summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorjrummell <jrummell@chromium.org>2015-04-08 17:16:16 -0700
committerCommit bot <commit-bot@chromium.org>2015-04-09 00:16:42 +0000
commit647f1bac3175dcf1bbb71f64f6c5f3b0b1a3b1b3 (patch)
tree4404a081f74a944725484cad4309efe674a71a2b
parent894a75d9fc52dd3280469df6406b3096743e7a09 (diff)
downloadchromium_src-647f1bac3175dcf1bbb71f64f6c5f3b0b1a3b1b3.zip
chromium_src-647f1bac3175dcf1bbb71f64f6c5f3b0b1a3b1b3.tar.gz
chromium_src-647f1bac3175dcf1bbb71f64f6c5f3b0b1a3b1b3.tar.bz2
Pass security origin to AesDecryptor()
BUG=353324 TEST=existing EME tests pass Review URL: https://codereview.chromium.org/1068823003 Cr-Commit-Position: refs/heads/master@{#324314}
-rw-r--r--content/renderer/media/crypto/render_cdm_factory.cc12
-rw-r--r--media/cdm/aes_decryptor.cc5
-rw-r--r--media/cdm/aes_decryptor.h5
-rw-r--r--media/cdm/aes_decryptor_unittest.cc6
-rw-r--r--media/cdm/default_cdm_factory.cc9
-rw-r--r--media/cdm/ppapi/external_clear_key/clear_key_cdm.cc9
-rw-r--r--media/cdm/ppapi/external_clear_key/clear_key_cdm.h4
-rw-r--r--media/mojo/services/mojo_cdm_service.cc3
-rw-r--r--media/test/BUILD.gn1
-rw-r--r--media/test/pipeline_integration_test.cc4
10 files changed, 41 insertions, 17 deletions
diff --git a/content/renderer/media/crypto/render_cdm_factory.cc b/content/renderer/media/crypto/render_cdm_factory.cc
index fab62f9..c871f9c 100644
--- a/content/renderer/media/crypto/render_cdm_factory.cc
+++ b/content/renderer/media/crypto/render_cdm_factory.cc
@@ -48,18 +48,18 @@ scoped_ptr<media::MediaKeys> RenderCdmFactory::Create(
const media::SessionKeysChangeCB& session_keys_change_cb,
const media::SessionExpirationUpdateCB& session_expiration_update_cb) {
DCHECK(thread_checker_.CalledOnValidThread());
- // TODO(jrummell): Pass |security_origin| to all constructors.
- // TODO(jrummell): Enable the following line once blink code updated to
- // check the security origin before calling.
- // DCHECK(security_origin.is_valid());
+
+ if (!security_origin.is_valid())
+ return nullptr;
if (media::CanUseAesDecryptor(key_system)) {
// TODO(sandersd): Currently the prefixed API always allows distinctive
// identifiers and persistent state. Once that changes we can sanity check
// here that neither is allowed for AesDecryptor, since it does not support
// them and should never be configured that way. http://crbug.com/455271
- return scoped_ptr<media::MediaKeys>(new media::AesDecryptor(
- session_message_cb, session_closed_cb, session_keys_change_cb));
+ return scoped_ptr<media::MediaKeys>(
+ new media::AesDecryptor(security_origin, session_message_cb,
+ session_closed_cb, session_keys_change_cb));
}
#if defined(ENABLE_PEPPER_CDMS)
diff --git a/media/cdm/aes_decryptor.cc b/media/cdm/aes_decryptor.cc
index 670dabd..ec0de28 100644
--- a/media/cdm/aes_decryptor.cc
+++ b/media/cdm/aes_decryptor.cc
@@ -224,12 +224,15 @@ static scoped_refptr<DecoderBuffer> DecryptData(const DecoderBuffer& input,
return output;
}
-AesDecryptor::AesDecryptor(const SessionMessageCB& session_message_cb,
+AesDecryptor::AesDecryptor(const GURL& /* security_origin */,
+ const SessionMessageCB& session_message_cb,
const SessionClosedCB& session_closed_cb,
const SessionKeysChangeCB& session_keys_change_cb)
: session_message_cb_(session_message_cb),
session_closed_cb_(session_closed_cb),
session_keys_change_cb_(session_keys_change_cb) {
+ // AesDecryptor doesn't keep any persistent data, so no need to do anything
+ // with |security_origin|.
DCHECK(!session_message_cb_.is_null());
DCHECK(!session_closed_cb_.is_null());
DCHECK(!session_keys_change_cb_.is_null());
diff --git a/media/cdm/aes_decryptor.h b/media/cdm/aes_decryptor.h
index 9a13e62..5c7a06c 100644
--- a/media/cdm/aes_decryptor.h
+++ b/media/cdm/aes_decryptor.h
@@ -18,6 +18,8 @@
#include "media/base/media_export.h"
#include "media/base/media_keys.h"
+class GURL;
+
namespace crypto {
class SymmetricKey;
}
@@ -30,7 +32,8 @@ class MEDIA_EXPORT AesDecryptor : public MediaKeys,
public CdmContext,
public Decryptor {
public:
- AesDecryptor(const SessionMessageCB& session_message_cb,
+ AesDecryptor(const GURL& security_origin,
+ const SessionMessageCB& session_message_cb,
const SessionClosedCB& session_closed_cb,
const SessionKeysChangeCB& session_keys_change_cb);
~AesDecryptor() override;
diff --git a/media/cdm/aes_decryptor_unittest.cc b/media/cdm/aes_decryptor_unittest.cc
index 2d529abc..3f26239 100644
--- a/media/cdm/aes_decryptor_unittest.cc
+++ b/media/cdm/aes_decryptor_unittest.cc
@@ -17,6 +17,7 @@
#include "media/cdm/aes_decryptor.h"
#include "testing/gmock/include/gmock/gmock.h"
#include "testing/gtest/include/gtest/gtest.h"
+#include "url/gurl.h"
using ::testing::_;
using ::testing::Gt;
@@ -34,8 +35,6 @@ MATCHER(IsJSONDictionary, "") {
return (root.get() && root->GetType() == base::Value::TYPE_DICTIONARY);
}
-class GURL;
-
namespace media {
const uint8 kOriginalData[] = "Original subsample data.";
@@ -215,7 +214,8 @@ enum PromiseResult { RESOLVED, REJECTED };
class AesDecryptorTest : public testing::Test {
public:
AesDecryptorTest()
- : decryptor_(base::Bind(&AesDecryptorTest::OnSessionMessage,
+ : decryptor_(GURL::EmptyGURL(),
+ base::Bind(&AesDecryptorTest::OnSessionMessage,
base::Unretained(this)),
base::Bind(&AesDecryptorTest::OnSessionClosed,
base::Unretained(this)),
diff --git a/media/cdm/default_cdm_factory.cc b/media/cdm/default_cdm_factory.cc
index 9d8ea83..a87760c 100644
--- a/media/cdm/default_cdm_factory.cc
+++ b/media/cdm/default_cdm_factory.cc
@@ -6,6 +6,7 @@
#include "media/base/key_systems.h"
#include "media/cdm/aes_decryptor.h"
+#include "url/gurl.h"
namespace media {
@@ -25,9 +26,13 @@ scoped_ptr<MediaKeys> DefaultCdmFactory::Create(
const LegacySessionErrorCB& legacy_session_error_cb,
const SessionKeysChangeCB& session_keys_change_cb,
const SessionExpirationUpdateCB& session_expiration_update_cb) {
+ if (!security_origin.is_valid())
+ return nullptr;
+
if (CanUseAesDecryptor(key_system)) {
- return make_scoped_ptr(new AesDecryptor(
- session_message_cb, session_closed_cb, session_keys_change_cb));
+ return make_scoped_ptr(new AesDecryptor(security_origin, session_message_cb,
+ session_closed_cb,
+ session_keys_change_cb));
}
return nullptr;
diff --git a/media/cdm/ppapi/external_clear_key/clear_key_cdm.cc b/media/cdm/ppapi/external_clear_key/clear_key_cdm.cc
index 2550368..725ee88 100644
--- a/media/cdm/ppapi/external_clear_key/clear_key_cdm.cc
+++ b/media/cdm/ppapi/external_clear_key/clear_key_cdm.cc
@@ -23,6 +23,7 @@
#include "media/cdm/json_web_key.h"
#include "media/cdm/ppapi/cdm_file_io_test.h"
#include "media/cdm/ppapi/external_clear_key/cdm_video_decoder.h"
+#include "url/gurl.h"
#if defined(CLEAR_KEY_CDM_USE_FAKE_AUDIO_DECODER)
#include "base/basictypes.h"
@@ -262,7 +263,8 @@ void* CreateCdmInstance(int cdm_interface_version,
if (!host)
return NULL;
- return new media::ClearKeyCdm(host, key_system_string);
+ // TODO(jrummell): Obtain the proper origin for this instance.
+ return new media::ClearKeyCdm(host, key_system_string, GURL::EmptyGURL());
}
const char* GetCdmVersion() {
@@ -271,8 +273,11 @@ const char* GetCdmVersion() {
namespace media {
-ClearKeyCdm::ClearKeyCdm(ClearKeyCdmHost* host, const std::string& key_system)
+ClearKeyCdm::ClearKeyCdm(ClearKeyCdmHost* host,
+ const std::string& key_system,
+ const GURL& origin)
: decryptor_(
+ origin,
base::Bind(&ClearKeyCdm::OnSessionMessage, base::Unretained(this)),
base::Bind(&ClearKeyCdm::OnSessionClosed, base::Unretained(this)),
base::Bind(&ClearKeyCdm::OnSessionKeysChange,
diff --git a/media/cdm/ppapi/external_clear_key/clear_key_cdm.h b/media/cdm/ppapi/external_clear_key/clear_key_cdm.h
index f25a1b0..6418679 100644
--- a/media/cdm/ppapi/external_clear_key/clear_key_cdm.h
+++ b/media/cdm/ppapi/external_clear_key/clear_key_cdm.h
@@ -22,6 +22,8 @@
#define CLEAR_KEY_CDM_USE_FAKE_AUDIO_DECODER
#endif
+class GURL;
+
namespace media {
class FileIOTestRunner;
class CdmVideoDecoder;
@@ -31,7 +33,7 @@ class FFmpegCdmAudioDecoder;
// Clear key implementation of the cdm::ContentDecryptionModule interface.
class ClearKeyCdm : public ClearKeyCdmInterface {
public:
- ClearKeyCdm(Host* host, const std::string& key_system);
+ ClearKeyCdm(Host* host, const std::string& key_system, const GURL& origin);
~ClearKeyCdm() override;
// ContentDecryptionModule implementation.
diff --git a/media/mojo/services/mojo_cdm_service.cc b/media/mojo/services/mojo_cdm_service.cc
index eff147f..58c335d 100644
--- a/media/mojo/services/mojo_cdm_service.cc
+++ b/media/mojo/services/mojo_cdm_service.cc
@@ -12,6 +12,7 @@
#include "media/mojo/services/mojo_cdm_promise.h"
#include "mojo/common/common_type_converters.h"
#include "mojo/common/url_type_converters.h"
+#include "url/gurl.h"
namespace media {
@@ -23,7 +24,9 @@ MojoCdmService::MojoCdmService(const mojo::String& key_system)
base::WeakPtr<MojoCdmService> weak_this = weak_factory_.GetWeakPtr();
if (CanUseAesDecryptor(key_system)) {
+ // TODO(jrummell): Determine proper origin.
cdm_.reset(new AesDecryptor(
+ GURL::EmptyGURL(),
base::Bind(&MojoCdmService::OnSessionMessage, weak_this),
base::Bind(&MojoCdmService::OnSessionClosed, weak_this),
base::Bind(&MojoCdmService::OnSessionKeysChange, weak_this)));
diff --git a/media/test/BUILD.gn b/media/test/BUILD.gn
index 60849c1..e5e5f96 100644
--- a/media/test/BUILD.gn
+++ b/media/test/BUILD.gn
@@ -43,6 +43,7 @@ source_set("pipeline_integration_tests") {
"//media/audio:test_support",
"//media/base:test_support",
"//testing/gtest",
+ "//url",
# TODO(dalecurtis): Required since the gmock header is included in the
# header for pipeline_integration_test_base.h. This should be moved into
diff --git a/media/test/pipeline_integration_test.cc b/media/test/pipeline_integration_test.cc
index cea6fdc..ead238c 100644
--- a/media/test/pipeline_integration_test.cc
+++ b/media/test/pipeline_integration_test.cc
@@ -21,6 +21,7 @@
#include "media/renderers/renderer_impl.h"
#include "media/test/pipeline_integration_test_base.h"
#include "testing/gmock/include/gmock/gmock.h"
+#include "url/gurl.h"
#if defined(MOJO_RENDERER)
#include "media/mojo/services/mojo_renderer_impl.h"
@@ -169,7 +170,8 @@ class FakeEncryptedMedia {
};
FakeEncryptedMedia(AppBase* app)
- : decryptor_(base::Bind(&FakeEncryptedMedia::OnSessionMessage,
+ : decryptor_(GURL::EmptyGURL(),
+ base::Bind(&FakeEncryptedMedia::OnSessionMessage,
base::Unretained(this)),
base::Bind(&FakeEncryptedMedia::OnSessionClosed,
base::Unretained(this)),