "mapMemory returns nullptr");
39
40 std::lock_guard<std::mutex> shared_buffer_lock(mSharedBufferLock);
41
42 // allow mapMemory to return nullptr
43 mSharedBufferMap[bufferId] = hidlMemory;
44 return Void();
45 }
46
decrypt(bool secure,const hidl_array<uint8_t,16> & keyId,const hidl_array<uint8_t,16> & iv,Mode mode,const Pattern & pattern,const hidl_vec<SubSample> & subSamples,const SharedBuffer & source,uint64_t offset,const DestinationBuffer & destination,decrypt_cb _hidl_cb)47 Return<void> CryptoPlugin::decrypt(
48 bool secure,
49 const hidl_array<uint8_t, 16>& keyId,
50 const hidl_array<uint8_t, 16>& iv,
51 Mode mode,
52 const Pattern& pattern,
53 const hidl_vec<SubSample>& subSamples,
54 const SharedBuffer& source,
55 uint64_t offset,
56 const DestinationBuffer& destination,
57 decrypt_cb _hidl_cb) {
58
59 Status status = Status::ERROR_DRM_UNKNOWN;
60 hidl_string detailedError;
61 uint32_t bytesWritten = 0;
62
63 Return<void> hResult = decrypt_1_2(
64 secure, keyId, iv, mode, pattern, subSamples, source, offset, destination,
65 [&](Status_V1_2 hStatus, uint32_t hBytesWritten, hidl_string hDetailedError) {
66 status = toStatus_1_0(hStatus);
67 bytesWritten = hBytesWritten;
68 detailedError = hDetailedError;
69 }
70 );
71
72 status = hResult.isOk() ? status : Status::ERROR_DRM_CANNOT_HANDLE;
73 _hidl_cb(status, bytesWritten, detailedError);
74 return Void();
75 }
76
77 // Returns negative values for error code and positive values for the size of
78 // decrypted data. In theory, the output size can be larger than the input
79 // size, but in practice this will never happen for AES-CTR.
decrypt_1_2(bool secure,const hidl_array<uint8_t,KEY_ID_SIZE> & keyId,const hidl_array<uint8_t,KEY_IV_SIZE> & iv,Mode mode,const Pattern & pattern,const hidl_vec<SubSample> & subSamples,const SharedBuffer & source,uint64_t offset,const DestinationBuffer & destination,decrypt_1_2_cb _hidl_cb)80 Return<void> CryptoPlugin::decrypt_1_2(
81 bool secure,
82 const hidl_array<uint8_t, KEY_ID_SIZE>& keyId,
83 const hidl_array<uint8_t, KEY_IV_SIZE>& iv,
84 Mode mode,
85 const Pattern& pattern,
86 const hidl_vec<SubSample>& subSamples,
87 const SharedBuffer& source,
88 uint64_t offset,
89 const DestinationBuffer& destination,
90 decrypt_1_2_cb _hidl_cb) {
91 UNUSED(pattern);
92
93 if (secure) {
94 _hidl_cb(Status_V1_2::ERROR_DRM_CANNOT_HANDLE, 0,
95 "Secure decryption is not supported with ClearKey.");
96 return Void();
97 }
98
99 std::unique_lock<std::mutex> shared_buffer_lock(mSharedBufferLock);
100 if (mSharedBufferMap.find(source.bufferId) == mSharedBufferMap.end()) {
101 _hidl_cb(Status_V1_2::ERROR_DRM_CANNOT_HANDLE, 0,
102 "source decrypt buffer base not set");
103 return Void();
104 }
105
106 if (destination.type == BufferType::SHARED_MEMORY) {
107 const SharedBuffer& dest = destination.nonsecureMemory;
108 if (mSharedBufferMap.find(dest.bufferId) == mSharedBufferMap.end()) {
109 _hidl_cb(Status_V1_2::ERROR_DRM_CANNOT_HANDLE, 0,
110 "destination decrypt buffer base not set");
111 return Void();
112 }
113 } else {
114 _hidl_cb(Status_V1_2::ERROR_DRM_CANNOT_HANDLE, 0,
115 "destination type not supported");
116 return Void();
117 }
118
119 sp<IMemory> sourceBase = mSharedBufferMap[source.bufferId];
120 if (sourceBase == nullptr) {
121 _hidl_cb(Status_V1_2::ERROR_DRM_CANNOT_HANDLE, 0, "source is a nullptr");
122 return Void();
123 }
124
125 size_t totalSize = 0;
126 if (__builtin_add_overflow(source.offset, offset, &totalSize) ||
127 __builtin_add_overflow(totalSize, source.size, &totalSize) ||
128 totalSize > sourceBase->getSize()) {
129 android_errorWriteLog(0x534e4554, "176496160");
130 _hidl_cb(Status_V1_2::ERROR_DRM_CANNOT_HANDLE, 0, "invalid buffer size");
131 return Void();
132 }
133
134 uint8_t *base = static_cast<uint8_t *>
135 (static_cast<void *>(sourceBase->getPointer()));
136 uint8_t* srcPtr = static_cast<uint8_t *>(base + source.offset + offset);
137 void* destPtr = NULL;
138 // destination.type == BufferType::SHARED_MEMORY
139 const SharedBuffer& destBuffer = destination.nonsecureMemory;
140 sp<IMemory> destBase = mSharedBufferMap[destBuffer.bufferId];
141 if (destBase == nullptr) {
142 _hidl_cb(Status_V1_2::ERROR_DRM_CANNOT_HANDLE, 0, "destination is a nullptr");
143 return Void();
144 }
145
146 base = static_cast<uint8_t *>(static_cast<void *>(destBase->getPointer()));
147
148 totalSize = 0;
149 if (__builtin_add_overflow(destBuffer.offset, destBuffer.size, &totalSize) ||
150 totalSize > destBase->getSize()) {
151 android_errorWriteLog(0x534e4554, "176444622");
152 _hidl_cb(Status_V1_2::ERROR_DRM_FRAME_TOO_LARGE, 0, "invalid buffer size");
153 return Void();
154 }
155 destPtr = static_cast<void*>(base + destination.nonsecureMemory.offset);
156
157 // release mSharedBufferLock
158 shared_buffer_lock.unlock();
159
160 // Calculate the output buffer size and determine if any subsamples are
161 // encrypted.
162 size_t destSize = 0;
163 size_t srcSize = 0;
164 bool haveEncryptedSubsamples = false;
165 for (size_t i = 0; i < subSamples.size(); i++) {
166 const SubSample &subSample = subSamples[i];
167 if (__builtin_add_overflow(destSize, subSample.numBytesOfClearData, &destSize) ||
168 __builtin_add_overflow(srcSize, subSample.numBytesOfClearData, &srcSize)) {
169 _hidl_cb(Status_V1_2::ERROR_DRM_FRAME_TOO_LARGE, 0, "subsample clear size overflow");
170 return Void();
171 }
172 if (__builtin_add_overflow(destSize, subSample.numBytesOfEncryptedData, &destSize) ||
173 __builtin_add_overflow(srcSize, subSample.numBytesOfEncryptedData, &srcSize)) {
174 _hidl_cb(Status_V1_2::ERROR_DRM_FRAME_TOO_LARGE, 0, "subsample encrypted size overflow");
175 return Void();
176 }
177 if (subSample.numBytesOfEncryptedData > 0) {
178 haveEncryptedSubsamples = true;
179 }
180 }
181
182 if (destSize > destBuffer.size || srcSize > source.size) {
183 _hidl_cb(Status_V1_2::ERROR_DRM_FRAME_TOO_LARGE, 0, "subsample sum too large");
184 return Void();
185 }
186
187 if (mode == Mode::UNENCRYPTED) {
188 if (haveEncryptedSubsamples) {
189 _hidl_cb(Status_V1_2::ERROR_DRM_CANNOT_HANDLE, 0,
190 "Encrypted subsamples found in allegedly unencrypted data.");
191 return Void();
192 }
193
194 size_t offset = 0;
195 for (size_t i = 0; i < subSamples.size(); ++i) {
196 const SubSample& subSample = subSamples[i];
197 if (subSample.numBytesOfClearData != 0) {
198 memcpy(reinterpret_cast<uint8_t*>(destPtr) + offset,
199 reinterpret_cast<const uint8_t*>(srcPtr) + offset,
200 subSample.numBytesOfClearData);
201 offset += subSample.numBytesOfClearData;
202 }
203 }
204
205 _hidl_cb(Status_V1_2::OK, static_cast<ssize_t>(offset), "");
206 return Void();
207 } else if (mode == Mode::AES_CTR) {
208 size_t bytesDecrypted;
209 Status_V1_2 res = mSession->decrypt(keyId.data(), iv.data(), srcPtr,
210 static_cast<uint8_t*>(destPtr), toVector(subSamples), &bytesDecrypted);
211 if (res == Status_V1_2::OK) {
212 _hidl_cb(Status_V1_2::OK, static_cast<ssize_t>(bytesDecrypted), "");
213 return Void();
214 } else {
215 _hidl_cb(res, 0, "Decryption Error");
216 return Void();
217 }
218 } else {
219 _hidl_cb(Status_V1_2::ERROR_DRM_CANNOT_HANDLE, 0,
220 "Selected encryption mode is not supported by the ClearKey DRM Plugin.");
221 return Void();
222 }
223 }
224
setMediaDrmSession(const hidl_vec<uint8_t> & sessionId)225 Return<Status> CryptoPlugin::setMediaDrmSession(
226 const hidl_vec<uint8_t>& sessionId) {
227 if (!sessionId.size()) {
228 mSession = nullptr;
229 } else {
230 mSession = SessionLibrary::get()->findSession(sessionId);
231 if (!mSession.get()) {
232 return Status::ERROR_DRM_SESSION_NOT_OPENED;
233 }
234 }
235 return Status::OK;
236 }
237
getLogMessages(getLogMessages_cb _hidl_cb)238 Return<void> CryptoPlugin::getLogMessages(
239 getLogMessages_cb _hidl_cb) {
240 using std::chrono::duration_cast;
241 using std::chrono::milliseconds;
242 using std::chrono::system_clock;
243
244 auto timeMillis = duration_cast<milliseconds>(
245 system_clock::now().time_since_epoch()).count();
246
247 std::vector<LogMessage> logs = {
248 { timeMillis, LogPriority::ERROR, std::string("Not implemented") }};
249 _hidl_cb(drm::V1_4::Status::OK, toHidlVec(logs));
250 return Void();
251 }
252
253 } // namespace clearkey
254 } // namespace V1_4.
255 } // namespace drm
256 } // namespace hardware
257 } // namespace android
258