resolved conflicts for merge of 4f342e87 to master
Change-Id: I2cdb238759beb49fede2de703df8defee92d316f
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 2a4d872..3857cd1 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -2585,6 +2585,13 @@
android:description="@string/permdesc_accessNetworkConditions"
android:protectionLevel="signature|system" />
+ <!-- Allows an application to provision and access DRM certificates
+ @hide This is not a third-party API (intended for system apps). -->
+ <permission android:name="android.permission.ACCESS_DRM_CERTIFICATES"
+ android:label="@string/permlab_accessDrmCertificates"
+ android:description="@string/permdesc_accessDrmCertificates"
+ android:protectionLevel="signature|system" />
+
<!-- The system process is explicitly the only one allowed to launch the
confirmation UI for full backup/restore -->
<uses-permission android:name="android.permission.CONFIRM_FULL_BACKUP"/>
diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
index 3a4f059..902aea8 100644
--- a/core/res/res/values/strings.xml
+++ b/core/res/res/values/strings.xml
@@ -2002,6 +2002,11 @@
<!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
<string name="permdesc_setInputCalibration">Allows the app to modify the calibration parameters of the touch screen. Should never be needed for normal apps.</string>
+ <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
+ <string name="permlab_accessDrmCertificates">access DRM certificates</string>
+ <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
+ <string name="permdesc_accessDrmCertificates">Allows an application to provision and use DRM certficates. Should never be needed for normal apps.</string>
+
<!-- Policy administration -->
<!-- Title of policy access to limiting the user's password choices -->
diff --git a/media/java/android/media/MediaDrm.java b/media/java/android/media/MediaDrm.java
index c016d08..440653a 100644
--- a/media/java/android/media/MediaDrm.java
+++ b/media/java/android/media/MediaDrm.java
@@ -1,4 +1,4 @@
- /*
+/*
* Copyright (C) 2013 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -27,7 +27,6 @@
import android.os.Message;
import android.os.Parcel;
import android.util.Log;
-import android.content.Context;
/**
* MediaDrm can be used to obtain keys for decrypting protected media streams, in
@@ -98,6 +97,8 @@
private final static String TAG = "MediaDrm";
+ private static final String PERMISSION = android.Manifest.permission.ACCESS_DRM_CERTIFICATES;
+
private EventHandler mEventHandler;
private OnEventListener mOnEventListener;
@@ -152,7 +153,7 @@
}
private static final native boolean isCryptoSchemeSupportedNative(byte[] uuid,
- String mimeType);
+ String mimeType);
/**
* Instantiate a MediaDrm object
@@ -176,7 +177,7 @@
* It's easier to create it here than in C++.
*/
native_setup(new WeakReference<MediaDrm>(this),
- getByteArrayFromUUID(uuid));
+ getByteArrayFromUUID(uuid));
}
/**
@@ -285,7 +286,7 @@
* the cookie passed to native_setup().)
*/
private static void postEventFromNative(Object mediadrm_ref,
- int eventType, int extra, Object obj)
+ int eventType, int extra, Object obj)
{
MediaDrm md = (MediaDrm)((WeakReference)mediadrm_ref).get();
if (md == null) {
@@ -385,9 +386,8 @@
* problem with the certifcate
*/
public native KeyRequest getKeyRequest(byte[] scope, byte[] init,
- String mimeType, int keyType,
- HashMap<String, String> optionalParameters)
- throws NotProvisionedException;
+ String mimeType, int keyType, HashMap<String, String> optionalParameters)
+ throws NotProvisionedException;
/**
@@ -411,7 +411,7 @@
* @throws ResourceBusyException if required resources are in use
*/
public native byte[] provideKeyResponse(byte[] scope, byte[] response)
- throws NotProvisionedException, DeniedByServerException;
+ throws NotProvisionedException, DeniedByServerException;
/**
@@ -478,7 +478,7 @@
}
private native ProvisionRequest getProvisionRequestNative(int certType,
- String certAuthority);
+ String certAuthority);
/**
* After a provision response is received by the app, it is provided to the DRM
@@ -491,12 +491,12 @@
* server rejected the request
*/
public void provideProvisionResponse(byte[] response)
- throws DeniedByServerException {
+ throws DeniedByServerException {
provideProvisionResponseNative(response);
}
private native Certificate provideProvisionResponseNative(byte[] response)
- throws DeniedByServerException;
+ throws DeniedByServerException;
/**
* A means of enforcing limits on the number of concurrent streams per subscriber
@@ -583,23 +583,22 @@
private static final native void setCipherAlgorithmNative(MediaDrm drm, byte[] sessionId,
- String algorithm);
+ String algorithm);
private static final native void setMacAlgorithmNative(MediaDrm drm, byte[] sessionId,
- String algorithm);
+ String algorithm);
private static final native byte[] encryptNative(MediaDrm drm, byte[] sessionId,
- byte[] keyId, byte[] input, byte[] iv);
+ byte[] keyId, byte[] input, byte[] iv);
private static final native byte[] decryptNative(MediaDrm drm, byte[] sessionId,
- byte[] keyId, byte[] input, byte[] iv);
+ byte[] keyId, byte[] input, byte[] iv);
private static final native byte[] signNative(MediaDrm drm, byte[] sessionId,
- byte[] keyId, byte[] message);
+ byte[] keyId, byte[] message);
private static final native boolean verifyNative(MediaDrm drm, byte[] sessionId,
- byte[] keyId, byte[] message,
- byte[] signature);
+ byte[] keyId, byte[] message, byte[] signature);
/**
* In addition to supporting decryption of DASH Common Encrypted Media, the
@@ -629,7 +628,7 @@
private byte[] mSessionId;
CryptoSession(MediaDrm drm, byte[] sessionId,
- String cipherAlgorithm, String macAlgorithm)
+ String cipherAlgorithm, String macAlgorithm)
{
mSessionId = sessionId;
mDrm = drm;
@@ -704,8 +703,7 @@
* "algorithms".
*/
public CryptoSession getCryptoSession(byte[] sessionId,
- String cipherAlgorithm,
- String macAlgorithm)
+ String cipherAlgorithm, String macAlgorithm)
{
return new CryptoSession(this, sessionId, cipherAlgorithm, macAlgorithm);
}
@@ -751,11 +749,11 @@
* @hide - not part of the public API at this time
*/
public CertificateRequest getCertificateRequest(int certType,
- String certAuthority)
+ String certAuthority)
{
ProvisionRequest provisionRequest = getProvisionRequestNative(certType, certAuthority);
return new CertificateRequest(provisionRequest.getData(),
- provisionRequest.getDefaultUrl());
+ provisionRequest.getDefaultUrl());
}
/**
@@ -800,18 +798,16 @@
* @hide - not part of the public API at this time
*/
public Certificate provideCertificateResponse(byte[] response)
- throws DeniedByServerException {
+ throws DeniedByServerException {
return provideProvisionResponseNative(response);
}
private static final native byte[] signRSANative(MediaDrm drm, byte[] sessionId,
- String algorithm, byte[] wrappedKey,
- byte[] message);
+ String algorithm, byte[] wrappedKey, byte[] message);
/**
* Sign data using an RSA key
*
- * @param context the app context
* @param sessionId a sessionId obtained from openSession on the MediaDrm object
* @param algorithm the signing algorithm to use, e.g. "PKCS1-BlockType1"
* @param wrappedKey - the wrapped (encrypted) RSA private key obtained
@@ -820,7 +816,8 @@
*
* @hide - not part of the public API at this time
*/
- public byte[] signRSA(Context context, byte[] sessionId, String algorithm, byte[] wrappedKey, byte[] message) {
+ public byte[] signRSA(byte[] sessionId, String algorithm,
+ byte[] wrappedKey, byte[] message) {
return signRSANative(this, sessionId, algorithm, wrappedKey, message);
}
diff --git a/media/jni/android_media_MediaDrm.cpp b/media/jni/android_media_MediaDrm.cpp
index 1dbaa3a..7c45682 100644
--- a/media/jni/android_media_MediaDrm.cpp
+++ b/media/jni/android_media_MediaDrm.cpp
@@ -570,7 +570,7 @@
FIND_CLASS(clazz, "android/media/MediaDrm$Certificate");
GET_FIELD_ID(gFields.certificate.wrappedPrivateKey, clazz, "mWrappedKey", "[B");
GET_FIELD_ID(gFields.certificate.certificateData, clazz, "mCertificateData", "[B");
- gFields.certificateClassId = reinterpret_cast<jclass>(env->NewGlobalRef(clazz));
+ gFields.certificateClassId = static_cast<jclass>(env->NewGlobalRef(clazz));
FIND_CLASS(clazz, "java/util/ArrayList");
GET_METHOD_ID(gFields.arraylist.init, clazz, "<init>", "()V");
@@ -595,13 +595,13 @@
GET_METHOD_ID(gFields.entry.getValue, clazz, "getValue", "()Ljava/lang/Object;");
FIND_CLASS(clazz, "java/util/HashMap");
- gFields.hashmapClassId = reinterpret_cast<jclass>(env->NewGlobalRef(clazz));
+ gFields.hashmapClassId = static_cast<jclass>(env->NewGlobalRef(clazz));
FIND_CLASS(clazz, "java/lang/String");
- gFields.stringClassId = reinterpret_cast<jclass>(env->NewGlobalRef(clazz));
+ gFields.stringClassId = static_cast<jclass>(env->NewGlobalRef(clazz));
FIND_CLASS(clazz, "java/util/ArrayList");
- gFields.arraylistClassId = reinterpret_cast<jclass>(env->NewGlobalRef(clazz));
+ gFields.arraylistClassId = static_cast<jclass>(env->NewGlobalRef(clazz));
}
static void android_media_MediaDrm_native_setup(
diff --git a/media/lib/signer/java/com/android/mediadrm/signer/MediaDrmSigner.java b/media/lib/signer/java/com/android/mediadrm/signer/MediaDrmSigner.java
index d971afb..0a2897f 100644
--- a/media/lib/signer/java/com/android/mediadrm/signer/MediaDrmSigner.java
+++ b/media/lib/signer/java/com/android/mediadrm/signer/MediaDrmSigner.java
@@ -16,7 +16,6 @@
package com.android.mediadrm.signer;
-import android.content.Context;
import android.media.MediaDrm;
import android.media.DeniedByServerException;
@@ -37,7 +36,7 @@
* server
*/
public final static class CertificateRequest {
- private MediaDrm.CertificateRequest mCertRequest;
+ private final MediaDrm.CertificateRequest mCertRequest;
CertificateRequest(MediaDrm.CertificateRequest certRequest) {
mCertRequest = certRequest;
@@ -65,7 +64,7 @@
* with a certificate.
*/
public final static class Certificate {
- private MediaDrm.Certificate mCertificate;
+ private final MediaDrm.Certificate mCertificate;
Certificate(MediaDrm.Certificate certificate) {
mCertificate = certificate;
@@ -97,7 +96,7 @@
* the chain of authority.
*/
public static CertificateRequest getCertificateRequest(MediaDrm drm, int certType,
- String certAuthority) {
+ String certAuthority) {
return new CertificateRequest(drm.getCertificateRequest(certType, certAuthority));
}
@@ -117,14 +116,13 @@
* server rejected the request
*/
public static Certificate provideCertificateResponse(MediaDrm drm, byte[] response)
- throws DeniedByServerException {
+ throws DeniedByServerException {
return new Certificate(drm.provideCertificateResponse(response));
}
/**
* Sign data using an RSA key
*
- * @param context the App context
* @param drm the MediaDrm object
* @param sessionId a sessionId obtained from openSession on the MediaDrm object
* @param algorithm the signing algorithm to use, e.g. "PKCS1-BlockType1"
@@ -132,8 +130,8 @@
* from provideCertificateResponse
* @param message the data for which a signature is to be computed
*/
- public static byte[] signRSA(Context context, MediaDrm drm, byte[] sessionId,
- String algorithm, byte[] wrappedKey, byte[] message) {
- return drm.signRSA(context, sessionId, algorithm, wrappedKey, message);
+ public static byte[] signRSA(MediaDrm drm, byte[] sessionId,
+ String algorithm, byte[] wrappedKey, byte[] message) {
+ return drm.signRSA(sessionId, algorithm, wrappedKey, message);
}
}