Add support for v0.3 of the encrypted WebM specification.

media/webm/webm_cluster_parser.cc

Index: media/webm/webm_cluster_parser.cc
diff --git a/media/webm/webm_cluster_parser.cc b/media/webm/webm_cluster_parser.cc
index e9ef93e3fb14c8bd29197f0e826dcff6c9bf25a1..f5664d71799431134b29db3d0b3d4524f19cac55 100644
--- a/media/webm/webm_cluster_parser.cc
+++ b/media/webm/webm_cluster_parser.cc
@@ -14,20 +14,18 @@ namespace media {
 
 // Generates a 16 byte CTR counter block. The CTR counter block format is a
 // CTR IV appended with a CTR block counter. |iv| is an 8 byte CTR IV.
-// Always returns a valid pointer to a buffer of kDecryptionKeySize bytes.
-static scoped_array<uint8> GenerateCounterBlock(uint64 iv) {
-  scoped_array<uint8> counter_block_data(
-      new uint8[DecryptConfig::kDecryptionKeySize]);
+// Returns a string of kDecryptionKeySize bytes.
+static std::string GenerateCounterBlock(uint64 iv) {
+  char counter_block_data[DecryptConfig::kDecryptionKeySize];
 
   // Set the IV.
-  memcpy(counter_block_data.get(), &iv, sizeof(iv));
+  memcpy(counter_block_data, &iv, sizeof(iv));
 
   // Set block counter to all 0's.
-  memset(counter_block_data.get() + sizeof(iv),
-         0,
+  memset(counter_block_data + sizeof(iv), 0,
          DecryptConfig::kDecryptionKeySize - sizeof(iv));
 
-  return counter_block_data.Pass();
+  return std::string(counter_block_data, DecryptConfig::kDecryptionKeySize);

[xhwang, 2012/08/01 04:38:23]

Can we do something like this:
std::string counter_block(DecryptConfig::kDecryptionKeySize, 0);
counter_block.replace(0, sizeof(iv), reinterpret_cast<char*>(&iv), sizeof(iv));
return counter_block;

[fgalligan1, 2012/08/01 15:07:38]

I changed to this:
std::string counter_block(reinterpret_cast<char*>(&iv), sizeof(iv));
  counter_block.append(DecryptConfig::kDecryptionKeySize - sizeof(iv), 0);
  return counter_block;

 }
 
 WebMClusterParser::WebMClusterParser(int64 timecode_scale,
@@ -220,12 +218,14 @@ bool WebMClusterParser::OnBlock(int track_num, int timecode,
   // Every encrypted Block has an HMAC and IV prepended to it. Current encrypted
   // WebM request for comments specification is here
   // http://wiki.webmproject.org/encryption/webm-encryption-rfc
-  bool encrypted = track_num == video_.track_num() &&
-                   video_encryption_key_id_.get();
-  // If encrypted skip past the HMAC. Encrypted buffers must include the IV and
-  // the encrypted frame because the decryptor will verify this data before
-  // decryption. The HMAC and IV will be copied into DecryptConfig.
-  int offset = (encrypted) ? kWebMHmacSize : 0;
+  bool is_track_encrypted = track_num == video_.track_num() &&
+                            video_encryption_key_id_.get();
+
+  // If stream is encrypted skip past the HMAC. Encrypted buffers must include
+  // the signal byte, the IV (if frame is encrypted) and
+  // the frame because the decryptor will verify this data before decryption.
+  // The HMAC and IV will be copied into DecryptConfig.
+  int offset = (is_track_encrypted) ? kWebMHmacSize : 0;
 
   // The first bit of the flags is set when the block contains only keyframes.
   // http://www.matroska.org/technical/specs/index.html
@@ -233,21 +233,31 @@ bool WebMClusterParser::OnBlock(int track_num, int timecode,
   scoped_refptr<StreamParserBuffer> buffer =
       StreamParserBuffer::CopyFrom(data + offset, size - offset, is_keyframe);
 
-  if (encrypted) {
-    uint64 network_iv;
-    memcpy(&network_iv, data + kWebMHmacSize, sizeof(network_iv));
-    const uint64 iv = base::NetToHost64(network_iv);
+  if (is_track_encrypted) {
+    uint8 signal_byte = data[kWebMHmacSize];
+    int data_offset = sizeof(signal_byte);
+
+    // Setting the DecryptConfig object of the buffer while leaving the
+    // initialization vector empty will tell the decryptor that the frame is
+    // unencrypted but integrity should still be checked.
+    std::string counter_block;
+
+    if (signal_byte & kWebMFlagEncryptedFrame) {
+      uint64 network_iv;
+      memcpy(&network_iv, data + kWebMHmacSize + data_offset,
+             sizeof(network_iv));
+      const uint64 iv = base::NetToHost64(network_iv);
+      counter_block = GenerateCounterBlock(iv);
+      data_offset += sizeof(iv);
+    }
 
-    scoped_array<uint8> counter_block(GenerateCounterBlock(iv));
     buffer->SetDecryptConfig(scoped_ptr<DecryptConfig>(new DecryptConfig(
         std::string(
             reinterpret_cast<const char*>(video_encryption_key_id_.get()),
             video_encryption_key_id_size_),
-        std::string(
-            reinterpret_cast<const char*>(counter_block.get()),
-            DecryptConfig::kDecryptionKeySize),
+        counter_block,
         std::string(reinterpret_cast<const char*>(data), kWebMHmacSize),
-        sizeof(iv),
+        data_offset,
         std::vector<SubsampleEntry>())));
   }