Add Common Encryption support to BMFF, including subsample decryption.

media/crypto/aes_decryptor_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <string>
 
 #include "base/basictypes.h"
 #include "media/base/decoder_buffer.h"
 #include "media/base/decrypt_config.h"
 #include "media/base/mock_filters.h"
 #include "media/crypto/aes_decryptor.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 using ::testing::_;
 using ::testing::Gt;
 using ::testing::NotNull;
 using ::testing::SaveArg;
 using ::testing::StrNe;
 
 namespace media {
 
 static const char kClearKeySystem[] = "org.w3.clearkey";
 static const uint8 kInitData[] = { 0x69, 0x6e, 0x69, 0x74 };
-// |kEncryptedData| is encrypted from |kOriginalData| using |kRightKey|.
-// Modifying any of these independently would fail the test.
 static const uint8 kOriginalData[] = {
   0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c,
-  0x20, 0x64, 0x61, 0x74, 0x61, 0x2e
+  0x20, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x20, 0x33,
+  0x30, 0x20, 0x62, 0x79, 0x74, 0x65, 0x73, 0x20,
+  0x6f, 0x66, 0x20, 0x69, 0x74, 0x2e
 };
-static const uint8 kEncryptedData[] = {
-  0x82, 0x3A, 0x76, 0x92, 0xEC, 0x7F, 0xF8, 0x85,
-  0xEC, 0x23, 0x52, 0xFB, 0x19, 0xB1, 0xB9, 0x09
+
+// |kCBCEncryptedData| is |kOriginalData| encrypted with |kRightKey| and the
+// default IV embedded in aes_decryptor.cc.
+//
+// TODO(strobe): CBC is only used for an early draft of WebM encryption.
+// Remove when https://chromiumcodereview.appspot.com/10535029 lands.
+static const uint8 kCBCEncryptedData[] = {

[fgalligan1, 2012/06/27 00:28:36]

s/kCBCEncryptedData/kCbcEncryptedData

[strobe_, 2012/06/27 02:01:21]

Done.

+  0x16, 0xeb, 0x06, 0xf8, 0x99, 0x87, 0xce, 0x09,
+  0x0e, 0x91, 0x5a, 0xa3, 0x88, 0xc3, 0x5b, 0xf5,
+  0xe9, 0xac, 0x40, 0x53, 0x95, 0x85, 0x5f, 0x09,
+  0x3d, 0xa0, 0x4f, 0xbe, 0x66, 0xf5, 0x15, 0xb5
 };
+
+// |kCTREncryptedData| is |kOriginalData| encrypted with |kRightKey|, using
+// initial counter |kInitialCtr|.
+static const uint8 kCTREncryptedData[] = {

[fgalligan1, 2012/06/27 00:28:36]

s/kCTREncryptedData/kCtrEncryptedData/

[strobe_, 2012/06/27 02:01:21]

Done.

+  0x06, 0x53, 0x1d, 0x16, 0x67, 0xd4, 0x2d, 0x5c,
+  0xa8, 0xba, 0x3b, 0x82, 0xc4, 0xdc, 0x14, 0x89,
+  0xea, 0x2e, 0x8c, 0x64, 0x4c, 0x4b, 0x6b, 0xda,
+  0x39, 0xbb, 0xe8, 0xc1, 0x25, 0x35
+};
+
+// |kCTREncryptedData| is |kOriginalData|, subsampled according to

[fgalligan1, 2012/06/27 00:28:36]

kCtrSubsampleEncryptedData

[strobe_, 2012/06/27 02:01:21]

Done.

+// |kSubsamples|, with ciphered portions encrypted with |kRightKey|, using
+// initial counter |kInitialCtr|.
+static const uint8 kCTRSubsampleEncryptedData[] = {

[fgalligan1, 2012/06/27 00:28:36]

s/kCTRSubsampleEncryptedData/kCtrSubsampleEncryptedData/

[strobe_, 2012/06/27 02:01:21]

Done.

+  0x4f, 0x72, 0x69, 0x2e, 0x48, 0x1a, 0x10, 0x62,
+  0x20, 0xde, 0x2d, 0x44, 0xe9, 0xf0, 0x7a, 0xc5,
+  0x95, 0xd2, 0x56, 0xc3, 0xae, 0x6b, 0x9d, 0x3d,
+  0x57, 0x48, 0x38, 0x93, 0x74, 0x2e
+};
+
 static const uint8 kRightKey[] = {
   0x41, 0x20, 0x77, 0x6f, 0x6e, 0x64, 0x65, 0x72,
   0x66, 0x75, 0x6c, 0x20, 0x6b, 0x65, 0x79, 0x21
 };
 static const uint8 kWrongKey[] = {
   0x49, 0x27, 0x6d, 0x20, 0x61, 0x20, 0x77, 0x72,
   0x6f, 0x6e, 0x67, 0x20, 0x6b, 0x65, 0x79, 0x2e
 };
 static const uint8 kWrongSizedKey[] = { 0x20, 0x20 };
 static const uint8 kKeyId1[] = {
   0x4b, 0x65, 0x79, 0x20, 0x49, 0x44, 0x20, 0x31
 };
 static const uint8 kKeyId2[] = {
   0x4b, 0x65, 0x79, 0x20, 0x49, 0x44, 0x20, 0x32
 };
+static const uint8 kInitialCtr[] = {

[ddorwin, 2012/06/26 06:09:19]

Why not call this IV?

[strobe_, 2012/06/27 02:01:21]

Done. (The underlying libraries tend to treat initial IV (for CBC) and initial
counter (for CTR) as separate entities, hence the original naming, but in
media:: we always think of it as an IV, so.)

+  0x41, 0x54, 0x65, 0x73, 0x74, 0x49, 0x56, 0x31,
+  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+};
+static const SubsampleEntry kSubsamples[] = {
+  { 3, 5 },
+  { 1, 19 },
+  { 2, 0 }
+};
 
 class AesDecryptorTest : public testing::Test {
  public:
   AesDecryptorTest() : decryptor_(&client_) {
-    encrypted_data_ = DecoderBuffer::CopyFrom(kEncryptedData,
-                                              arraysize(kEncryptedData));
+    InitCTR();

[ddorwin, 2012/06/26 06:09:19]

I think this is unexpected. Please call it in each test.

[strobe_, 2012/06/27 02:01:21]

Done.

+  };
+
+ protected:
+  void InitCBC() {
+    encrypted_data_ = DecoderBuffer::CopyFrom(
+        kCBCEncryptedData, arraysize(kCBCEncryptedData));
+    encrypted_data_->SetDecryptConfig(
+        scoped_ptr<DecryptConfig>(new DecryptConfig(
+            kKeyId1, arraysize(kKeyId1))));
   }
 
- protected:
+  void InitCTR() {
+    encrypted_data_ = DecoderBuffer::CopyFrom(
+        kCTREncryptedData, arraysize(kCTREncryptedData));
+    encrypted_data_->SetDecryptConfig(
+        scoped_ptr<DecryptConfig>(new DecryptConfig(
+            kKeyId1, arraysize(kKeyId1),
+            kInitialCtr, arraysize(kInitialCtr))));
+  }
+
+  void InitCTRSubsample() {
+    encrypted_data_ = DecoderBuffer::CopyFrom(
+        kCTRSubsampleEncryptedData, arraysize(kCTRSubsampleEncryptedData));
+    encrypted_data_->SetDecryptConfig(
+        scoped_ptr<DecryptConfig>(new DecryptConfig(
+            kKeyId1, arraysize(kKeyId1),
+            kInitialCtr, arraysize(kInitialCtr),
+            kSubsamples, arraysize(kSubsamples))));
+  }
+
   void GenerateKeyRequest() {
     EXPECT_CALL(client_, KeyMessageMock(kClearKeySystem, StrNe(std::string()),
                                         NotNull(), Gt(0), ""))
         .WillOnce(SaveArg<1>(&session_id_string_));
     decryptor_.GenerateKeyRequest(kClearKeySystem,
                                   kInitData, arraysize(kInitData));
   }
 
   template <int KeyIdSize, int KeySize>
   void AddKeyAndExpectToSucceed(const uint8 (&key_id)[KeyIdSize],
                                 const uint8 (&key)[KeySize]) {
     EXPECT_CALL(client_, KeyAdded(kClearKeySystem, session_id_string_));
     decryptor_.AddKey(kClearKeySystem, key, KeySize, key_id, KeyIdSize,
                       session_id_string_);
   }
 
   template <int KeyIdSize, int KeySize>
   void AddKeyAndExpectToFail(const uint8 (&key_id)[KeyIdSize],
                              const uint8 (&key)[KeySize]) {
     EXPECT_CALL(client_, KeyError(kClearKeySystem, session_id_string_,
                                   Decryptor::kUnknownError, 0));
     decryptor_.AddKey(kClearKeySystem, key, KeySize, key_id, KeyIdSize,
                       session_id_string_);
   }
 
-  template <int KeyIdSize>
-  void SetKeyIdForEncryptedData(const uint8 (&key_id)[KeyIdSize]) {
-    encrypted_data_->SetDecryptConfig(
-        scoped_ptr<DecryptConfig>(new DecryptConfig(key_id, KeyIdSize)));
-  }
-
   void DecryptAndExpectToSucceed() {
     scoped_refptr<DecoderBuffer> decrypted =
         decryptor_.Decrypt(encrypted_data_);
     ASSERT_TRUE(decrypted);
     int data_length = sizeof(kOriginalData);
     ASSERT_EQ(data_length, decrypted->GetDataSize());
     EXPECT_EQ(0, memcmp(kOriginalData, decrypted->GetData(), data_length));
   }
 
-  void DecryptAndExpectToFail() {
+  void DecryptAndExpectIncorrectData() {
     scoped_refptr<DecoderBuffer> decrypted =
         decryptor_.Decrypt(encrypted_data_);
-    EXPECT_FALSE(decrypted);
+    ASSERT_TRUE(decrypted);

[ddorwin, 2012/06/26 06:09:19]

Does this pass because you fixed up the padding or whatever such that we can no
longer detect the decrypt failure? Or maybe because CTR does not fail in the
same way?

[strobe_, 2012/06/27 02:01:21]

The latter. Our CBC decoder expects PKCS#5 padding, which can be verified to a)
trim the decoded string of padding, and b) as a (very weak) integrity check. It
seems like CTR doesn't have this expectation.

I've put DecryptAndExpectToFail() back and added comments to make this clearer.

+    int data_length = sizeof(kOriginalData);
+    ASSERT_EQ(data_length, decrypted->GetDataSize());
+    EXPECT_NE(0, memcmp(kOriginalData, decrypted->GetData(), data_length));
   }
 
   scoped_refptr<DecoderBuffer> encrypted_data_;
   MockDecryptorClient client_;
   AesDecryptor decryptor_;
   std::string session_id_string_;
 };
 
 TEST_F(AesDecryptorTest, NormalDecryption) {
   GenerateKeyRequest();
   AddKeyAndExpectToSucceed(kKeyId1, kRightKey);
-  SetKeyIdForEncryptedData(kKeyId1);
   ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed());
 }
 
-TEST_F(AesDecryptorTest, WrongKey) {
+TEST_F(AesDecryptorTest, NormalCBCDecryption) {
+  InitCBC();
+  GenerateKeyRequest();
+  AddKeyAndExpectToSucceed(kKeyId1, kRightKey);
+  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed());
+}
+
+TEST_F(AesDecryptorTest, NormalCTRSubsampleDecryption) {
+  InitCTRSubsample();
+  GenerateKeyRequest();
+  AddKeyAndExpectToSucceed(kKeyId1, kRightKey);
+  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed());
+}
+
+TEST_F(AesDecryptorTest, WrongCBCKey) {

[ddorwin, 2012/06/26 06:09:19]

add InitCTRSubsample();
I think you also need a WrongKey (for CTR).
OR just change the function name and don't have a CBC test.

[strobe_, 2012/06/27 02:01:21]

Not sure where this should go.
Changed name. (I think that's what you meant, right?)

   GenerateKeyRequest();
   AddKeyAndExpectToSucceed(kKeyId1, kWrongKey);
-  SetKeyIdForEncryptedData(kKeyId1);
-  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToFail());
+  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectIncorrectData());
 }
 
 TEST_F(AesDecryptorTest, MultipleKeys) {
   GenerateKeyRequest();
   AddKeyAndExpectToSucceed(kKeyId1, kRightKey);
   AddKeyAndExpectToSucceed(kKeyId2, kWrongKey);
-  SetKeyIdForEncryptedData(kKeyId1);
   ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed());
 }
 
 TEST_F(AesDecryptorTest, KeyReplacement) {
   GenerateKeyRequest();
-  SetKeyIdForEncryptedData(kKeyId1);
   AddKeyAndExpectToSucceed(kKeyId1, kWrongKey);
-  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToFail());
+  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectIncorrectData());
   AddKeyAndExpectToSucceed(kKeyId1, kRightKey);
   ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed());
 }
 
 TEST_F(AesDecryptorTest, WrongSizedKey) {
   GenerateKeyRequest();
   AddKeyAndExpectToFail(kKeyId1, kWrongSizedKey);
 }
 
 }  // media