1ba5b9a6411cb1792fd21f0a078d7a25cd1ceec16Ben Murdoch// Copyright 2013 The Chromium Authors. All rights reserved.
25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be
35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file.
45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
5ba5b9a6411cb1792fd21f0a078d7a25cd1ceec16Ben Murdoch#include "media/cdm/aes_decryptor.h"
65821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
7a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include <list>
85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include <vector>
95821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/logging.h"
115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/stl_util.h"
12868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "base/strings/string_number_conversions.h"
135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "crypto/encryptor.h"
145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "crypto/symmetric_key.h"
155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "media/base/audio_decoder_config.h"
16f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)#include "media/base/cdm_promise.h"
175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "media/base/decoder_buffer.h"
185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "media/base/decrypt_config.h"
195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "media/base/video_decoder_config.h"
205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "media/base/video_frame.h"
21f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "media/cdm/json_web_key.h"
225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace media {
245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
25a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)// Keeps track of the session IDs and DecryptionKeys. The keys are ordered by
26a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)// insertion time (last insertion is first). It takes ownership of the
27a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)// DecryptionKeys.
28a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)class AesDecryptor::SessionIdDecryptionKeyMap {
29a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  // Use a std::list to actually hold the data. Insertion is always done
30a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  // at the front, so the "latest" decryption key is always the first one
31a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  // in the list.
32f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  typedef std::list<std::pair<std::string, DecryptionKey*> > KeyList;
33a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)
34a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) public:
35a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  SessionIdDecryptionKeyMap() {}
36a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  ~SessionIdDecryptionKeyMap() { STLDeleteValues(&key_list_); }
37a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)
38a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  // Replaces value if |session_id| is already present, or adds it if not.
39a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  // This |decryption_key| becomes the latest until another insertion or
40a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  // |session_id| is erased.
41f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  void Insert(const std::string& web_session_id,
42f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)              scoped_ptr<DecryptionKey> decryption_key);
43a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)
44a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  // Deletes the entry for |session_id| if present.
45f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  void Erase(const std::string& web_session_id);
46a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)
47a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  // Returns whether the list is empty
48a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  bool Empty() const { return key_list_.empty(); }
49a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)
50a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  // Returns the last inserted DecryptionKey.
51a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  DecryptionKey* LatestDecryptionKey() {
52a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)    DCHECK(!key_list_.empty());
53a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)    return key_list_.begin()->second;
54a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  }
55a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)
566e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)  bool Contains(const std::string& web_session_id) {
576e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)    return Find(web_session_id) != key_list_.end();
586e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)  }
596e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)
60a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) private:
61f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  // Searches the list for an element with |web_session_id|.
62f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  KeyList::iterator Find(const std::string& web_session_id);
63a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)
64a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  // Deletes the entry pointed to by |position|.
65a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  void Erase(KeyList::iterator position);
66a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)
67a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  KeyList key_list_;
68a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)
69a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  DISALLOW_COPY_AND_ASSIGN(SessionIdDecryptionKeyMap);
70a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)};
71a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)
72a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)void AesDecryptor::SessionIdDecryptionKeyMap::Insert(
73f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)    const std::string& web_session_id,
74a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)    scoped_ptr<DecryptionKey> decryption_key) {
75f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  KeyList::iterator it = Find(web_session_id);
76a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  if (it != key_list_.end())
77a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)    Erase(it);
78a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  DecryptionKey* raw_ptr = decryption_key.release();
79f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  key_list_.push_front(std::make_pair(web_session_id, raw_ptr));
80a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)}
81a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)
82f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)void AesDecryptor::SessionIdDecryptionKeyMap::Erase(
83f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)    const std::string& web_session_id) {
84f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  KeyList::iterator it = Find(web_session_id);
85a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  if (it == key_list_.end())
86a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)    return;
87a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  Erase(it);
88a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)}
89a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)
90a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)AesDecryptor::SessionIdDecryptionKeyMap::KeyList::iterator
91f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)AesDecryptor::SessionIdDecryptionKeyMap::Find(
92f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)    const std::string& web_session_id) {
93a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  for (KeyList::iterator it = key_list_.begin(); it != key_list_.end(); ++it) {
94f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)    if (it->first == web_session_id)
95a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)      return it;
96a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  }
97a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  return key_list_.end();
98a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)}
99a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)
100a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)void AesDecryptor::SessionIdDecryptionKeyMap::Erase(
101a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)    KeyList::iterator position) {
102a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  DCHECK(position->second);
103a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  delete position->second;
104a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  key_list_.erase(position);
105a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)}
106a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)
107a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)uint32 AesDecryptor::next_web_session_id_ = 1;
1085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
1095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)enum ClearBytesBufferSel {
1105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  kSrcContainsClearBytes,
1115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  kDstContainsClearBytes
1125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)};
1135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
1145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)static void CopySubsamples(const std::vector<SubsampleEntry>& subsamples,
1155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)                           const ClearBytesBufferSel sel,
1165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)                           const uint8* src,
1175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)                           uint8* dst) {
1185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  for (size_t i = 0; i < subsamples.size(); i++) {
1195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    const SubsampleEntry& subsample = subsamples[i];
1205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    if (sel == kSrcContainsClearBytes) {
1215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)      src += subsample.clear_bytes;
1225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    } else {
1235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)      dst += subsample.clear_bytes;
1245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    }
1255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    memcpy(dst, src, subsample.cypher_bytes);
1265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    src += subsample.cypher_bytes;
1275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    dst += subsample.cypher_bytes;
1285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  }
1295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}
1305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
1315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Decrypts |input| using |key|.  Returns a DecoderBuffer with the decrypted
1325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// data if decryption succeeded or NULL if decryption failed.
1335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)static scoped_refptr<DecoderBuffer> DecryptData(const DecoderBuffer& input,
1345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)                                                crypto::SymmetricKey* key) {
135ca12bfac764ba476d6cd062bf1dde12cc64c3f40Ben Murdoch  CHECK(input.data_size());
136ca12bfac764ba476d6cd062bf1dde12cc64c3f40Ben Murdoch  CHECK(input.decrypt_config());
1375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  CHECK(key);
1385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
1395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  crypto::Encryptor encryptor;
1405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  if (!encryptor.Init(key, crypto::Encryptor::CTR, "")) {
1415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    DVLOG(1) << "Could not initialize decryptor.";
1425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    return NULL;
1435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  }
1445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
145ca12bfac764ba476d6cd062bf1dde12cc64c3f40Ben Murdoch  DCHECK_EQ(input.decrypt_config()->iv().size(),
1465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)            static_cast<size_t>(DecryptConfig::kDecryptionKeySize));
147ca12bfac764ba476d6cd062bf1dde12cc64c3f40Ben Murdoch  if (!encryptor.SetCounter(input.decrypt_config()->iv())) {
1485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    DVLOG(1) << "Could not set counter block.";
1495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    return NULL;
1505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  }
1515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
1525d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)  const char* sample = reinterpret_cast<const char*>(input.data());
1535d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)  size_t sample_size = static_cast<size_t>(input.data_size());
1545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
155f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)  DCHECK_GT(sample_size, 0U) << "No sample data to be decrypted.";
156f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)  if (sample_size == 0)
157a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)    return NULL;
158a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)
159ca12bfac764ba476d6cd062bf1dde12cc64c3f40Ben Murdoch  if (input.decrypt_config()->subsamples().empty()) {
1605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    std::string decrypted_text;
1615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    base::StringPiece encrypted_text(sample, sample_size);
1625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    if (!encryptor.Decrypt(encrypted_text, &decrypted_text)) {
1635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)      DVLOG(1) << "Could not decrypt data.";
1645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)      return NULL;
1655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    }
1665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
1675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    // TODO(xhwang): Find a way to avoid this data copy.
1685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    return DecoderBuffer::CopyFrom(
1695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)        reinterpret_cast<const uint8*>(decrypted_text.data()),
1705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)        decrypted_text.size());
1715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  }
1725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
1735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  const std::vector<SubsampleEntry>& subsamples =
174ca12bfac764ba476d6cd062bf1dde12cc64c3f40Ben Murdoch      input.decrypt_config()->subsamples();
1755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
176f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)  size_t total_clear_size = 0;
177f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)  size_t total_encrypted_size = 0;
1785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  for (size_t i = 0; i < subsamples.size(); i++) {
1795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    total_clear_size += subsamples[i].clear_bytes;
1805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    total_encrypted_size += subsamples[i].cypher_bytes;
181f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)    // Check for overflow. This check is valid because *_size is unsigned.
182f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)    DCHECK(total_clear_size >= subsamples[i].clear_bytes);
183f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)    if (total_encrypted_size < subsamples[i].cypher_bytes)
184f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)      return NULL;
1855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  }
186f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)  size_t total_size = total_clear_size + total_encrypted_size;
187f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)  if (total_size < total_clear_size || total_size != sample_size) {
1885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    DVLOG(1) << "Subsample sizes do not equal input size";
1895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    return NULL;
1905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  }
1915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
192a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)  // No need to decrypt if there is no encrypted data.
193a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)  if (total_encrypted_size <= 0) {
194a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)    return DecoderBuffer::CopyFrom(reinterpret_cast<const uint8*>(sample),
195a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)                                   sample_size);
196a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)  }
197a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)
1985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // The encrypted portions of all subsamples must form a contiguous block,
1995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // such that an encrypted subsample that ends away from a block boundary is
2005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // immediately followed by the start of the next encrypted subsample. We
2015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // copy all encrypted subsamples to a contiguous buffer, decrypt them, then
2025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // copy the decrypted bytes over the encrypted bytes in the output.
2035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // TODO(strobe): attempt to reduce number of memory copies
204c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)  scoped_ptr<uint8[]> encrypted_bytes(new uint8[total_encrypted_size]);
2055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  CopySubsamples(subsamples, kSrcContainsClearBytes,
2065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)                 reinterpret_cast<const uint8*>(sample), encrypted_bytes.get());
2075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
2085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  base::StringPiece encrypted_text(
2095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)      reinterpret_cast<const char*>(encrypted_bytes.get()),
2105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)      total_encrypted_size);
2115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  std::string decrypted_text;
2125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  if (!encryptor.Decrypt(encrypted_text, &decrypted_text)) {
2135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    DVLOG(1) << "Could not decrypt data.";
2145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    return NULL;
2155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  }
216a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)  DCHECK_EQ(decrypted_text.size(), encrypted_text.size());
2175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
2185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  scoped_refptr<DecoderBuffer> output = DecoderBuffer::CopyFrom(
2195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)      reinterpret_cast<const uint8*>(sample), sample_size);
2205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  CopySubsamples(subsamples, kDstContainsClearBytes,
2215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)                 reinterpret_cast<const uint8*>(decrypted_text.data()),
222ca12bfac764ba476d6cd062bf1dde12cc64c3f40Ben Murdoch                 output->writable_data());
2235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  return output;
2245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}
2255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
226f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)AesDecryptor::AesDecryptor(const SessionMessageCB& session_message_cb,
2271320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci                           const SessionClosedCB& session_closed_cb,
2281320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci                           const SessionKeysChangeCB& session_keys_change_cb)
229f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)    : session_message_cb_(session_message_cb),
2301320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci      session_closed_cb_(session_closed_cb),
2311320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci      session_keys_change_cb_(session_keys_change_cb) {
232f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  DCHECK(!session_message_cb_.is_null());
233f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  DCHECK(!session_closed_cb_.is_null());
2341320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  DCHECK(!session_keys_change_cb_.is_null());
235f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)}
2365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
2375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)AesDecryptor::~AesDecryptor() {
238a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  key_map_.clear();
2395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}
2405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
2411320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tuccivoid AesDecryptor::SetServerCertificate(const uint8* certificate_data,
2421320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci                                        int certificate_data_length,
2431320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci                                        scoped_ptr<SimpleCdmPromise> promise) {
2441320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  promise->reject(
2451320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci      NOT_SUPPORTED_ERROR, 0, "SetServerCertificate() is not supported.");
2461320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci}
2471320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci
248f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)void AesDecryptor::CreateSession(const std::string& init_data_type,
249a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)                                 const uint8* init_data,
250f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)                                 int init_data_length,
251f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)                                 SessionType session_type,
252f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)                                 scoped_ptr<NewSessionCdmPromise> promise) {
253f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  std::string web_session_id(base::UintToString(next_web_session_id_++));
254f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  valid_sessions_.insert(web_session_id);
255f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)
256f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  // For now, the AesDecryptor does not care about |init_data_type| or
257f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  // |session_type|; just resolve the promise and then fire a message event
25803b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)  // using the |init_data| as the key ID in the license request.
259f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  // TODO(jrummell): Validate |init_data_type| and |session_type|.
260eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch  std::vector<uint8> message;
261eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch  if (init_data && init_data_length)
26203b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)    CreateLicenseRequest(init_data, init_data_length, session_type, &message);
2635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
264f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  promise->resolve(web_session_id);
265f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)
266f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  session_message_cb_.Run(web_session_id, message, GURL());
2675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}
2685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
269f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)void AesDecryptor::LoadSession(const std::string& web_session_id,
270f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)                               scoped_ptr<NewSessionCdmPromise> promise) {
2715d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)  // TODO(xhwang): Change this to NOTREACHED() when blink checks for key systems
2725d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)  // that do not support loadSession. See http://crbug.com/342481
273f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  promise->reject(NOT_SUPPORTED_ERROR, 0, "LoadSession() is not supported.");
2745d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)}
2755d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)
276f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)void AesDecryptor::UpdateSession(const std::string& web_session_id,
277a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)                                 const uint8* response,
278f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)                                 int response_length,
279f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)                                 scoped_ptr<SimpleCdmPromise> promise) {
280a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  CHECK(response);
281a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  CHECK_GT(response_length, 0);
282f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)
283f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  // TODO(jrummell): Convert back to a DCHECK once prefixed EME is removed.
284f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  if (valid_sessions_.find(web_session_id) == valid_sessions_.end()) {
285f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)    promise->reject(INVALID_ACCESS_ERROR, 0, "Session does not exist.");
286f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)    return;
287f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  }
288a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)
289a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  std::string key_string(reinterpret_cast<const char*>(response),
290a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)                         response_length);
291f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)
292f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)  KeyIdAndKeyPairs keys;
29303b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)  SessionType session_type = MediaKeys::TEMPORARY_SESSION;
29403b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)  if (!ExtractKeysFromJWKSet(key_string, &keys, &session_type)) {
295f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)    promise->reject(
296f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)        INVALID_ACCESS_ERROR, 0, "response is not a valid JSON Web Key Set.");
297f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)    return;
298f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)  }
2995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
300f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)  // Make sure that at least one key was extracted.
301f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)  if (keys.empty()) {
302f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)    promise->reject(
303f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)        INVALID_ACCESS_ERROR, 0, "response does not contain any keys.");
304f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)    return;
305f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)  }
306f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)
307f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)  for (KeyIdAndKeyPairs::iterator it = keys.begin(); it != keys.end(); ++it) {
308f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)    if (it->second.length() !=
30958537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)        static_cast<size_t>(DecryptConfig::kDecryptionKeySize)) {
31058537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)      DVLOG(1) << "Invalid key length: " << key_string.length();
311f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)      promise->reject(INVALID_ACCESS_ERROR, 0, "Invalid key length.");
31258537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)      return;
31358537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)    }
314f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)    if (!AddDecryptionKey(web_session_id, it->first, it->second)) {
315f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)      promise->reject(INVALID_ACCESS_ERROR, 0, "Unable to add key.");
31658537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)      return;
31758537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)    }
31858537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)  }
3195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
3205d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)  {
3215d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)    base::AutoLock auto_lock(new_key_cb_lock_);
3225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
3235d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)    if (!new_audio_key_cb_.is_null())
3245d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)      new_audio_key_cb_.Run();
3255d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)
3265d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)    if (!new_video_key_cb_.is_null())
3275d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)      new_video_key_cb_.Run();
3285d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)  }
3295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
330f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  promise->resolve();
3311320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci
3321320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  // Assume that at least 1 new key has been successfully added and thus
3331320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  // sending true.
3341320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  session_keys_change_cb_.Run(web_session_id, true);
3351320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci}
3361320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci
3371320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tuccivoid AesDecryptor::CloseSession(const std::string& web_session_id,
3381320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci                                scoped_ptr<SimpleCdmPromise> promise) {
3391320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  // Validate that this is a reference to an active session and then forget it.
3401320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  std::set<std::string>::iterator it = valid_sessions_.find(web_session_id);
3411320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  DCHECK(it != valid_sessions_.end());
3421320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci
3431320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  valid_sessions_.erase(it);
3441320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci
3451320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  // Close the session.
3461320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  DeleteKeysForSession(web_session_id);
3471320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  promise->resolve();
3481320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  session_closed_cb_.Run(web_session_id);
3491320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci}
3501320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci
3511320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tuccivoid AesDecryptor::RemoveSession(const std::string& web_session_id,
3521320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci                                 scoped_ptr<SimpleCdmPromise> promise) {
3531320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  // AesDecryptor doesn't keep any persistent data, so this should be
3541320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  // NOT_REACHED().
3551320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  // TODO(jrummell): Make sure persistent session types are rejected.
3561320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  // http://crbug.com/384152.
3571320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  //
3581320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  // However, v0.1b calls to CancelKeyRequest() will call this, so close the
3591320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  // session, if it exists.
3601320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  // TODO(jrummell): Remove the close() call when prefixed EME is removed.
3611320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  // http://crbug.com/249976.
3621320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  if (valid_sessions_.find(web_session_id) != valid_sessions_.end()) {
3631320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci    CloseSession(web_session_id, promise.Pass());
3641320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci    return;
3651320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  }
3661320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci
3671320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci  promise->reject(INVALID_ACCESS_ERROR, 0, "Session does not exist.");
3685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}
3695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
3706e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)void AesDecryptor::GetUsableKeyIds(const std::string& web_session_id,
3716e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)                                   scoped_ptr<KeyIdsPromise> promise) {
3726e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)  // Since |web_session_id| is not provided by the user, this should never
3736e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)  // happen.
3746e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)  DCHECK(valid_sessions_.find(web_session_id) != valid_sessions_.end());
3756e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)
3766e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)  KeyIdsVector keyids;
3776e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)  base::AutoLock auto_lock(key_map_lock_);
3786e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)  for (KeyIdToSessionKeysMap::iterator it = key_map_.begin();
3796e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)       it != key_map_.end();
3806e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)       ++it) {
3816e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)    if (it->second->Contains(web_session_id))
3826e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)      keyids.push_back(std::vector<uint8>(it->first.begin(), it->first.end()));
3836e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)  }
3846e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)  promise->resolve(keyids);
3856e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)}
3866e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)
387eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen MurdochDecryptor* AesDecryptor::GetDecryptor() {
388868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)  return this;
389868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)}
390868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)
3912a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)void AesDecryptor::RegisterNewKeyCB(StreamType stream_type,
3922a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)                                    const NewKeyCB& new_key_cb) {
3935d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)  base::AutoLock auto_lock(new_key_cb_lock_);
3945d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)
3955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  switch (stream_type) {
3965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    case kAudio:
3972a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)      new_audio_key_cb_ = new_key_cb;
3985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)      break;
3995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    case kVideo:
4002a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)      new_video_key_cb_ = new_key_cb;
4015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)      break;
4025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    default:
4035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)      NOTREACHED();
4045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  }
4055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}
4065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
4075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void AesDecryptor::Decrypt(StreamType stream_type,
4085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)                           const scoped_refptr<DecoderBuffer>& encrypted,
4095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)                           const DecryptCB& decrypt_cb) {
410ca12bfac764ba476d6cd062bf1dde12cc64c3f40Ben Murdoch  CHECK(encrypted->decrypt_config());
4115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
4125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  scoped_refptr<DecoderBuffer> decrypted;
4135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // An empty iv string signals that the frame is unencrypted.
414ca12bfac764ba476d6cd062bf1dde12cc64c3f40Ben Murdoch  if (encrypted->decrypt_config()->iv().empty()) {
4155d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)    decrypted = DecoderBuffer::CopyFrom(encrypted->data(),
4165d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)                                        encrypted->data_size());
4175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  } else {
418ca12bfac764ba476d6cd062bf1dde12cc64c3f40Ben Murdoch    const std::string& key_id = encrypted->decrypt_config()->key_id();
4192a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)    DecryptionKey* key = GetKey(key_id);
4202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)    if (!key) {
4212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)      DVLOG(1) << "Could not find a matching key for the given key ID.";
4222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)      decrypt_cb.Run(kNoKey, NULL);
4232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)      return;
4242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)    }
4252a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)
4265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    crypto::SymmetricKey* decryption_key = key->decryption_key();
427868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)    decrypted = DecryptData(*encrypted.get(), decryption_key);
428868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)    if (!decrypted.get()) {
4295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)      DVLOG(1) << "Decryption failed.";
4305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)      decrypt_cb.Run(kError, NULL);
4315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)      return;
4325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    }
4335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  }
4345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
435ca12bfac764ba476d6cd062bf1dde12cc64c3f40Ben Murdoch  decrypted->set_timestamp(encrypted->timestamp());
436ca12bfac764ba476d6cd062bf1dde12cc64c3f40Ben Murdoch  decrypted->set_duration(encrypted->duration());
4375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  decrypt_cb.Run(kSuccess, decrypted);
4385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}
4395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
4405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void AesDecryptor::CancelDecrypt(StreamType stream_type) {
4415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // Decrypt() calls the DecryptCB synchronously so there's nothing to cancel.
4425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}
4435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
4442a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)void AesDecryptor::InitializeAudioDecoder(const AudioDecoderConfig& config,
4455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)                                          const DecoderInitCB& init_cb) {
4465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // AesDecryptor does not support audio decoding.
4475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  init_cb.Run(false);
4485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}
4495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
4502a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)void AesDecryptor::InitializeVideoDecoder(const VideoDecoderConfig& config,
4515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)                                          const DecoderInitCB& init_cb) {
4525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // AesDecryptor does not support video decoding.
4535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  init_cb.Run(false);
4545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}
4555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
4565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void AesDecryptor::DecryptAndDecodeAudio(
4575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    const scoped_refptr<DecoderBuffer>& encrypted,
4585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    const AudioDecodeCB& audio_decode_cb) {
4595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  NOTREACHED() << "AesDecryptor does not support audio decoding";
4605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}
4615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
4625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void AesDecryptor::DecryptAndDecodeVideo(
4635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    const scoped_refptr<DecoderBuffer>& encrypted,
4645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    const VideoDecodeCB& video_decode_cb) {
4655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  NOTREACHED() << "AesDecryptor does not support video decoding";
4665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}
4675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
4685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void AesDecryptor::ResetDecoder(StreamType stream_type) {
4695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  NOTREACHED() << "AesDecryptor does not support audio/video decoding";
4705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}
4715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
4725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void AesDecryptor::DeinitializeDecoder(StreamType stream_type) {
4735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  NOTREACHED() << "AesDecryptor does not support audio/video decoding";
4745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}
4755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
476f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)bool AesDecryptor::AddDecryptionKey(const std::string& web_session_id,
477a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)                                    const std::string& key_id,
47858537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)                                    const std::string& key_string) {
47958537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)  scoped_ptr<DecryptionKey> decryption_key(new DecryptionKey(key_string));
48058537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)  if (!decryption_key->Init()) {
48158537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)    DVLOG(1) << "Could not initialize decryption key.";
48258537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)    return false;
48358537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)  }
48458537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)
4855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  base::AutoLock auto_lock(key_map_lock_);
486a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  KeyIdToSessionKeysMap::iterator key_id_entry = key_map_.find(key_id);
487a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  if (key_id_entry != key_map_.end()) {
488f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)    key_id_entry->second->Insert(web_session_id, decryption_key.Pass());
489a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)    return true;
4905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  }
491a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)
492a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  // |key_id| not found, so need to create new entry.
493a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  scoped_ptr<SessionIdDecryptionKeyMap> inner_map(
494a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)      new SessionIdDecryptionKeyMap());
495f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  inner_map->Insert(web_session_id, decryption_key.Pass());
496a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  key_map_.add(key_id, inner_map.Pass());
49758537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)  return true;
4985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}
4995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
5005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)AesDecryptor::DecryptionKey* AesDecryptor::GetKey(
5015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    const std::string& key_id) const {
5025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  base::AutoLock auto_lock(key_map_lock_);
503a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  KeyIdToSessionKeysMap::const_iterator key_id_found = key_map_.find(key_id);
504a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  if (key_id_found == key_map_.end())
5055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    return NULL;
5065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
507a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  // Return the key from the "latest" session_id entry.
508a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  return key_id_found->second->LatestDecryptionKey();
509a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)}
510a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)
511f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)void AesDecryptor::DeleteKeysForSession(const std::string& web_session_id) {
512a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  base::AutoLock auto_lock(key_map_lock_);
513a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)
514f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  // Remove all keys associated with |web_session_id|. Since the data is
515f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  // optimized for access in GetKey(), we need to look at each entry in
516f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)  // |key_map_|.
517a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  KeyIdToSessionKeysMap::iterator it = key_map_.begin();
518a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  while (it != key_map_.end()) {
519f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)    it->second->Erase(web_session_id);
520a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)    if (it->second->Empty()) {
521a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)      // Need to get rid of the entry for this key_id. This will mess up the
522a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)      // iterator, so we need to increment it first.
523a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)      KeyIdToSessionKeysMap::iterator current = it;
524a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)      ++it;
525a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)      key_map_.erase(current);
526a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)    } else {
527a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)      ++it;
528a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)    }
529a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  }
5305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}
5315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
5325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)AesDecryptor::DecryptionKey::DecryptionKey(const std::string& secret)
5335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    : secret_(secret) {
5345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}
5355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
5365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)AesDecryptor::DecryptionKey::~DecryptionKey() {}
5375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
5385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)bool AesDecryptor::DecryptionKey::Init() {
5395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  CHECK(!secret_.empty());
5405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  decryption_key_.reset(crypto::SymmetricKey::Import(
5415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)      crypto::SymmetricKey::AES, secret_));
542c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)  if (!decryption_key_)
5435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    return false;
5445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  return true;
5455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}
5465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
5475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}  // namespace media
548