aes_decryptor.cc revision 58537e28ecd584eab876aee8be7156509866d23a
1// Copyright 2013 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "media/cdm/aes_decryptor.h" 6 7#include <vector> 8 9#include "base/base64.h" 10#include "base/json/json_reader.h" 11#include "base/logging.h" 12#include "base/stl_util.h" 13#include "base/strings/string_number_conversions.h" 14#include "base/strings/string_util.h" 15#include "base/values.h" 16#include "crypto/encryptor.h" 17#include "crypto/symmetric_key.h" 18#include "media/base/audio_decoder_config.h" 19#include "media/base/decoder_buffer.h" 20#include "media/base/decrypt_config.h" 21#include "media/base/video_decoder_config.h" 22#include "media/base/video_frame.h" 23 24namespace media { 25 26uint32 AesDecryptor::next_session_id_ = 1; 27 28enum ClearBytesBufferSel { 29 kSrcContainsClearBytes, 30 kDstContainsClearBytes 31}; 32 33typedef std::vector<std::pair<std::string, std::string> > JWKKeys; 34 35static void CopySubsamples(const std::vector<SubsampleEntry>& subsamples, 36 const ClearBytesBufferSel sel, 37 const uint8* src, 38 uint8* dst) { 39 for (size_t i = 0; i < subsamples.size(); i++) { 40 const SubsampleEntry& subsample = subsamples[i]; 41 if (sel == kSrcContainsClearBytes) { 42 src += subsample.clear_bytes; 43 } else { 44 dst += subsample.clear_bytes; 45 } 46 memcpy(dst, src, subsample.cypher_bytes); 47 src += subsample.cypher_bytes; 48 dst += subsample.cypher_bytes; 49 } 50} 51 52// Processes a JSON Web Key to extract the key id and key value. Adds the 53// id/value pair to |jwk_keys| and returns true on success. 54static bool ProcessSymmetricKeyJWK(const DictionaryValue& jwk, 55 JWKKeys* jwk_keys) { 56 // A symmetric keys JWK looks like the following in JSON: 57 // { "kty":"oct", 58 // "kid":"AAECAwQFBgcICQoLDA0ODxAREhM=", 59 // "k":"FBUWFxgZGhscHR4fICEiIw==" } 60 // There may be other properties specified, but they are ignored. 61 // Ref: http://tools.ietf.org/html/draft-ietf-jose-json-web-key-14 62 // and: 63 // http://tools.ietf.org/html/draft-jones-jose-json-private-and-symmetric-key-00 64 65 // Have found a JWK, start by checking that it is a symmetric key. 66 std::string type; 67 if (!jwk.GetString("kty", &type) || type != "oct") { 68 DVLOG(1) << "JWK is not a symmetric key"; 69 return false; 70 } 71 72 // Get the key id and actual key parameters. 73 std::string encoded_key_id; 74 std::string encoded_key; 75 if (!jwk.GetString("kid", &encoded_key_id)) { 76 DVLOG(1) << "Missing 'kid' parameter"; 77 return false; 78 } 79 if (!jwk.GetString("k", &encoded_key)) { 80 DVLOG(1) << "Missing 'k' parameter"; 81 return false; 82 } 83 84 // Key ID and key are base64-encoded strings, so decode them. 85 // TODO(jrummell): The JWK spec and the EME spec don't say that 'kid' must be 86 // base64-encoded (they don't say anything at all). Verify with the EME spec. 87 std::string decoded_key_id; 88 std::string decoded_key; 89 if (!base::Base64Decode(encoded_key_id, &decoded_key_id) || 90 decoded_key_id.empty()) { 91 DVLOG(1) << "Invalid 'kid' value"; 92 return false; 93 } 94 if (!base::Base64Decode(encoded_key, &decoded_key) || 95 decoded_key.length() != 96 static_cast<size_t>(DecryptConfig::kDecryptionKeySize)) { 97 DVLOG(1) << "Invalid length of 'k' " << decoded_key.length(); 98 return false; 99 } 100 101 // Add the decoded key ID and the decoded key to the list. 102 jwk_keys->push_back(std::make_pair(decoded_key_id, decoded_key)); 103 return true; 104} 105 106// Extracts the JSON Web Keys from a JSON Web Key Set. If |input| looks like 107// a valid JWK Set, then true is returned and |jwk_keys| is updated to contain 108// the list of keys found. Otherwise return false. 109static bool ExtractJWKKeys(const std::string& input, JWKKeys* jwk_keys) { 110 // TODO(jrummell): The EME spec references a smaller set of allowed ASCII 111 // values. Verify with spec that the smaller character set is needed. 112 if (!IsStringASCII(input)) 113 return false; 114 115 scoped_ptr<Value> root(base::JSONReader().ReadToValue(input)); 116 if (!root.get() || root->GetType() != Value::TYPE_DICTIONARY) 117 return false; 118 119 // A JSON Web Key Set looks like the following in JSON: 120 // { "keys": [ JWK1, JWK2, ... ] } 121 // (See ProcessSymmetricKeyJWK() for description of JWK.) 122 // There may be other properties specified, but they are ignored. 123 // Locate the set from the dictionary. 124 DictionaryValue* dictionary = static_cast<DictionaryValue*>(root.get()); 125 ListValue* list_val = NULL; 126 if (!dictionary->GetList("keys", &list_val)) { 127 DVLOG(1) << "Missing 'keys' parameter or not a list in JWK Set"; 128 return false; 129 } 130 131 // Create a local list of keys, so that |jwk_keys| only gets updated on 132 // success. 133 JWKKeys local_keys; 134 for (size_t i = 0; i < list_val->GetSize(); ++i) { 135 DictionaryValue* jwk = NULL; 136 if (!list_val->GetDictionary(i, &jwk)) { 137 DVLOG(1) << "Unable to access 'keys'[" << i << "] in JWK Set"; 138 return false; 139 } 140 if (!ProcessSymmetricKeyJWK(*jwk, &local_keys)) { 141 DVLOG(1) << "Error from 'keys'[" << i << "]"; 142 return false; 143 } 144 } 145 146 // Successfully processed all JWKs in the set. 147 jwk_keys->swap(local_keys); 148 return true; 149} 150 151// Decrypts |input| using |key|. Returns a DecoderBuffer with the decrypted 152// data if decryption succeeded or NULL if decryption failed. 153static scoped_refptr<DecoderBuffer> DecryptData(const DecoderBuffer& input, 154 crypto::SymmetricKey* key) { 155 CHECK(input.data_size()); 156 CHECK(input.decrypt_config()); 157 CHECK(key); 158 159 crypto::Encryptor encryptor; 160 if (!encryptor.Init(key, crypto::Encryptor::CTR, "")) { 161 DVLOG(1) << "Could not initialize decryptor."; 162 return NULL; 163 } 164 165 DCHECK_EQ(input.decrypt_config()->iv().size(), 166 static_cast<size_t>(DecryptConfig::kDecryptionKeySize)); 167 if (!encryptor.SetCounter(input.decrypt_config()->iv())) { 168 DVLOG(1) << "Could not set counter block."; 169 return NULL; 170 } 171 172 const int data_offset = input.decrypt_config()->data_offset(); 173 const char* sample = 174 reinterpret_cast<const char*>(input.data() + data_offset); 175 int sample_size = input.data_size() - data_offset; 176 177 DCHECK_GT(sample_size, 0) << "No sample data to be decrypted."; 178 if (sample_size <= 0) 179 return NULL; 180 181 if (input.decrypt_config()->subsamples().empty()) { 182 std::string decrypted_text; 183 base::StringPiece encrypted_text(sample, sample_size); 184 if (!encryptor.Decrypt(encrypted_text, &decrypted_text)) { 185 DVLOG(1) << "Could not decrypt data."; 186 return NULL; 187 } 188 189 // TODO(xhwang): Find a way to avoid this data copy. 190 return DecoderBuffer::CopyFrom( 191 reinterpret_cast<const uint8*>(decrypted_text.data()), 192 decrypted_text.size()); 193 } 194 195 const std::vector<SubsampleEntry>& subsamples = 196 input.decrypt_config()->subsamples(); 197 198 int total_clear_size = 0; 199 int total_encrypted_size = 0; 200 for (size_t i = 0; i < subsamples.size(); i++) { 201 total_clear_size += subsamples[i].clear_bytes; 202 total_encrypted_size += subsamples[i].cypher_bytes; 203 } 204 if (total_clear_size + total_encrypted_size != sample_size) { 205 DVLOG(1) << "Subsample sizes do not equal input size"; 206 return NULL; 207 } 208 209 // No need to decrypt if there is no encrypted data. 210 if (total_encrypted_size <= 0) { 211 return DecoderBuffer::CopyFrom(reinterpret_cast<const uint8*>(sample), 212 sample_size); 213 } 214 215 // The encrypted portions of all subsamples must form a contiguous block, 216 // such that an encrypted subsample that ends away from a block boundary is 217 // immediately followed by the start of the next encrypted subsample. We 218 // copy all encrypted subsamples to a contiguous buffer, decrypt them, then 219 // copy the decrypted bytes over the encrypted bytes in the output. 220 // TODO(strobe): attempt to reduce number of memory copies 221 scoped_ptr<uint8[]> encrypted_bytes(new uint8[total_encrypted_size]); 222 CopySubsamples(subsamples, kSrcContainsClearBytes, 223 reinterpret_cast<const uint8*>(sample), encrypted_bytes.get()); 224 225 base::StringPiece encrypted_text( 226 reinterpret_cast<const char*>(encrypted_bytes.get()), 227 total_encrypted_size); 228 std::string decrypted_text; 229 if (!encryptor.Decrypt(encrypted_text, &decrypted_text)) { 230 DVLOG(1) << "Could not decrypt data."; 231 return NULL; 232 } 233 DCHECK_EQ(decrypted_text.size(), encrypted_text.size()); 234 235 scoped_refptr<DecoderBuffer> output = DecoderBuffer::CopyFrom( 236 reinterpret_cast<const uint8*>(sample), sample_size); 237 CopySubsamples(subsamples, kDstContainsClearBytes, 238 reinterpret_cast<const uint8*>(decrypted_text.data()), 239 output->writable_data()); 240 return output; 241} 242 243AesDecryptor::AesDecryptor(const KeyAddedCB& key_added_cb, 244 const KeyErrorCB& key_error_cb, 245 const KeyMessageCB& key_message_cb) 246 : key_added_cb_(key_added_cb), 247 key_error_cb_(key_error_cb), 248 key_message_cb_(key_message_cb) { 249} 250 251AesDecryptor::~AesDecryptor() { 252 STLDeleteValues(&key_map_); 253} 254 255bool AesDecryptor::GenerateKeyRequest(const std::string& type, 256 const uint8* init_data, 257 int init_data_length) { 258 std::string session_id_string(base::UintToString(next_session_id_++)); 259 260 // For now, the AesDecryptor does not care about |type|; 261 // just fire the event with the |init_data| as the request. 262 std::vector<uint8> message; 263 if (init_data && init_data_length) 264 message.assign(init_data, init_data + init_data_length); 265 266 key_message_cb_.Run(session_id_string, message, std::string()); 267 return true; 268} 269 270void AesDecryptor::AddKey(const uint8* key, 271 int key_length, 272 const uint8* init_data, 273 int init_data_length, 274 const std::string& session_id) { 275 CHECK(key); 276 CHECK_GT(key_length, 0); 277 278 // AddKey() is called from update(), where the key(s) are passed as a JSON 279 // Web Key (JWK) set. Each JWK needs to be a symmetric key ('kty' = "oct"), 280 // with 'kid' being the base64-encoded key id, and 'k' being the 281 // base64-encoded key. 282 // 283 // For backwards compatibility with v0.1b of the spec (where |key| is the raw 284 // key and |init_data| is the key id), if |key| is not valid JSON, then 285 // attempt to process it as a raw key. 286 287 // TODO(xhwang): Add |session_id| check after we figure out how: 288 // https://www.w3.org/Bugs/Public/show_bug.cgi?id=16550 289 290 std::string key_string(reinterpret_cast<const char*>(key), key_length); 291 JWKKeys jwk_keys; 292 if (ExtractJWKKeys(key_string, &jwk_keys)) { 293 // Since |key| represents valid JSON, init_data must be empty. 294 DCHECK(!init_data); 295 DCHECK_EQ(init_data_length, 0); 296 297 // Make sure that at least one key was extracted. 298 if (jwk_keys.empty()) { 299 key_error_cb_.Run(session_id, MediaKeys::kUnknownError, 0); 300 return; 301 } 302 for (JWKKeys::iterator it = jwk_keys.begin() ; it != jwk_keys.end(); ++it) { 303 if (!AddDecryptionKey(it->first, it->second)) { 304 key_error_cb_.Run(session_id, MediaKeys::kUnknownError, 0); 305 return; 306 } 307 } 308 } else { 309 // v0.1b backwards compatibility support. 310 // TODO(jrummell): Remove this code once v0.1b no longer supported. 311 312 if (key_string.length() != 313 static_cast<size_t>(DecryptConfig::kDecryptionKeySize)) { 314 DVLOG(1) << "Invalid key length: " << key_string.length(); 315 key_error_cb_.Run(session_id, MediaKeys::kUnknownError, 0); 316 return; 317 } 318 319 // TODO(xhwang): Fix the decryptor to accept no |init_data|. See 320 // http://crbug.com/123265. Until then, ensure a non-empty value is passed. 321 static const uint8 kDummyInitData[1] = {0}; 322 if (!init_data) { 323 init_data = kDummyInitData; 324 init_data_length = arraysize(kDummyInitData); 325 } 326 327 // TODO(xhwang): For now, use |init_data| for key ID. Make this more spec 328 // compliant later (http://crbug.com/123262, http://crbug.com/123265). 329 std::string key_id_string(reinterpret_cast<const char*>(init_data), 330 init_data_length); 331 if (!AddDecryptionKey(key_id_string, key_string)) { 332 // Error logged in AddDecryptionKey() 333 key_error_cb_.Run(session_id, MediaKeys::kUnknownError, 0); 334 return; 335 } 336 } 337 338 if (!new_audio_key_cb_.is_null()) 339 new_audio_key_cb_.Run(); 340 341 if (!new_video_key_cb_.is_null()) 342 new_video_key_cb_.Run(); 343 344 key_added_cb_.Run(session_id); 345} 346 347void AesDecryptor::CancelKeyRequest(const std::string& session_id) { 348} 349 350Decryptor* AesDecryptor::GetDecryptor() { 351 return this; 352} 353 354void AesDecryptor::RegisterNewKeyCB(StreamType stream_type, 355 const NewKeyCB& new_key_cb) { 356 switch (stream_type) { 357 case kAudio: 358 new_audio_key_cb_ = new_key_cb; 359 break; 360 case kVideo: 361 new_video_key_cb_ = new_key_cb; 362 break; 363 default: 364 NOTREACHED(); 365 } 366} 367 368void AesDecryptor::Decrypt(StreamType stream_type, 369 const scoped_refptr<DecoderBuffer>& encrypted, 370 const DecryptCB& decrypt_cb) { 371 CHECK(encrypted->decrypt_config()); 372 373 scoped_refptr<DecoderBuffer> decrypted; 374 // An empty iv string signals that the frame is unencrypted. 375 if (encrypted->decrypt_config()->iv().empty()) { 376 int data_offset = encrypted->decrypt_config()->data_offset(); 377 decrypted = DecoderBuffer::CopyFrom(encrypted->data() + data_offset, 378 encrypted->data_size() - data_offset); 379 } else { 380 const std::string& key_id = encrypted->decrypt_config()->key_id(); 381 DecryptionKey* key = GetKey(key_id); 382 if (!key) { 383 DVLOG(1) << "Could not find a matching key for the given key ID."; 384 decrypt_cb.Run(kNoKey, NULL); 385 return; 386 } 387 388 crypto::SymmetricKey* decryption_key = key->decryption_key(); 389 decrypted = DecryptData(*encrypted.get(), decryption_key); 390 if (!decrypted.get()) { 391 DVLOG(1) << "Decryption failed."; 392 decrypt_cb.Run(kError, NULL); 393 return; 394 } 395 } 396 397 decrypted->set_timestamp(encrypted->timestamp()); 398 decrypted->set_duration(encrypted->duration()); 399 decrypt_cb.Run(kSuccess, decrypted); 400} 401 402void AesDecryptor::CancelDecrypt(StreamType stream_type) { 403 // Decrypt() calls the DecryptCB synchronously so there's nothing to cancel. 404} 405 406void AesDecryptor::InitializeAudioDecoder(const AudioDecoderConfig& config, 407 const DecoderInitCB& init_cb) { 408 // AesDecryptor does not support audio decoding. 409 init_cb.Run(false); 410} 411 412void AesDecryptor::InitializeVideoDecoder(const VideoDecoderConfig& config, 413 const DecoderInitCB& init_cb) { 414 // AesDecryptor does not support video decoding. 415 init_cb.Run(false); 416} 417 418void AesDecryptor::DecryptAndDecodeAudio( 419 const scoped_refptr<DecoderBuffer>& encrypted, 420 const AudioDecodeCB& audio_decode_cb) { 421 NOTREACHED() << "AesDecryptor does not support audio decoding"; 422} 423 424void AesDecryptor::DecryptAndDecodeVideo( 425 const scoped_refptr<DecoderBuffer>& encrypted, 426 const VideoDecodeCB& video_decode_cb) { 427 NOTREACHED() << "AesDecryptor does not support video decoding"; 428} 429 430void AesDecryptor::ResetDecoder(StreamType stream_type) { 431 NOTREACHED() << "AesDecryptor does not support audio/video decoding"; 432} 433 434void AesDecryptor::DeinitializeDecoder(StreamType stream_type) { 435 NOTREACHED() << "AesDecryptor does not support audio/video decoding"; 436} 437 438bool AesDecryptor::AddDecryptionKey(const std::string& key_id, 439 const std::string& key_string) { 440 scoped_ptr<DecryptionKey> decryption_key(new DecryptionKey(key_string)); 441 if (!decryption_key) { 442 DVLOG(1) << "Could not create key."; 443 return false; 444 } 445 446 if (!decryption_key->Init()) { 447 DVLOG(1) << "Could not initialize decryption key."; 448 return false; 449 } 450 451 base::AutoLock auto_lock(key_map_lock_); 452 KeyMap::iterator found = key_map_.find(key_id); 453 if (found != key_map_.end()) { 454 delete found->second; 455 key_map_.erase(found); 456 } 457 key_map_[key_id] = decryption_key.release(); 458 return true; 459} 460 461AesDecryptor::DecryptionKey* AesDecryptor::GetKey( 462 const std::string& key_id) const { 463 base::AutoLock auto_lock(key_map_lock_); 464 KeyMap::const_iterator found = key_map_.find(key_id); 465 if (found == key_map_.end()) 466 return NULL; 467 468 return found->second; 469} 470 471AesDecryptor::DecryptionKey::DecryptionKey(const std::string& secret) 472 : secret_(secret) { 473} 474 475AesDecryptor::DecryptionKey::~DecryptionKey() {} 476 477bool AesDecryptor::DecryptionKey::Init() { 478 CHECK(!secret_.empty()); 479 decryption_key_.reset(crypto::SymmetricKey::Import( 480 crypto::SymmetricKey::AES, secret_)); 481 if (!decryption_key_) 482 return false; 483 return true; 484} 485 486} // namespace media 487