OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "media/cdm/aes_decryptor.h" | 5 #include "media/cdm/aes_decryptor.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 #include <list> | 8 #include <list> |
9 #include <utility> | 9 #include <utility> |
10 #include <vector> | 10 #include <vector> |
(...skipping 11 matching lines...) Expand all Loading... | |
22 #include "media/base/limits.h" | 22 #include "media/base/limits.h" |
23 #include "media/base/video_decoder_config.h" | 23 #include "media/base/video_decoder_config.h" |
24 #include "media/base/video_frame.h" | 24 #include "media/base/video_frame.h" |
25 #include "media/cdm/json_web_key.h" | 25 #include "media/cdm/json_web_key.h" |
26 | 26 |
27 #if defined(USE_PROPRIETARY_CODECS) | 27 #if defined(USE_PROPRIETARY_CODECS) |
28 #include "media/cdm/cenc_utils.h" | 28 #include "media/cdm/cenc_utils.h" |
29 #endif | 29 #endif |
30 | 30 |
31 namespace media { | 31 namespace media { |
32 | |
xhwang
2016/10/24 17:06:13
We actually like this empty line :)
| |
33 // Keeps track of the session IDs and DecryptionKeys. The keys are ordered by | 32 // Keeps track of the session IDs and DecryptionKeys. The keys are ordered by |
34 // insertion time (last insertion is first). It takes ownership of the | 33 // insertion time (last insertion is first). It takes ownership of the |
35 // DecryptionKeys. | 34 // DecryptionKeys. |
36 class AesDecryptor::SessionIdDecryptionKeyMap { | 35 class AesDecryptor::SessionIdDecryptionKeyMap { |
37 // Use a std::list to actually hold the data. Insertion is always done | 36 // Use a std::list to actually hold the data. Insertion is always done |
38 // at the front, so the "latest" decryption key is always the first one | 37 // at the front, so the "latest" decryption key is always the first one |
39 // in the list. | 38 // in the list. |
40 using KeyList = | 39 using KeyList = |
41 std::list<std::pair<std::string, std::unique_ptr<DecryptionKey>>>; | 40 std::list<std::pair<std::string, std::unique_ptr<DecryptionKey>>>; |
42 | 41 |
(...skipping 201 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
244 DCHECK(!session_keys_change_cb_.is_null()); | 243 DCHECK(!session_keys_change_cb_.is_null()); |
245 } | 244 } |
246 | 245 |
247 AesDecryptor::~AesDecryptor() { | 246 AesDecryptor::~AesDecryptor() { |
248 key_map_.clear(); | 247 key_map_.clear(); |
249 } | 248 } |
250 | 249 |
251 void AesDecryptor::SetServerCertificate( | 250 void AesDecryptor::SetServerCertificate( |
252 const std::vector<uint8_t>& certificate, | 251 const std::vector<uint8_t>& certificate, |
253 std::unique_ptr<SimpleCdmPromise> promise) { | 252 std::unique_ptr<SimpleCdmPromise> promise) { |
254 promise->reject( | 253 promise->reject(CdmPromise::NOT_SUPPORTED_ERROR, 0, |
255 NOT_SUPPORTED_ERROR, 0, "SetServerCertificate() is not supported."); | 254 "SetServerCertificate() is not supported."); |
256 } | 255 } |
257 | 256 |
258 void AesDecryptor::CreateSessionAndGenerateRequest( | 257 void AesDecryptor::CreateSessionAndGenerateRequest( |
259 SessionType session_type, | 258 SessionType session_type, |
260 EmeInitDataType init_data_type, | 259 EmeInitDataType init_data_type, |
261 const std::vector<uint8_t>& init_data, | 260 const std::vector<uint8_t>& init_data, |
262 std::unique_ptr<NewSessionCdmPromise> promise) { | 261 std::unique_ptr<NewSessionCdmPromise> promise) { |
263 std::string session_id(base::UintToString(next_session_id_++)); | 262 std::string session_id(base::UintToString(next_session_id_++)); |
264 valid_sessions_.insert(session_id); | 263 valid_sessions_.insert(session_id); |
265 | 264 |
266 // For now, the AesDecryptor does not care about |session_type|. | 265 // For now, the AesDecryptor does not care about |session_type|. |
267 // TODO(jrummell): Validate |session_type|. | 266 // TODO(jrummell): Validate |session_type|. |
268 | 267 |
269 std::vector<uint8_t> message; | 268 std::vector<uint8_t> message; |
270 std::vector<std::vector<uint8_t>> keys; | 269 std::vector<std::vector<uint8_t>> keys; |
271 switch (init_data_type) { | 270 switch (init_data_type) { |
272 case EmeInitDataType::WEBM: | 271 case EmeInitDataType::WEBM: |
273 // |init_data| is simply the key needed. | 272 // |init_data| is simply the key needed. |
274 if (init_data.size() < limits::kMinKeyIdLength || | 273 if (init_data.size() < limits::kMinKeyIdLength || |
275 init_data.size() > limits::kMaxKeyIdLength) { | 274 init_data.size() > limits::kMaxKeyIdLength) { |
276 promise->reject(NOT_SUPPORTED_ERROR, 0, "Incorrect length"); | 275 promise->reject(CdmPromise::NOT_SUPPORTED_ERROR, 0, "Incorrect length"); |
277 return; | 276 return; |
278 } | 277 } |
279 keys.push_back(init_data); | 278 keys.push_back(init_data); |
280 break; | 279 break; |
281 case EmeInitDataType::CENC: | 280 case EmeInitDataType::CENC: |
282 #if defined(USE_PROPRIETARY_CODECS) | 281 #if defined(USE_PROPRIETARY_CODECS) |
283 // |init_data| is a set of 0 or more concatenated 'pssh' boxes. | 282 // |init_data| is a set of 0 or more concatenated 'pssh' boxes. |
284 if (!GetKeyIdsForCommonSystemId(init_data, &keys)) { | 283 if (!GetKeyIdsForCommonSystemId(init_data, &keys)) { |
285 promise->reject(NOT_SUPPORTED_ERROR, 0, "No supported PSSH box found."); | 284 promise->reject(CdmPromise::NOT_SUPPORTED_ERROR, 0, |
285 "No supported PSSH box found."); | |
286 return; | 286 return; |
287 } | 287 } |
288 break; | 288 break; |
289 #else | 289 #else |
290 promise->reject(NOT_SUPPORTED_ERROR, 0, | 290 promise->reject(CdmPromise::NOT_SUPPORTED_ERROR, 0, |
291 "Initialization data type CENC is not supported."); | 291 "Initialization data type CENC is not supported."); |
292 return; | 292 return; |
293 #endif | 293 #endif |
294 case EmeInitDataType::KEYIDS: { | 294 case EmeInitDataType::KEYIDS: { |
295 std::string init_data_string(init_data.begin(), init_data.end()); | 295 std::string init_data_string(init_data.begin(), init_data.end()); |
296 std::string error_message; | 296 std::string error_message; |
297 if (!ExtractKeyIdsFromKeyIdsInitData(init_data_string, &keys, | 297 if (!ExtractKeyIdsFromKeyIdsInitData(init_data_string, &keys, |
298 &error_message)) { | 298 &error_message)) { |
299 promise->reject(NOT_SUPPORTED_ERROR, 0, error_message); | 299 promise->reject(CdmPromise::NOT_SUPPORTED_ERROR, 0, error_message); |
300 return; | 300 return; |
301 } | 301 } |
302 break; | 302 break; |
303 } | 303 } |
304 default: | 304 default: |
305 NOTREACHED(); | 305 NOTREACHED(); |
306 promise->reject(NOT_SUPPORTED_ERROR, 0, "init_data_type not supported."); | 306 promise->reject(CdmPromise::NOT_SUPPORTED_ERROR, 0, |
307 "init_data_type not supported."); | |
307 return; | 308 return; |
308 } | 309 } |
309 CreateLicenseRequest(keys, session_type, &message); | 310 CreateLicenseRequest(keys, session_type, &message); |
310 | 311 |
311 promise->resolve(session_id); | 312 promise->resolve(session_id); |
312 | 313 |
313 session_message_cb_.Run(session_id, LICENSE_REQUEST, message); | 314 session_message_cb_.Run(session_id, LICENSE_REQUEST, message); |
314 } | 315 } |
315 | 316 |
316 void AesDecryptor::LoadSession(SessionType session_type, | 317 void AesDecryptor::LoadSession(SessionType session_type, |
317 const std::string& session_id, | 318 const std::string& session_id, |
318 std::unique_ptr<NewSessionCdmPromise> promise) { | 319 std::unique_ptr<NewSessionCdmPromise> promise) { |
319 // TODO(xhwang): Change this to NOTREACHED() when blink checks for key systems | 320 // TODO(xhwang): Change this to NOTREACHED() when blink checks for key systems |
320 // that do not support loadSession. See http://crbug.com/342481 | 321 // that do not support loadSession. See http://crbug.com/342481 |
321 promise->reject(NOT_SUPPORTED_ERROR, 0, "LoadSession() is not supported."); | 322 promise->reject(CdmPromise::NOT_SUPPORTED_ERROR, 0, |
323 "LoadSession() is not supported."); | |
322 } | 324 } |
323 | 325 |
324 void AesDecryptor::UpdateSession(const std::string& session_id, | 326 void AesDecryptor::UpdateSession(const std::string& session_id, |
325 const std::vector<uint8_t>& response, | 327 const std::vector<uint8_t>& response, |
326 std::unique_ptr<SimpleCdmPromise> promise) { | 328 std::unique_ptr<SimpleCdmPromise> promise) { |
327 CHECK(!response.empty()); | 329 CHECK(!response.empty()); |
328 | 330 |
329 // TODO(jrummell): Convert back to a DCHECK once prefixed EME is removed. | 331 // TODO(jrummell): Convert back to a DCHECK once prefixed EME is removed. |
330 if (valid_sessions_.find(session_id) == valid_sessions_.end()) { | 332 if (valid_sessions_.find(session_id) == valid_sessions_.end()) { |
331 promise->reject(INVALID_ACCESS_ERROR, 0, "Session does not exist."); | 333 promise->reject(CdmPromise::INVALID_ACCESS_ERROR, 0, |
334 "Session does not exist."); | |
332 return; | 335 return; |
333 } | 336 } |
334 | 337 |
335 std::string key_string(response.begin(), response.end()); | 338 std::string key_string(response.begin(), response.end()); |
336 | 339 |
337 KeyIdAndKeyPairs keys; | 340 KeyIdAndKeyPairs keys; |
338 SessionType session_type = MediaKeys::TEMPORARY_SESSION; | 341 SessionType session_type = MediaKeys::TEMPORARY_SESSION; |
339 if (!ExtractKeysFromJWKSet(key_string, &keys, &session_type)) { | 342 if (!ExtractKeysFromJWKSet(key_string, &keys, &session_type)) { |
340 promise->reject( | 343 promise->reject(CdmPromise::INVALID_ACCESS_ERROR, 0, |
341 INVALID_ACCESS_ERROR, 0, "Response is not a valid JSON Web Key Set."); | 344 "Response is not a valid JSON Web Key Set."); |
342 return; | 345 return; |
343 } | 346 } |
344 | 347 |
345 // Make sure that at least one key was extracted. | 348 // Make sure that at least one key was extracted. |
346 if (keys.empty()) { | 349 if (keys.empty()) { |
347 promise->reject( | 350 promise->reject(CdmPromise::INVALID_ACCESS_ERROR, 0, |
348 INVALID_ACCESS_ERROR, 0, "Response does not contain any keys."); | 351 "Response does not contain any keys."); |
349 return; | 352 return; |
350 } | 353 } |
351 | 354 |
352 bool key_added = false; | 355 bool key_added = false; |
353 for (KeyIdAndKeyPairs::iterator it = keys.begin(); it != keys.end(); ++it) { | 356 for (KeyIdAndKeyPairs::iterator it = keys.begin(); it != keys.end(); ++it) { |
354 if (it->second.length() != | 357 if (it->second.length() != |
355 static_cast<size_t>(DecryptConfig::kDecryptionKeySize)) { | 358 static_cast<size_t>(DecryptConfig::kDecryptionKeySize)) { |
356 DVLOG(1) << "Invalid key length: " << it->second.length(); | 359 DVLOG(1) << "Invalid key length: " << it->second.length(); |
357 promise->reject(INVALID_ACCESS_ERROR, 0, "Invalid key length."); | 360 promise->reject(CdmPromise::INVALID_ACCESS_ERROR, 0, |
361 "Invalid key length."); | |
358 return; | 362 return; |
359 } | 363 } |
360 | 364 |
361 // If this key_id doesn't currently exist in this session, | 365 // If this key_id doesn't currently exist in this session, |
362 // a new key is added. | 366 // a new key is added. |
363 if (!HasKey(session_id, it->first)) | 367 if (!HasKey(session_id, it->first)) |
364 key_added = true; | 368 key_added = true; |
365 | 369 |
366 if (!AddDecryptionKey(session_id, it->first, it->second)) { | 370 if (!AddDecryptionKey(session_id, it->first, it->second)) { |
367 promise->reject(INVALID_ACCESS_ERROR, 0, "Unable to add key."); | 371 promise->reject(CdmPromise::INVALID_ACCESS_ERROR, 0, |
372 "Unable to add key."); | |
368 return; | 373 return; |
369 } | 374 } |
370 } | 375 } |
371 | 376 |
372 { | 377 { |
373 base::AutoLock auto_lock(new_key_cb_lock_); | 378 base::AutoLock auto_lock(new_key_cb_lock_); |
374 | 379 |
375 if (!new_audio_key_cb_.is_null()) | 380 if (!new_audio_key_cb_.is_null()) |
376 new_audio_key_cb_.Run(); | 381 new_audio_key_cb_.Run(); |
377 | 382 |
(...skipping 30 matching lines...) Expand all Loading... | |
408 DeleteKeysForSession(session_id); | 413 DeleteKeysForSession(session_id); |
409 promise->resolve(); | 414 promise->resolve(); |
410 | 415 |
411 // Resolve the closed attribute. | 416 // Resolve the closed attribute. |
412 session_closed_cb_.Run(session_id); | 417 session_closed_cb_.Run(session_id); |
413 } | 418 } |
414 | 419 |
415 void AesDecryptor::RemoveSession(const std::string& session_id, | 420 void AesDecryptor::RemoveSession(const std::string& session_id, |
416 std::unique_ptr<SimpleCdmPromise> promise) { | 421 std::unique_ptr<SimpleCdmPromise> promise) { |
417 NOTIMPLEMENTED() << "Need to address https://crbug.com/616166."; | 422 NOTIMPLEMENTED() << "Need to address https://crbug.com/616166."; |
418 promise->reject(INVALID_ACCESS_ERROR, 0, "Session does not exist."); | 423 promise->reject(CdmPromise::INVALID_ACCESS_ERROR, 0, |
424 "Session does not exist."); | |
419 } | 425 } |
420 | 426 |
421 CdmContext* AesDecryptor::GetCdmContext() { | 427 CdmContext* AesDecryptor::GetCdmContext() { |
422 return this; | 428 return this; |
423 } | 429 } |
424 | 430 |
425 Decryptor* AesDecryptor::GetDecryptor() { | 431 Decryptor* AesDecryptor::GetDecryptor() { |
426 return this; | 432 return this; |
427 } | 433 } |
428 | 434 |
(...skipping 163 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
592 bool AesDecryptor::DecryptionKey::Init() { | 598 bool AesDecryptor::DecryptionKey::Init() { |
593 CHECK(!secret_.empty()); | 599 CHECK(!secret_.empty()); |
594 decryption_key_ = | 600 decryption_key_ = |
595 crypto::SymmetricKey::Import(crypto::SymmetricKey::AES, secret_); | 601 crypto::SymmetricKey::Import(crypto::SymmetricKey::AES, secret_); |
596 if (!decryption_key_) | 602 if (!decryption_key_) |
597 return false; | 603 return false; |
598 return true; | 604 return true; |
599 } | 605 } |
600 | 606 |
601 } // namespace media | 607 } // namespace media |
OLD | NEW |