Reputation: 16857
How does Android play DRM content after decryption?
I am looking at Android's DRM documentation and I see the following diagram:
The diagram shows DRM HAL requesting the decryption of DRM content, and then later accessing using a "secure buffer handle". I want to ask if anyone knows how the content corresponding to secure handle is played ? Does the content ever leave the TEE or can Android play decrypted content while it is in the TEE ?
Upvotes: 0
Views: 1172
Answers (1)
Reputation: 25491
There are different security level for the different DRM types, but the highest level for the most common like Widevine and Playready will require HW root of trust, keys stored leveraging the HW/TEE, and a secure media path.
The secure media path means exactly as you say - the unencrypted media is never exposed to the application or to any other part of the system before it is displayed. The display system is passed the protected memory buffers.
For applications which need to do post processing on the decrypted media, such as VR and AR, Android allows limited operations to be performed on the protected buffers. You can see this covered in the Android online documentation: https://source.android.com/devices/graphics/arch-st#st_vid_play
Upvotes: 3
Related Questions
- How to play an encrypted video file in Android
- How to handle multikey DRM with MediaDrm
- Decrypt & Decode encrypted data to a SurfaceTexture using MediaCodec
- how to play an encrypted file in Android
- Playing encrypted files on Android
- Decrypting widevine DRM protected video in android using MediaDrm
- Android decrypt and play mp4 at runtime
- Android :: DRM for video content
- C# Decrypting a file
- DRM on smartphones (Android, iOS, etc.)