diff -r 000000000000 -r 95b198f216e5 omadrm/drmengine/server/inc/DRMDbSession.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/omadrm/drmengine/server/inc/DRMDbSession.h Thu Dec 17 08:52:27 2009 +0200 @@ -0,0 +1,696 @@ +/* +* Copyright (c) 2003-2008 Nokia Corporation and/or its subsidiary(-ies). +* All rights reserved. +* This component and the accompanying materials are made available +* under the terms of "Eclipse Public License v1.0" +* which accompanies this distribution, and is available +* at the URL "http://www.eclipse.org/legal/epl-v10.html". +* +* Initial Contributors: +* Nokia Corporation - initial contribution. +* +* Contributors: +* +* Description: This class declares the interface of class CDRMDbSession. +* +*/ + + +#ifndef CDRMDBSESSION_H +#define CDRMDBSESSION_H + +// INCLUDES +#include +#include +#include "DRMTypes.h" +#include "DRMConstraint.h" +#include "DRMEngineClientServer.h" +#include "drmcommonclientserver.h" +#include "drmenginetypedefs.h" +#include "roapstorageclient.h" + +// CONSTANTS +// MACROS +// FUNCTION PROTOTYPES +// FORWARD DECLARATIONS +class CDRMParentStorage; + +class CDRMConsume; +class CDRMPermission; +class CDRMNotifier; +class CDRMObsoleteFinder; + +// DATA TYPES +// CLASS DECLARATION + +/** +* Server side instance of DRM Rights Database session. +* This class is the server side instance of C/S communications of a certain +* session. +* +* @lib RightsServer.exe +* @since S60Rel2.5 +*/ +NONSHARABLE_CLASS( CDRMDbSession ) : public CSession2 + { +public: // Constructors and destructor + + /** + * Two-phased constructor. + * @since S60Rel2.6 + * @return New session instance. + */ + static CDRMDbSession* NewL(); + + /** + * Destructor. + * @since S60Rel2.5 + */ + virtual ~CDRMDbSession(); + +public: // Functions from base classes + + /** + * From CSession2: Handles the service request event. + * @since S60Rel2.6 + * @param aMessage The message related to the event. + * @exception Method leaves with appropriate exception value + * if any errors occured. + */ + void ServiceL( const RMessage2& aMessage ); + + /** + * From CSession2: Handles the errors from ServiceL if encountered. + * @since S60Rel3.0 + * @param aMessage The message related to the event. + * @param aError Error code. + */ + virtual void ServiceError( const RMessage2& aMessage, + TInt aError ); + +public: // New functions + + void AsyncOperationDone(); + + void AsyncOperationDone( TFileName* aFileName ); + + /** + * This method tries to find a suitable rights object + * from the given list which allows the specified intent. + * @since S60Rel3.0 + * @param aIntent Intent. + * @param aRights List of rights objects. + * @param aParent Out-parameter: related parent permission. The caller + * owns the parent. + * @param aUpdate Out-parameter: whether to update the rights object + * (if one is found). + * @return Symbian error or CAF error. KErrNone if everything goes + * properly + */ + TInt FindRightsObject( const ContentAccess::TIntent aIntent, + const TDesC8& aURI, + CDRMPermission*& aChild, + HBufC8*& aUsedURI, + TUint32& aReason ); + + /** + * Check whether the identified permission allows the caller to get + * decrypted data. Enforces e.g. capability checking + * + * @param aContentId Content ID of the content, can be NULL + * @param aPermission Permission which grants access, can be NULL + * @param aIntent Consumption intent + * @return KErrAccessDenied if the caller does not have sufficient + * credentials, KErrNone if access is granted, or other + * Symbian errors + */ + TInt VerifyCredentials( HBufC8* aContentId, + CDRMPermission* aPermission, + TIntent aIntent ); + + /** + * Return the SID of the client + * @return SID of the client + */ + TUid GetClientSid(); + + /** + * Return the VID of the client + * @return VID of the client + */ + TUid GetClientVid(); + + /** + * Return if the client has sufficient DRM capability + * @return ETrue if the capability is available, EFalse otherwise + */ + TBool ClientHasCapability(); + + /** + * This method returns handle to the Roap storage client. + * + * @since S60 3.2 + * @return Handle to the Roap storage client + */ + Roap::RRoapStorageClient& RoapClient(); + + /** + * This method connects the roap client, does nothing if it's already connected + * + * @since S60 3.2 + * @return Handle to the Roap storage client + */ + TInt ConnectRoapClient(); + +protected: // New functions + +protected: // Functions from base classes + +private: + + enum TProtectionType + { + ENoProtection, + EPublicKey, + EDomainKey, + }; + + enum TCredentialsCheckType + { + ENotChecked, + ECheckedAndAllowed, + ECheckedAndDenied, + }; + + /** + * C++ constructor. + * @since S60Rel2.6 + */ + CDRMDbSession(); + + /** + * Second phase constructor. + * @since S60Rel2.6 + */ + void ConstructL(); + + /** + * Helper function for ServiceL(). + * @since S60Rel2.5 + * @param aMessage The message associated to the event. + */ + void AddRecordL( const RMessage2& aMessage, + TProtectionType aProtection ); + + /** + * Helper function for ServiceL(). + * @since S60Rel2.5 + * @param aMessage The message associated to the event. + */ + void GetRecordL( const RMessage2& aMessage ); + + /** + * Helper function for ServiceL(). + * @since S60Rel2.5 + * @param aMessage The message associated to the event. + */ + void GetEntryListL( const RMessage2& aMessage ); + + /** + * Helper function for ServiceL(). + * @since S60Rel2.5 + * @param aMessage The message associated to the event. + */ + void DeleteL( const RMessage2& aMessage ); + + /** + * Helper function for ServiceL(). + * @since S60Rel2.5 + * @param aMessage The message associated to the event. + */ + void DeleteRecordL( const RMessage2& aMessage ); + + /** + * Helper function for ServiceL(). + * @since S60Rel2.5 + * @param aMessage The message associated to the event. + */ + void ExportCIDsL( const RMessage2& aMessage ); + + /** + * Helper function for ServiceL(). + * @since S60Rel2.5 + * @param aMessage The message associated to the event. + */ + void GetKeyL( const RMessage2& aMessage ); + + /** + * Helper function for ServiceL(). + * @since S60Rel2.5 + * @param aMessage The message associated to the event. + */ + void CheckRightsL( const RMessage2& aMessage ); + + /** + * Helper function for ServiceL(). + * @since S60Rel2.5 + * @param aMessage The message associated to the event. + */ + void CountL( const RMessage2& aMessage ); + + /** + * Implementation of DeleteAll() command. + * @since 2.5 + * @param aMessage The message associated to the event. + */ + void DeleteAllL( const RMessage2& aMessage ); + + /** + * Implementation of ConsumeL() command. + * @since 2.5 + * @param aMessage The message associated to the event. + */ + void ConsumeL( const RMessage2& aMessage ); + + /** + * Check if Consume is possible + * @since 3.0 + * @param aMessage The message associated to the event. + */ + void CheckConsumeL( const RMessage2& aMessage ); + + /** + * Calculate the padding using a given data block + * @since 2.5 + * @param aMessage The message associated to the event. + */ + void CalculatePaddingL( const RMessage2& aMessage ); + + /** + * Give secure time & trust level to the client. + * @since 2.6 + * @params aMessage The message associated to the event. + */ + void SecureTimeL( const RMessage2& aMessage ); + + /** + * Encrypt data using the session key + * @since 3.0 + * @params aMessage The message associated to the event. + */ + void EncryptL( const RMessage2& aMessage ); + + /** + * Decrypt data using the session key + * @since 3.0 + * @params aMessage The message associated to the event. + */ + void DecryptL( const RMessage2& aMessage ); + + /** + * Initialize the session key + * @since 3.0 + * @params aMessage The message associated to the event. + */ + void InitializeKeyL( const RMessage2& aMessage ); + + /** + * Initialize the session key from a group key + * @since 3.0 + * @params aMessage The message associated to the event. + */ + void InitializeGroupKeyL( const RMessage2& aMessage ); + + /** + * Return the prepared data to the client. + * @since 3.0 + * @params aMessage The message associated to the event. + */ + void GetPreparedDataL( const RMessage2& aMessage ); + + /** + * Return the prepared data to the client. + * @since 3.0 + * @params aMessage The message associated to the event. + */ + void AddDomainROL( const RMessage2& aMessage ); + + /** + * Return the prepared data to the client. + * @since 3.0 + * @params aMessage The message associated to the event. + */ + void GetDomainROL( const RMessage2& aMessage ); + + /** + * Return the prepared data to the client. + * @since 3.0 + * @params aMessage The message associated to the event. + */ + void DeleteDomainROL( const RMessage2& aMessage ); + + /** + * Return the domain RO for a given content ID. + * @since 3.0 + * @params aMessage The message associated to the event. + */ + void GetDomainRosForCidL( const RMessage2& aMessage ); + + /** + * Check whether the RO is in Replay Cache. + * @since 3.0 + * @pareams aMessage The message associated to the event. + */ + void IsInCacheL( const RMessage2& aMessage ); + + /** + * Add the RO entry to Replay Cache. + * @since 3.0 + * @params aMessage The message associated to the event. + */ + void AddToCacheL( const RMessage2& aMessage ); + + /** + * Delete expired permission if we have secure time. + * @since 3.0 + * @params aMessage The message associated to the event. + */ + void DeleteExpiredPermissionsL( const RMessage2& aMessage ); + + /** + * Sets the estimated arrival for a Content URI + * @since 2.6 + * @params aMessage The message associated to the event. + */ + void SetEstimatedArrivalL( const RMessage2& aMessage ); + + /** + * Gets the estimated arrival for a Content URI + * @since 2.6 + * @params aMessage The message associated to the event. + */ + void GetEstimatedArrivalL( const RMessage2& aMessage ); + + /** + * Gets the udt data + * @since 3.0 + * @params aMessage The message associated to the event. + */ + void GetUdtDataL( const RMessage2& aMessage ); + + /** + * Initiates the UDT + * @since 3.0 + * @params aMessage The message associated to the event. + */ + void InitiateUdtL( const RMessage2& aMessage ); + + /** + * Helper function for ServiceL(). + * @since 3.0 + * @param aMessage The message associated to the event. + */ + void InitExportOrphanedCIDsL( const RMessage2& aMessage ); + + /** + * Helper function for ServiceL(). + * @since 3.0 + * @param aMessage The message associated to the event. + */ + void ExportOrphanedCIDsL( const RMessage2& aMessage ); + + /** + * Unwrap MAC and REK which are wrapped either with + * device public key or domain key + * @since 3.1 + * @param aMessage The message associated to the event. + * @param aDomainRo ETrue if a domain key is used for wrapping + * EFalse if device public key is used wrapping + */ + void UnwrapMacAndRekL( const RMessage2& aMessage, TBool aDomainRo ); + + /** + * This methods converts the given list into a permanent file + * representation. + * @since S60Rel2.5 + * @param aList List to be converted into a file. + * @param aFile Output file name. + */ + void ListToFileL( RPointerArray< CDRMPermission >& aList, + TFileName& aFile ); + + /** + * Tries to locate the best permission candidates from the given list based + * on the given usage intent. + * @return Index of the best child in aList, >= 0 always. Leaves if no + * suitable child is found. + */ + TInt FindBestROsL( RDRMPermissionList& aList, + const TDesC8& aURI, + const ContentAccess::TIntent aIntent, + HBufC8*& aUsedURI, + TUint32& aReason ); + + /** + * Returns ETrue if might be possible to use the permission + * as a child permission in the first place. + */ + TBool IsValidPermissionL( CDRMPermission& aPermission, + const ContentAccess::TIntent aIntent, + const TTime& aTime, + TUint32& aReason ); + + + void Normalize( CDRMPermission& aPermission, + CDRMConstraint& aNormalized, + const ContentAccess::TIntent aIntent ); + + TBool BetterPermission( const CDRMConstraint& aNewOne, + const CDRMConstraint& aOldOne ); + + + TInt GetBestROL( RDRMPermissionList& aList, + const TIntent aIntent, + TUint32& aReason ); + + /** + * This method checks whether the constraint has expired. + * + * @since S60Rel2.5 + * @param aConstraint Rights constraint. + * @return Truth value. + */ + inline TBool Expired( const CDRMConstraint& aConstraint ); + + /** + * finds the parent permissions and does not add unusable parents and removes unusable childred + * + * @param aList List of child permissions + * @param aIntent Intent for use + * @param aDrmTime Drm time of the device + * @param aReason Out-parameter: a bitvector of why some prmissions were disqualified + */ + void FindParentsAndRemoveUnusableL( RDRMPermissionList& aList, + const TDesC8& aURI, + CDRMPointerArray& aCids, + const TIntent aIntent, + const TTime& aDrmTime, + TUint32& aReason ); + + /** + * This method checks whether the constraint is invalid + * (count < 1 || interval <= 0 ). + * + * @since S60Rel2.6 + * @param aConstraint Rights constraint. + * @return Truth value. + */ + inline TBool Invalid( const CDRMConstraint& aConstraint ); + + /** + * This method updates the trusted time and its trust level from DRM server. + * Since S60Rel2.5 + */ + inline void UpdateSecureTime(); + + /** + * Unwrap a CEK which is wrapped with a REK + * + * @param aProtectedCek Wrapped CEK + * @return Unwrapped CEK + */ + HBufC8* UnwrapProtectedCekL( const TDesC8& aProtectedCek ); + + /** + * Unwrap a CEK which is wrapped with a domain key. + * + * @param aProtectedCek Wrapped CEK + * @param aDomainId ID of the domain key + * @return Unwrapped CEK + */ + HBufC8* UnwrapDomainCekL( const TDesC8& aProtectedCek, + const TDesC8& aDomainId ); + + /** + * Set the authentication seed for a content ID + * + * @param aMessage IPC message + */ + void SetAuthenticationSeedL( const RMessage2& aMessage ); + + /** + * Return the authentication seed for a content ID + * + * @param aMessage IPC message + */ + void GetAuthenticationSeedL( const RMessage2& aMessage ); + + /** + * Integrity protection for protected ROs + * + * @param aMessage IPC message + */ + void VerifyMacL( const RMessage2& aMessage ); + + /** + * + * + * @param aMessage IPC message + */ + void GetSupportedIndividualsL( const RMessage2& aMessage ); + + /** + * Stop watching the DCF repository server and the rights DB + * + * @param aMessage IPC message + */ + void StopWatchingL( const RMessage2& aMessage ); + + /** + * Return the current content ID + * + * @return content ID + */ + const TDesC8& GetContentId(); + + /** + * Remove permissions which are currently invalid (e.g. domain context + * not available) + * + * @param aList List of permissions + */ + void RemoveInvalidPermissionsL( CDRMPermissionList* aList ); + + void SetNameL( const RMessage2& aMessage ); + + void GetNameL( const RMessage2& aMessage ); + + void GetWideDataL( const RMessage2& aMessage ); + + void Cancel( const RMessage2& aMessage ); + + void GetFLUriL( const RMessage2& aMessage ); + + void EncodeRightsIssuerL( const RMessage2& aMessage ); + + void DecodeRightsIssuerL( const RMessage2& aMessage ); + + void GetRandomDataL( const RMessage2& aMessage ); + + void GetFlURI( TDes8& aURI ); + + void AesEncryptL( const TDesC8& aKey, + const TDesC8& aIV, + const TBool aAddPadding, + TDes8& aData ); + + void AesDecryptL( const TDesC8& aKey, + const TDesC8& aIV, + const TBool aRemovePadding, + TDes8& aData ); + + void GenerateIVL( TDes8& aData ); + + TBool PendingRights(const TDesC8& aCid, TBool aRemoval = ETrue); + + /** + * This method tries to find a suitable rights object + * from the given list which allows the specified intent. + * @since S60Rel3.0 + * @param aIntent Intent. + * @param aURI Content URI + * @param aChild Out-parameter: related child permissino. The caller + * owns the child. + * @param aParent Out-parameter: related parent permission. The caller + * owns the parent. + * @param aReason A bitvector of reasons for rights object rejection + */ + void FindRightsObjectL( const ContentAccess::TIntent aIntent, + const TDesC8& aURI, + CDRMPermission*& aChild, + HBufC8*& aUsedURI, + TUint32& aReason ); + + /** + * Check if the deletion of the mentioned content id is allowed: + */ + TBool DeleteAllowedL( const TDesC8& aContentId ); + + // Prohibit copy constructor. + CDRMDbSession( const CDRMDbSession& ); + // Prohibit assigment operator. + CDRMDbSession& operator=( const CDRMDbSession& ); + + void GetMeteringDataL( const RMessage2& aMessage ); + + void DeleteMeteringDataL( const RMessage2& aMessage ); + +public: // Data + +protected: // Data + +private: // Data + + TTime iTrustedTime; + TBool iSecureTime; + HBufC8* iPreparedData; + HBufC* iWidePreparedData; + CActive* iPendingRequest; + CDRMConsume* iConsume; + + // Decryption key for this session + TBuf8< KDRMKeyLength > iCek; + + // Rights encyrption key for this session, used for adding protected keys and + // the authentication seed + TBuf8< KDRMKeyLength > iRek; + + TBuf8< KDRMKeyLength > iMac; + + // Have the credentials of the caller been checked for this session? + TCredentialsCheckType iCredentialsChecked; + + // Filename used for getting obsolete Contents + TFileName* iFileName; + + // Client handle + RThread iClient; + + // ID of the currently handled content + HBufC8* iContentId; + + // Roap client + TBool iRoapClientConnected; + Roap::RRoapStorageClient iRoapClient; + +public: // Friend classes +protected: // Friend classes +private: // Friend classes + }; + +#include "DRMDbSession.inl" + + +#endif // CDRMDBSESSION_H + +// End of File