aes_decryptor.h revision 5d1f7b1de12d16ceb2c938c56701a3e8bfa558f7
1// Copyright 2013 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef MEDIA_CRYPTO_AES_DECRYPTOR_H_ 6#define MEDIA_CRYPTO_AES_DECRYPTOR_H_ 7 8#include <set> 9#include <string> 10 11#include "base/basictypes.h" 12#include "base/containers/scoped_ptr_hash_map.h" 13#include "base/memory/ref_counted.h" 14#include "base/memory/scoped_ptr.h" 15#include "base/synchronization/lock.h" 16#include "media/base/decryptor.h" 17#include "media/base/media_export.h" 18#include "media/base/media_keys.h" 19 20namespace crypto { 21class SymmetricKey; 22} 23 24namespace media { 25 26// Decrypts an AES encrypted buffer into an unencrypted buffer. The AES 27// encryption must be CTR with a key size of 128bits. 28class MEDIA_EXPORT AesDecryptor : public MediaKeys, public Decryptor { 29 public: 30 AesDecryptor(const SessionCreatedCB& session_created_cb, 31 const SessionMessageCB& session_message_cb, 32 const SessionReadyCB& session_ready_cb, 33 const SessionClosedCB& session_closed_cb, 34 const SessionErrorCB& session_error_cb); 35 virtual ~AesDecryptor(); 36 37 // MediaKeys implementation. 38 virtual bool CreateSession(uint32 session_id, 39 const std::string& content_type, 40 const uint8* init_data, 41 int init_data_length) OVERRIDE; 42 virtual void LoadSession(uint32 session_id, 43 const std::string& web_session_id) OVERRIDE; 44 virtual void UpdateSession(uint32 session_id, 45 const uint8* response, 46 int response_length) OVERRIDE; 47 virtual void ReleaseSession(uint32 session_id) OVERRIDE; 48 virtual Decryptor* GetDecryptor() OVERRIDE; 49 50 // Decryptor implementation. 51 virtual void RegisterNewKeyCB(StreamType stream_type, 52 const NewKeyCB& key_added_cb) OVERRIDE; 53 virtual void Decrypt(StreamType stream_type, 54 const scoped_refptr<DecoderBuffer>& encrypted, 55 const DecryptCB& decrypt_cb) OVERRIDE; 56 virtual void CancelDecrypt(StreamType stream_type) OVERRIDE; 57 virtual void InitializeAudioDecoder(const AudioDecoderConfig& config, 58 const DecoderInitCB& init_cb) OVERRIDE; 59 virtual void InitializeVideoDecoder(const VideoDecoderConfig& config, 60 const DecoderInitCB& init_cb) OVERRIDE; 61 virtual void DecryptAndDecodeAudio( 62 const scoped_refptr<DecoderBuffer>& encrypted, 63 const AudioDecodeCB& audio_decode_cb) OVERRIDE; 64 virtual void DecryptAndDecodeVideo( 65 const scoped_refptr<DecoderBuffer>& encrypted, 66 const VideoDecodeCB& video_decode_cb) OVERRIDE; 67 virtual void ResetDecoder(StreamType stream_type) OVERRIDE; 68 virtual void DeinitializeDecoder(StreamType stream_type) OVERRIDE; 69 70 private: 71 // TODO(fgalligan): Remove this and change KeyMap to use crypto::SymmetricKey 72 // as there are no decryptors that are performing an integrity check. 73 // Helper class that manages the decryption key. 74 class DecryptionKey { 75 public: 76 explicit DecryptionKey(const std::string& secret); 77 ~DecryptionKey(); 78 79 // Creates the encryption key. 80 bool Init(); 81 82 crypto::SymmetricKey* decryption_key() { return decryption_key_.get(); } 83 84 private: 85 // The base secret that is used to create the decryption key. 86 const std::string secret_; 87 88 // The key used to decrypt the data. 89 scoped_ptr<crypto::SymmetricKey> decryption_key_; 90 91 DISALLOW_COPY_AND_ASSIGN(DecryptionKey); 92 }; 93 94 // Keep track of the keys for a key ID. If multiple sessions specify keys 95 // for the same key ID, then the last key inserted is used. The structure is 96 // optimized so that Decrypt() has fast access, at the cost of slow deletion 97 // of keys when a session is released. 98 class SessionIdDecryptionKeyMap; 99 100 // Key ID <-> SessionIdDecryptionKeyMap map. 101 typedef base::ScopedPtrHashMap<std::string, SessionIdDecryptionKeyMap> 102 KeyIdToSessionKeysMap; 103 104 // Creates a DecryptionKey using |key_string| and associates it with |key_id|. 105 // Returns true if successful. 106 bool AddDecryptionKey(const uint32 session_id, 107 const std::string& key_id, 108 const std::string& key_string); 109 110 // Gets a DecryptionKey associated with |key_id|. The AesDecryptor still owns 111 // the key. Returns NULL if no key is associated with |key_id|. 112 DecryptionKey* GetKey(const std::string& key_id) const; 113 114 // Deletes all keys associated with |session_id|. 115 void DeleteKeysForSession(const uint32 session_id); 116 117 // Callbacks for firing session events. 118 SessionCreatedCB session_created_cb_; 119 SessionMessageCB session_message_cb_; 120 SessionReadyCB session_ready_cb_; 121 SessionClosedCB session_closed_cb_; 122 SessionErrorCB session_error_cb_; 123 124 // Since only Decrypt() is called off the renderer thread, we only need to 125 // protect |key_map_|, the only member variable that is shared between 126 // Decrypt() and other methods. 127 KeyIdToSessionKeysMap key_map_; // Protected by |key_map_lock_|. 128 mutable base::Lock key_map_lock_; // Protects the |key_map_|. 129 130 // Keeps track of current valid session IDs. 131 std::set<uint32> valid_sessions_; 132 133 // Make web session ID unique per renderer by making it static. Web session 134 // IDs seen by the app will be "1", "2", etc. 135 static uint32 next_web_session_id_; 136 137 NewKeyCB new_audio_key_cb_; 138 NewKeyCB new_video_key_cb_; 139 140 // Protect |new_audio_key_cb_| and |new_video_key_cb_| as they are set on the 141 // main thread but called on the media thread. 142 mutable base::Lock new_key_cb_lock_; 143 144 DISALLOW_COPY_AND_ASSIGN(AesDecryptor); 145}; 146 147} // namespace media 148 149#endif // MEDIA_CRYPTO_AES_DECRYPTOR_H_ 150