aes_decryptor_unittest.cc revision 8bcbed890bc3ce4d7a057a8f32cab53fa534672e
1// Copyright 2013 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include <string> 6#include <vector> 7 8#include "base/basictypes.h" 9#include "base/bind.h" 10#include "media/base/decoder_buffer.h" 11#include "media/base/decrypt_config.h" 12#include "media/base/mock_filters.h" 13#include "media/cdm/aes_decryptor.h" 14#include "media/webm/webm_constants.h" 15#include "testing/gmock/include/gmock/gmock.h" 16#include "testing/gtest/include/gtest/gtest.h" 17 18using ::testing::_; 19using ::testing::Gt; 20using ::testing::IsNull; 21using ::testing::NotNull; 22using ::testing::SaveArg; 23using ::testing::StrNe; 24 25MATCHER(IsEmpty, "") { return arg.empty(); } 26 27namespace media { 28 29const uint8 kOriginalData[] = "Original subsample data."; 30const int kOriginalDataSize = 24; 31 32// In the examples below, 'k'(key) has to be 16 bytes, and will always require 33// 2 bytes of padding. 'kid'(keyid) is variable length, and may require 0, 1, 34// or 2 bytes of padding. 35 36const uint8 kKeyId[] = { 37 // base64 equivalent is AAECAw 38 0x00, 0x01, 0x02, 0x03 39}; 40 41const uint8 kKey[] = { 42 // base64 equivalent is BAUGBwgJCgsMDQ4PEBESEw 43 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 44 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13 45}; 46 47const char kKeyAsJWK[] = 48 "{" 49 " \"keys\": [" 50 " {" 51 " \"kty\": \"oct\"," 52 " \"kid\": \"AAECAw\"," 53 " \"k\": \"BAUGBwgJCgsMDQ4PEBESEw\"" 54 " }" 55 " ]" 56 "}"; 57 58const char kWrongKeyAsJWK[] = 59 "{" 60 " \"keys\": [" 61 " {" 62 " \"kty\": \"oct\"," 63 " \"kid\": \"AAECAw\"," 64 " \"k\": \"7u7u7u7u7u7u7u7u7u7u7g\"" 65 " }" 66 " ]" 67 "}"; 68 69const char kWrongSizedKeyAsJWK[] = 70 "{" 71 " \"keys\": [" 72 " {" 73 " \"kty\": \"oct\"," 74 " \"kid\": \"AAECAw\"," 75 " \"k\": \"AAECAw\"" 76 " }" 77 " ]" 78 "}"; 79 80const uint8 kIv[] = { 81 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 82 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 83}; 84 85// kOriginalData encrypted with kKey and kIv but without any subsamples (or 86// equivalently using kSubsampleEntriesCypherOnly). 87const uint8 kEncryptedData[] = { 88 0x2f, 0x03, 0x09, 0xef, 0x71, 0xaf, 0x31, 0x16, 89 0xfa, 0x9d, 0x18, 0x43, 0x1e, 0x96, 0x71, 0xb5, 90 0xbf, 0xf5, 0x30, 0x53, 0x9a, 0x20, 0xdf, 0x95 91}; 92 93// kOriginalData encrypted with kSubsampleKey and kSubsampleIv using 94// kSubsampleEntriesNormal. 95const uint8 kSubsampleEncryptedData[] = { 96 0x4f, 0x72, 0x09, 0x16, 0x09, 0xe6, 0x79, 0xad, 97 0x70, 0x73, 0x75, 0x62, 0x09, 0xbb, 0x83, 0x1d, 98 0x4d, 0x08, 0xd7, 0x78, 0xa4, 0xa7, 0xf1, 0x2e 99}; 100 101const uint8 kOriginalData2[] = "Changed Original data."; 102 103const uint8 kIv2[] = { 104 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 105 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 106}; 107 108const uint8 kKeyId2[] = { 109 // base64 equivalent is AAECAwQFBgcICQoLDA0ODxAREhM= 110 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 111 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 112 0x10, 0x11, 0x12, 0x13 113}; 114 115const char kKey2AsJWK[] = 116 "{" 117 " \"keys\": [" 118 " {" 119 " \"kty\": \"oct\"," 120 " \"kid\": \"AAECAwQFBgcICQoLDA0ODxAREhM\"," 121 " \"k\": \"FBUWFxgZGhscHR4fICEiIw\"" 122 " }" 123 " ]" 124 "}"; 125 126// 'k' in bytes is x14x15x16x17x18x19x1ax1bx1cx1dx1ex1fx20x21x22x23 127 128const uint8 kEncryptedData2[] = { 129 0x57, 0x66, 0xf4, 0x12, 0x1a, 0xed, 0xb5, 0x79, 130 0x1c, 0x8e, 0x25, 0xd7, 0x17, 0xe7, 0x5e, 0x16, 131 0xe3, 0x40, 0x08, 0x27, 0x11, 0xe9 132}; 133 134// Subsample entries for testing. The sum of |cypher_bytes| and |clear_bytes| of 135// all entries must be equal to kOriginalDataSize to make the subsample entries 136// valid. 137 138const SubsampleEntry kSubsampleEntriesNormal[] = { 139 { 2, 7 }, 140 { 3, 11 }, 141 { 1, 0 } 142}; 143 144const SubsampleEntry kSubsampleEntriesWrongSize[] = { 145 { 3, 6 }, // This entry doesn't match the correct entry. 146 { 3, 11 }, 147 { 1, 0 } 148}; 149 150const SubsampleEntry kSubsampleEntriesInvalidTotalSize[] = { 151 { 1, 1000 }, // This entry is too large. 152 { 3, 11 }, 153 { 1, 0 } 154}; 155 156const SubsampleEntry kSubsampleEntriesClearOnly[] = { 157 { 7, 0 }, 158 { 8, 0 }, 159 { 9, 0 } 160}; 161 162const SubsampleEntry kSubsampleEntriesCypherOnly[] = { 163 { 0, 6 }, 164 { 0, 8 }, 165 { 0, 10 } 166}; 167 168static scoped_refptr<DecoderBuffer> CreateEncryptedBuffer( 169 const std::vector<uint8>& data, 170 const std::vector<uint8>& key_id, 171 const std::vector<uint8>& iv, 172 int offset, 173 const std::vector<SubsampleEntry>& subsample_entries) { 174 DCHECK(!data.empty()); 175 int padded_size = offset + data.size(); 176 scoped_refptr<DecoderBuffer> encrypted_buffer(new DecoderBuffer(padded_size)); 177 memcpy(encrypted_buffer->writable_data() + offset, &data[0], data.size()); 178 CHECK(encrypted_buffer.get()); 179 std::string key_id_string( 180 reinterpret_cast<const char*>(key_id.empty() ? NULL : &key_id[0]), 181 key_id.size()); 182 std::string iv_string( 183 reinterpret_cast<const char*>(iv.empty() ? NULL : &iv[0]), iv.size()); 184 encrypted_buffer->set_decrypt_config(scoped_ptr<DecryptConfig>( 185 new DecryptConfig(key_id_string, iv_string, offset, subsample_entries))); 186 return encrypted_buffer; 187} 188 189class AesDecryptorTest : public testing::Test { 190 public: 191 AesDecryptorTest() 192 : decryptor_( 193 base::Bind(&AesDecryptorTest::KeyAdded, base::Unretained(this)), 194 base::Bind(&AesDecryptorTest::KeyError, base::Unretained(this)), 195 base::Bind(&AesDecryptorTest::KeyMessage, base::Unretained(this))), 196 decrypt_cb_(base::Bind(&AesDecryptorTest::BufferDecrypted, 197 base::Unretained(this))), 198 original_data_(kOriginalData, kOriginalData + kOriginalDataSize), 199 encrypted_data_(kEncryptedData, 200 kEncryptedData + arraysize(kEncryptedData)), 201 subsample_encrypted_data_( 202 kSubsampleEncryptedData, 203 kSubsampleEncryptedData + arraysize(kSubsampleEncryptedData)), 204 key_id_(kKeyId, kKeyId + arraysize(kKeyId)), 205 iv_(kIv, kIv + arraysize(kIv)), 206 normal_subsample_entries_( 207 kSubsampleEntriesNormal, 208 kSubsampleEntriesNormal + arraysize(kSubsampleEntriesNormal)) { 209 } 210 211 protected: 212 void GenerateKeyRequest(const std::vector<uint8>& key_id) { 213 DCHECK(!key_id.empty()); 214 EXPECT_CALL(*this, KeyMessage(StrNe(std::string()), key_id, "")) 215 .WillOnce(SaveArg<0>(&session_id_string_)); 216 EXPECT_TRUE(decryptor_.GenerateKeyRequest( 217 std::string(), &key_id[0], key_id.size())); 218 } 219 220 enum AddKeyExpectation { 221 KEY_ADDED, 222 KEY_ERROR 223 }; 224 225 void AddRawKeyAndExpect(const std::vector<uint8>& key_id, 226 const std::vector<uint8>& key, 227 AddKeyExpectation result) { 228 // TODO(jrummell): Remove once raw keys no longer supported. 229 DCHECK(!key_id.empty()); 230 DCHECK(!key.empty()); 231 232 if (result == KEY_ADDED) { 233 EXPECT_CALL(*this, KeyAdded(session_id_string_)); 234 } else if (result == KEY_ERROR) { 235 EXPECT_CALL(*this, KeyError(session_id_string_, 236 MediaKeys::kUnknownError, 0)); 237 } else { 238 NOTREACHED(); 239 } 240 241 decryptor_.AddKey(&key[0], key.size(), &key_id[0], key_id.size(), 242 session_id_string_); 243 } 244 245 void AddKeyAndExpect(const std::string& key, AddKeyExpectation result) { 246 DCHECK(!key.empty()); 247 248 if (result == KEY_ADDED) { 249 EXPECT_CALL(*this, KeyAdded(session_id_string_)); 250 } else if (result == KEY_ERROR) { 251 EXPECT_CALL(*this, 252 KeyError(session_id_string_, MediaKeys::kUnknownError, 0)); 253 } else { 254 NOTREACHED(); 255 } 256 257 decryptor_.AddKey(reinterpret_cast<const uint8*>(key.c_str()), key.length(), 258 NULL, 0, 259 session_id_string_); 260 } 261 262 MOCK_METHOD2(BufferDecrypted, void(Decryptor::Status, 263 const scoped_refptr<DecoderBuffer>&)); 264 265 enum DecryptExpectation { 266 SUCCESS, 267 DATA_MISMATCH, 268 DATA_AND_SIZE_MISMATCH, 269 DECRYPT_ERROR 270 }; 271 272 void DecryptAndExpect(const scoped_refptr<DecoderBuffer>& encrypted, 273 const std::vector<uint8>& plain_text, 274 DecryptExpectation result) { 275 scoped_refptr<DecoderBuffer> decrypted; 276 277 if (result != DECRYPT_ERROR) { 278 EXPECT_CALL(*this, BufferDecrypted(Decryptor::kSuccess, NotNull())) 279 .WillOnce(SaveArg<1>(&decrypted)); 280 } else { 281 EXPECT_CALL(*this, BufferDecrypted(Decryptor::kError, IsNull())) 282 .WillOnce(SaveArg<1>(&decrypted)); 283 } 284 285 decryptor_.Decrypt(Decryptor::kVideo, encrypted, decrypt_cb_); 286 287 std::vector<uint8> decrypted_text; 288 if (decrypted && decrypted->data_size()) { 289 decrypted_text.assign( 290 decrypted->data(), decrypted->data() + decrypted->data_size()); 291 } 292 293 switch (result) { 294 case SUCCESS: 295 EXPECT_EQ(plain_text, decrypted_text); 296 break; 297 case DATA_MISMATCH: 298 EXPECT_EQ(plain_text.size(), decrypted_text.size()); 299 EXPECT_NE(plain_text, decrypted_text); 300 break; 301 case DATA_AND_SIZE_MISMATCH: 302 EXPECT_NE(plain_text.size(), decrypted_text.size()); 303 break; 304 case DECRYPT_ERROR: 305 EXPECT_TRUE(decrypted_text.empty()); 306 break; 307 } 308 } 309 310 MOCK_METHOD1(KeyAdded, void(const std::string&)); 311 MOCK_METHOD3(KeyError, void(const std::string&, 312 MediaKeys::KeyError, int)); 313 MOCK_METHOD3(KeyMessage, void(const std::string& session_id, 314 const std::vector<uint8>& message, 315 const std::string& default_url)); 316 317 AesDecryptor decryptor_; 318 std::string session_id_string_; 319 AesDecryptor::DecryptCB decrypt_cb_; 320 321 // Constants for testing. 322 const std::vector<uint8> original_data_; 323 const std::vector<uint8> encrypted_data_; 324 const std::vector<uint8> subsample_encrypted_data_; 325 const std::vector<uint8> key_id_; 326 const std::vector<uint8> iv_; 327 const std::vector<SubsampleEntry> normal_subsample_entries_; 328 const std::vector<SubsampleEntry> no_subsample_entries_; 329}; 330 331TEST_F(AesDecryptorTest, GenerateKeyRequestWithNullInitData) { 332 EXPECT_CALL(*this, KeyMessage(StrNe(std::string()), IsEmpty(), "")); 333 EXPECT_TRUE(decryptor_.GenerateKeyRequest(std::string(), NULL, 0)); 334} 335 336TEST_F(AesDecryptorTest, NormalDecryption) { 337 GenerateKeyRequest(key_id_); 338 AddKeyAndExpect(kKeyAsJWK, KEY_ADDED); 339 scoped_refptr<DecoderBuffer> encrypted_buffer = CreateEncryptedBuffer( 340 encrypted_data_, key_id_, iv_, 0, no_subsample_entries_); 341 DecryptAndExpect(encrypted_buffer, original_data_, SUCCESS); 342} 343 344TEST_F(AesDecryptorTest, DecryptionWithOffset) { 345 GenerateKeyRequest(key_id_); 346 AddKeyAndExpect(kKeyAsJWK, KEY_ADDED); 347 scoped_refptr<DecoderBuffer> encrypted_buffer = CreateEncryptedBuffer( 348 encrypted_data_, key_id_, iv_, 23, no_subsample_entries_); 349 DecryptAndExpect(encrypted_buffer, original_data_, SUCCESS); 350} 351 352TEST_F(AesDecryptorTest, UnencryptedFrame) { 353 // An empty iv string signals that the frame is unencrypted. 354 scoped_refptr<DecoderBuffer> encrypted_buffer = CreateEncryptedBuffer( 355 original_data_, key_id_, std::vector<uint8>(), 0, no_subsample_entries_); 356 DecryptAndExpect(encrypted_buffer, original_data_, SUCCESS); 357} 358 359TEST_F(AesDecryptorTest, WrongKey) { 360 GenerateKeyRequest(key_id_); 361 AddKeyAndExpect(kWrongKeyAsJWK, KEY_ADDED); 362 scoped_refptr<DecoderBuffer> encrypted_buffer = CreateEncryptedBuffer( 363 encrypted_data_, key_id_, iv_, 0, no_subsample_entries_); 364 DecryptAndExpect(encrypted_buffer, original_data_, DATA_MISMATCH); 365} 366 367TEST_F(AesDecryptorTest, NoKey) { 368 scoped_refptr<DecoderBuffer> encrypted_buffer = CreateEncryptedBuffer( 369 encrypted_data_, key_id_, iv_, 0, no_subsample_entries_); 370 EXPECT_CALL(*this, BufferDecrypted(AesDecryptor::kNoKey, IsNull())); 371 decryptor_.Decrypt(Decryptor::kVideo, encrypted_buffer, decrypt_cb_); 372} 373 374TEST_F(AesDecryptorTest, KeyReplacement) { 375 GenerateKeyRequest(key_id_); 376 scoped_refptr<DecoderBuffer> encrypted_buffer = CreateEncryptedBuffer( 377 encrypted_data_, key_id_, iv_, 0, no_subsample_entries_); 378 379 AddKeyAndExpect(kWrongKeyAsJWK, KEY_ADDED); 380 ASSERT_NO_FATAL_FAILURE(DecryptAndExpect( 381 encrypted_buffer, original_data_, DATA_MISMATCH)); 382 383 AddKeyAndExpect(kKeyAsJWK, KEY_ADDED); 384 ASSERT_NO_FATAL_FAILURE( 385 DecryptAndExpect(encrypted_buffer, original_data_, SUCCESS)); 386} 387 388TEST_F(AesDecryptorTest, WrongSizedKey) { 389 GenerateKeyRequest(key_id_); 390 AddKeyAndExpect(kWrongSizedKeyAsJWK, KEY_ERROR); 391 392 // Repeat for a raw key. Use "-1" to create a wrong sized key. 393 std::vector<uint8> wrong_sized_key(kKey, kKey + arraysize(kKey) - 1); 394 AddRawKeyAndExpect(key_id_, wrong_sized_key, KEY_ERROR); 395} 396 397TEST_F(AesDecryptorTest, MultipleKeysAndFrames) { 398 GenerateKeyRequest(key_id_); 399 AddKeyAndExpect(kKeyAsJWK, KEY_ADDED); 400 scoped_refptr<DecoderBuffer> encrypted_buffer = CreateEncryptedBuffer( 401 encrypted_data_, key_id_, iv_, 10, no_subsample_entries_); 402 ASSERT_NO_FATAL_FAILURE( 403 DecryptAndExpect(encrypted_buffer, original_data_, SUCCESS)); 404 405 AddKeyAndExpect(kKey2AsJWK, KEY_ADDED); 406 407 // The first key is still available after we added a second key. 408 ASSERT_NO_FATAL_FAILURE( 409 DecryptAndExpect(encrypted_buffer, original_data_, SUCCESS)); 410 411 // The second key is also available. 412 encrypted_buffer = CreateEncryptedBuffer( 413 std::vector<uint8>(kEncryptedData2, 414 kEncryptedData2 + arraysize(kEncryptedData2)), 415 std::vector<uint8>(kKeyId2, kKeyId2 + arraysize(kKeyId2)), 416 std::vector<uint8>(kIv2, kIv2 + arraysize(kIv2)), 417 30, 418 no_subsample_entries_); 419 ASSERT_NO_FATAL_FAILURE(DecryptAndExpect( 420 encrypted_buffer, 421 std::vector<uint8>(kOriginalData2, 422 kOriginalData2 + arraysize(kOriginalData2) - 1), 423 SUCCESS)); 424} 425 426TEST_F(AesDecryptorTest, CorruptedIv) { 427 GenerateKeyRequest(key_id_); 428 AddKeyAndExpect(kKeyAsJWK, KEY_ADDED); 429 430 std::vector<uint8> bad_iv = iv_; 431 bad_iv[1]++; 432 433 scoped_refptr<DecoderBuffer> encrypted_buffer = CreateEncryptedBuffer( 434 encrypted_data_, key_id_, bad_iv, 0, no_subsample_entries_); 435 436 DecryptAndExpect(encrypted_buffer, original_data_, DATA_MISMATCH); 437} 438 439TEST_F(AesDecryptorTest, CorruptedData) { 440 GenerateKeyRequest(key_id_); 441 AddKeyAndExpect(kKeyAsJWK, KEY_ADDED); 442 443 std::vector<uint8> bad_data = encrypted_data_; 444 bad_data[1]++; 445 446 scoped_refptr<DecoderBuffer> encrypted_buffer = CreateEncryptedBuffer( 447 bad_data, key_id_, iv_, 0, no_subsample_entries_); 448 DecryptAndExpect(encrypted_buffer, original_data_, DATA_MISMATCH); 449} 450 451TEST_F(AesDecryptorTest, EncryptedAsUnencryptedFailure) { 452 GenerateKeyRequest(key_id_); 453 AddKeyAndExpect(kKeyAsJWK, KEY_ADDED); 454 scoped_refptr<DecoderBuffer> encrypted_buffer = CreateEncryptedBuffer( 455 encrypted_data_, key_id_, std::vector<uint8>(), 0, no_subsample_entries_); 456 DecryptAndExpect(encrypted_buffer, original_data_, DATA_MISMATCH); 457} 458 459TEST_F(AesDecryptorTest, SubsampleDecryption) { 460 GenerateKeyRequest(key_id_); 461 AddKeyAndExpect(kKeyAsJWK, KEY_ADDED); 462 scoped_refptr<DecoderBuffer> encrypted_buffer = CreateEncryptedBuffer( 463 subsample_encrypted_data_, key_id_, iv_, 0, normal_subsample_entries_); 464 DecryptAndExpect(encrypted_buffer, original_data_, SUCCESS); 465} 466 467// Ensures noninterference of data offset and subsample mechanisms. We never 468// expect to encounter this in the wild, but since the DecryptConfig doesn't 469// disallow such a configuration, it should be covered. 470TEST_F(AesDecryptorTest, SubsampleDecryptionWithOffset) { 471 GenerateKeyRequest(key_id_); 472 AddKeyAndExpect(kKeyAsJWK, KEY_ADDED); 473 scoped_refptr<DecoderBuffer> encrypted_buffer = CreateEncryptedBuffer( 474 subsample_encrypted_data_, key_id_, iv_, 23, normal_subsample_entries_); 475 DecryptAndExpect(encrypted_buffer, original_data_, SUCCESS); 476} 477 478TEST_F(AesDecryptorTest, SubsampleWrongSize) { 479 GenerateKeyRequest(key_id_); 480 AddKeyAndExpect(kKeyAsJWK, KEY_ADDED); 481 482 std::vector<SubsampleEntry> subsample_entries_wrong_size( 483 kSubsampleEntriesWrongSize, 484 kSubsampleEntriesWrongSize + arraysize(kSubsampleEntriesWrongSize)); 485 486 scoped_refptr<DecoderBuffer> encrypted_buffer = CreateEncryptedBuffer( 487 subsample_encrypted_data_, key_id_, iv_, 0, subsample_entries_wrong_size); 488 DecryptAndExpect(encrypted_buffer, original_data_, DATA_MISMATCH); 489} 490 491TEST_F(AesDecryptorTest, SubsampleInvalidTotalSize) { 492 GenerateKeyRequest(key_id_); 493 AddKeyAndExpect(kKeyAsJWK, KEY_ADDED); 494 495 std::vector<SubsampleEntry> subsample_entries_invalid_total_size( 496 kSubsampleEntriesInvalidTotalSize, 497 kSubsampleEntriesInvalidTotalSize + 498 arraysize(kSubsampleEntriesInvalidTotalSize)); 499 500 scoped_refptr<DecoderBuffer> encrypted_buffer = CreateEncryptedBuffer( 501 subsample_encrypted_data_, key_id_, iv_, 0, 502 subsample_entries_invalid_total_size); 503 DecryptAndExpect(encrypted_buffer, original_data_, DECRYPT_ERROR); 504} 505 506// No cypher bytes in any of the subsamples. 507TEST_F(AesDecryptorTest, SubsampleClearBytesOnly) { 508 GenerateKeyRequest(key_id_); 509 AddKeyAndExpect(kKeyAsJWK, KEY_ADDED); 510 511 std::vector<SubsampleEntry> clear_only_subsample_entries( 512 kSubsampleEntriesClearOnly, 513 kSubsampleEntriesClearOnly + arraysize(kSubsampleEntriesClearOnly)); 514 515 scoped_refptr<DecoderBuffer> encrypted_buffer = CreateEncryptedBuffer( 516 original_data_, key_id_, iv_, 0, clear_only_subsample_entries); 517 DecryptAndExpect(encrypted_buffer, original_data_, SUCCESS); 518} 519 520// No clear bytes in any of the subsamples. 521TEST_F(AesDecryptorTest, SubsampleCypherBytesOnly) { 522 GenerateKeyRequest(key_id_); 523 AddKeyAndExpect(kKeyAsJWK, KEY_ADDED); 524 525 std::vector<SubsampleEntry> cypher_only_subsample_entries( 526 kSubsampleEntriesCypherOnly, 527 kSubsampleEntriesCypherOnly + arraysize(kSubsampleEntriesCypherOnly)); 528 529 scoped_refptr<DecoderBuffer> encrypted_buffer = CreateEncryptedBuffer( 530 encrypted_data_, key_id_, iv_, 0, cypher_only_subsample_entries); 531 DecryptAndExpect(encrypted_buffer, original_data_, SUCCESS); 532} 533 534TEST_F(AesDecryptorTest, JWKKey) { 535 // Try a simple JWK key (i.e. not in a set) 536 const std::string key1 = 537 "{" 538 " \"kty\": \"oct\"," 539 " \"kid\": \"AAECAwQFBgcICQoLDA0ODxAREhM\"," 540 " \"k\": \"FBUWFxgZGhscHR4fICEiIw\"" 541 "}"; 542 AddKeyAndExpect(key1, KEY_ERROR); 543 544 // Try a key list with multiple entries. 545 const std::string key2 = 546 "{" 547 " \"keys\": [" 548 " {" 549 " \"kty\": \"oct\"," 550 " \"kid\": \"AAECAwQFBgcICQoLDA0ODxAREhM\"," 551 " \"k\": \"FBUWFxgZGhscHR4fICEiIw\"" 552 " }," 553 " {" 554 " \"kty\": \"oct\"," 555 " \"kid\": \"JCUmJygpKissLS4vMA\"," 556 " \"k\":\"MTIzNDU2Nzg5Ojs8PT4/QA\"" 557 " }" 558 " ]" 559 "}"; 560 AddKeyAndExpect(key2, KEY_ADDED); 561 562 // Try a key with no spaces and some \n plus additional fields. 563 const std::string key3 = 564 "\n\n{\"something\":1,\"keys\":[{\n\n\"kty\":\"oct\",\"alg\":\"A128KW\"," 565 "\"kid\":\"AAECAwQFBgcICQoLDA0ODxAREhM\",\"k\":\"GawgguFyGrWKav7AX4VKUg" 566 "\",\"foo\":\"bar\"}]}\n\n"; 567 AddKeyAndExpect(key3, KEY_ADDED); 568 569 // Try some non-ASCII characters. 570 AddKeyAndExpect("This is not ASCII due to \xff\xfe\xfd in it.", KEY_ERROR); 571 572 // Try a badly formatted key. Assume that the JSON parser is fully tested, 573 // so we won't try a lot of combinations. However, need a test to ensure 574 // that the code doesn't crash if invalid JSON received. 575 AddKeyAndExpect("This is not a JSON key.", KEY_ERROR); 576 577 // Try passing some valid JSON that is not a dictionary at the top level. 578 AddKeyAndExpect("40", KEY_ERROR); 579 580 // Try an empty dictionary. 581 AddKeyAndExpect("{ }", KEY_ERROR); 582 583 // Try an empty 'keys' dictionary. 584 AddKeyAndExpect("{ \"keys\": [] }", KEY_ERROR); 585 586 // Try with 'keys' not a dictionary. 587 AddKeyAndExpect("{ \"keys\":\"1\" }", KEY_ERROR); 588 589 // Try with 'keys' a list of integers. 590 AddKeyAndExpect("{ \"keys\": [ 1, 2, 3 ] }", KEY_ERROR); 591 592 // TODO(jrummell): The next 2 tests should fail once checking for padding 593 // characters is enabled. 594 // Try a key with padding(=) at end of base64 string. 595 const std::string key4 = 596 "{" 597 " \"keys\": [" 598 " {" 599 " \"kty\": \"oct\"," 600 " \"kid\": \"AAECAw\"," 601 " \"k\": \"BAUGBwgJCgsMDQ4PEBESEw==\"" 602 " }" 603 " ]" 604 "}"; 605 AddKeyAndExpect(key4, KEY_ADDED); 606 607 // Try a key ID with padding(=) at end of base64 string. 608 const std::string key5 = 609 "{" 610 " \"keys\": [" 611 " {" 612 " \"kty\": \"oct\"," 613 " \"kid\": \"AAECAw==\"," 614 " \"k\": \"BAUGBwgJCgsMDQ4PEBESEw\"" 615 " }" 616 " ]" 617 "}"; 618 AddKeyAndExpect(key5, KEY_ADDED); 619 620 // Try a key with invalid base64 encoding. 621 const std::string key6 = 622 "{" 623 " \"keys\": [" 624 " {" 625 " \"kty\": \"oct\"," 626 " \"kid\": \"!@#$%^&*()\"," 627 " \"k\": \"BAUGBwgJCgsMDQ4PEBESEw\"" 628 " }" 629 " ]" 630 "}"; 631 AddKeyAndExpect(key6, KEY_ERROR); 632 633 // Try a key where no padding is required. 'k' has to be 16 bytes, so it 634 // will always require padding. (Test above using |key2| has 2 'kid's that 635 // require 1 and 2 padding bytes). 636 const std::string key7 = 637 "{" 638 " \"keys\": [" 639 " {" 640 " \"kty\": \"oct\"," 641 " \"kid\": \"Kiss\"," 642 " \"k\": \"BAUGBwgJCgsMDQ4PEBESEw\"" 643 " }" 644 " ]" 645 "}"; 646 AddKeyAndExpect(key7, KEY_ADDED); 647 648 // Empty key id. 649 const std::string key8 = 650 "{" 651 " \"keys\": [" 652 " {" 653 " \"kty\": \"oct\"," 654 " \"kid\": \"\"," 655 " \"k\": \"BAUGBwgJCgsMDQ4PEBESEw\"" 656 " }" 657 " ]" 658 "}"; 659 AddKeyAndExpect(key8, KEY_ERROR); 660} 661 662TEST_F(AesDecryptorTest, RawKey) { 663 // Verify that v0.1b keys (raw key) is still supported. Raw keys are 664 // 16 bytes long. Use the undecoded value of |kKey|. 665 GenerateKeyRequest(key_id_); 666 AddRawKeyAndExpect( 667 key_id_, std::vector<uint8>(kKey, kKey + arraysize(kKey)), KEY_ADDED); 668 scoped_refptr<DecoderBuffer> encrypted_buffer = CreateEncryptedBuffer( 669 encrypted_data_, key_id_, iv_, 0, no_subsample_entries_); 670 DecryptAndExpect(encrypted_buffer, original_data_, SUCCESS); 671} 672 673} // namespace media 674