| // Copyright 2021 The Chromium Authors |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| module crosapi.mojom; |
| |
| // Status returned by a successful call to QueryWindowStatus. |
| [Stable] |
| struct ContentProtectionWindowStatus { |
| // The type of connected output links, which is a bit-mask of the LinkType |
| // values. |
| uint32 link_mask@0; |
| |
| // The type of enabled protections, which is a bit-mask of the ProtectionType |
| // values. |
| uint32 protection_mask@1; |
| }; |
| |
| // Returned by a successful call to ChallengePlatform. The structure mirrors the |
| // CdmDocumentService interface to avoid unnecessary conversions. |
| [Stable] |
| struct ChallengePlatformResult { |
| // The data signed by the platform. |
| string signed_data; |
| |
| // The signature of the signed data block. |
| string signed_data_signature; |
| |
| // The device specific certificate for the requested service. |
| string platform_key_certificate; |
| }; |
| |
| // This interface is implemented by Ash-Chrome. |
| // This allows Lacros to support content protection. |
| // |
| // The bitfields in this struct use [Stable] enums defined in |
| // media/mojo/mojom/output_protection.mojom. |
| // The input parameter |window_id| should be obtained from |
| // PlatformWindow::GetWindowUniqueId(). A typical format might be: |
| // "org.chromium.lacros.9A82A161B2A0B9BADF75E9BB958B9FCB" |
| // |
| // Note that the Window abstraction, and its corresponding |window_id| are |
| // communicated over Wayland IPC. There's no synchronization between Wayland and |
| // Crosapi, so it's technically possible for Lacros to create a window, and |
| // then call one of these methods, but for Ash to not yet know about the |
| // |window_id|. As such, a failure in one of these methods is not considered |
| // irrecoverable -- it's possible that calling the method again at a later point |
| // in time will result in success. |
| [Stable, Uuid="e3020766-dd9b-4cfe-b387-8ed677212b50"] |
| interface ContentProtection { |
| // Returns content-protection related status for a window. Returns null on |
| // failure. |
| QueryWindowStatus@0(string window_id) => |
| (ContentProtectionWindowStatus? status); |
| |
| // Enables content protection for a window. |
| // - desired_protection_mask: The desired protection methods, which |
| // is a bit-mask of the ProtectionType values. |
| // - success: True when the protection request has been made. This may be |
| // before the protection have actually been applied. Call |
| // QueryWindowStatus() to get protection status. False if it failed to make |
| // the protection request, and in this case there is no need to call |
| // QueryStatus(). |
| EnableWindowProtection@1(string window_id, uint32 desired_protection_mask) => |
| (bool success); |
| |
| // Returns the system hash in hex encoded ascii. This may return an empty |
| // string on error. |
| // This intentionally mirrors the existing SystemSaltGetter API to avoid |
| // unnecessary conversions on both sides of the crosapi interface. |
| [MinVersion=1] |
| GetSystemSalt@2() => (string salt); |
| |
| // Allows authorized services to verify that the underlying platform is |
| // trusted. An example of a trusted platform is a Chrome OS device in |
| // verified boot mode. This can be used for protected content playback. |
| // |
| // Input parameters: |
| // - |service_id|: the service ID for the |challenge|. |
| // - |challenge|: the challenge data. |
| // The input parameters mirror the CdmDocumentService interface to avoid |
| // unnecessary conversions. |
| // Returns null on failure. |
| [MinVersion=2] |
| ChallengePlatform@3(string service_id, string challenge) => |
| (ChallengePlatformResult? result); |
| |
| // Returns true if Verified Access is enabled in settings, false otherwise. |
| [MinVersion=3] |
| IsVerifiedAccessEnabled@4() => (bool enabled); |
| }; |