diff options
| author | jrummell@chromium.org <jrummell@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-03-31 23:32:31 +0000 |
|---|---|---|
| committer | jrummell@chromium.org <jrummell@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-03-31 23:32:31 +0000 |
| commit | 65b852866e1d00e42f730d9a065915a3c738fe46 (patch) | |
| tree | 88aa8d399c8e605e3e9fd0668515b4566cff0cc1 /content | |
| parent | 5e0fecd9898c5c944a1a9be7a576c931b4b5f783 (diff) | |
| download | chromium_src-65b852866e1d00e42f730d9a065915a3c738fe46.zip chromium_src-65b852866e1d00e42f730d9a065915a3c738fe46.tar.gz chromium_src-65b852866e1d00e42f730d9a065915a3c738fe46.tar.bz2 | |
Provide security origin to Android EME implementation
Rather than passing the URL when creating the CDM on Android, pass in
a WebSecurityOrigin.
BUG=349201, 353324
TEST=encrypted media layout and browser tests pass, encrypted content plays on Android
Review URL: https://codereview.chromium.org/213423005
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@260702 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'content')
16 files changed, 60 insertions, 59 deletions
diff --git a/content/browser/media/android/browser_media_player_manager.cc b/content/browser/media/android/browser_media_player_manager.cc index 24fb708..d79573c 100644 --- a/content/browser/media/android/browser_media_player_manager.cc +++ b/content/browser/media/android/browser_media_player_manager.cc @@ -581,7 +581,7 @@ void BrowserMediaPlayerManager::OnDestroyPlayer(int player_id) { void BrowserMediaPlayerManager::OnInitializeCdm(int cdm_id, const std::string& key_system, - const GURL& frame_url) { + const GURL& security_origin) { if (key_system.size() > kMaxKeySystemLength) { // This failure will be discovered and reported by OnCreateSession() // as GetDrmBridge() will return null. @@ -594,7 +594,7 @@ void BrowserMediaPlayerManager::OnInitializeCdm(int cdm_id, return; } - AddDrmBridge(cdm_id, key_system, frame_url); + AddDrmBridge(cdm_id, key_system, security_origin); } void BrowserMediaPlayerManager::OnCreateSession( @@ -651,7 +651,7 @@ void BrowserMediaPlayerManager::OnCreateSession( web_contents()->GetRenderViewHost()->GetRoutingID(), static_cast<int>(session_id), cdm_id, - drm_bridge->frame_url(), + drm_bridge->security_origin(), base::Bind(&BrowserMediaPlayerManager::CreateSessionIfPermitted, weak_ptr_factory_.GetWeakPtr(), cdm_id, @@ -746,11 +746,11 @@ scoped_ptr<media::MediaPlayerAndroid> BrowserMediaPlayerManager::SwapPlayer( void BrowserMediaPlayerManager::AddDrmBridge(int cdm_id, const std::string& key_system, - const GURL& frame_url) { + const GURL& security_origin) { DCHECK(!GetDrmBridge(cdm_id)); scoped_ptr<MediaDrmBridge> drm_bridge( - MediaDrmBridge::Create(cdm_id, key_system, frame_url, this)); + MediaDrmBridge::Create(cdm_id, key_system, security_origin, this)); if (!drm_bridge) { // This failure will be discovered and reported by OnCreateSession() // as GetDrmBridge() will return null. diff --git a/content/common/media/cdm_messages.h b/content/common/media/cdm_messages.h index 7ba4cf5..11b0eef 100644 --- a/content/common/media/cdm_messages.h +++ b/content/common/media/cdm_messages.h @@ -25,7 +25,7 @@ IPC_ENUM_TRAITS(CdmHostMsg_CreateSession_ContentType) IPC_MESSAGE_ROUTED3(CdmHostMsg_InitializeCdm, int /* cdm_id */, std::string /* key_system */, - GURL /* frame url */) + GURL /* security_origin */) IPC_MESSAGE_ROUTED4(CdmHostMsg_CreateSession, int /* cdm_id */, diff --git a/content/renderer/media/android/proxy_media_keys.cc b/content/renderer/media/android/proxy_media_keys.cc index bd498a0..8bbce92 100644 --- a/content/renderer/media/android/proxy_media_keys.cc +++ b/content/renderer/media/android/proxy_media_keys.cc @@ -38,8 +38,8 @@ ProxyMediaKeys::~ProxyMediaKeys() { } void ProxyMediaKeys::InitializeCdm(const std::string& key_system, - const GURL& frame_url) { - manager_->InitializeCdm(cdm_id_, this, key_system, frame_url); + const GURL& security_origin) { + manager_->InitializeCdm(cdm_id_, this, key_system, security_origin); } bool ProxyMediaKeys::CreateSession(uint32 session_id, diff --git a/content/renderer/media/android/proxy_media_keys.h b/content/renderer/media/android/proxy_media_keys.h index 74ae52e..5752bf2 100644 --- a/content/renderer/media/android/proxy_media_keys.h +++ b/content/renderer/media/android/proxy_media_keys.h @@ -28,7 +28,8 @@ class ProxyMediaKeys : public media::MediaKeys { const media::SessionErrorCB& session_error_cb); virtual ~ProxyMediaKeys(); - void InitializeCdm(const std::string& key_system, const GURL& frame_url); + void InitializeCdm(const std::string& key_system, + const GURL& security_origin); // MediaKeys implementation. virtual bool CreateSession(uint32 session_id, diff --git a/content/renderer/media/android/renderer_media_player_manager.cc b/content/renderer/media/android/renderer_media_player_manager.cc index 7c2ba0a..44f270a 100644 --- a/content/renderer/media/android/renderer_media_player_manager.cc +++ b/content/renderer/media/android/renderer_media_player_manager.cc @@ -249,11 +249,11 @@ void RendererMediaPlayerManager::SetCdm(int player_id, int cdm_id) { void RendererMediaPlayerManager::InitializeCdm(int cdm_id, ProxyMediaKeys* media_keys, const std::string& key_system, - const GURL& frame_url) { + const GURL& security_origin) { DCHECK_NE(cdm_id, kInvalidCdmId); RegisterMediaKeys(cdm_id, media_keys); Send(new CdmHostMsg_InitializeCdm( - routing_id(), cdm_id, key_system, frame_url)); + routing_id(), cdm_id, key_system, security_origin)); } void RendererMediaPlayerManager::CreateSession( diff --git a/content/renderer/media/android/renderer_media_player_manager.h b/content/renderer/media/android/renderer_media_player_manager.h index 1ad82eb..4efab8a 100644 --- a/content/renderer/media/android/renderer_media_player_manager.h +++ b/content/renderer/media/android/renderer_media_player_manager.h @@ -99,7 +99,7 @@ class RendererMediaPlayerManager : public RenderViewObserver { void InitializeCdm(int cdm_id, ProxyMediaKeys* media_keys, const std::string& key_system, - const GURL& frame_url); + const GURL& security_origin); void CreateSession(int cdm_id, uint32 session_id, CdmHostMsg_CreateSession_ContentType conent_type, diff --git a/content/renderer/media/android/webmediaplayer_android.cc b/content/renderer/media/android/webmediaplayer_android.cc index 323d517..f9cb323 100644 --- a/content/renderer/media/android/webmediaplayer_android.cc +++ b/content/renderer/media/android/webmediaplayer_android.cc @@ -42,6 +42,7 @@ #include "third_party/WebKit/public/web/WebDocument.h" #include "third_party/WebKit/public/web/WebFrame.h" #include "third_party/WebKit/public/web/WebRuntimeFeatures.h" +#include "third_party/WebKit/public/web/WebSecurityOrigin.h" #include "third_party/WebKit/public/web/WebView.h" #include "third_party/skia/include/core/SkBitmap.h" #include "third_party/skia/include/core/SkCanvas.h" @@ -1266,12 +1267,7 @@ WebMediaPlayerAndroid::GenerateKeyRequestInternal( if (current_key_system_.empty()) { if (!proxy_decryptor_) { proxy_decryptor_.reset(new ProxyDecryptor( -#if defined(ENABLE_PEPPER_CDMS) - client_, - frame_, -#else manager_, -#endif // defined(ENABLE_PEPPER_CDMS) base::Bind(&WebMediaPlayerAndroid::OnKeyAdded, weak_factory_.GetWeakPtr()), base::Bind(&WebMediaPlayerAndroid::OnKeyError, @@ -1280,10 +1276,9 @@ WebMediaPlayerAndroid::GenerateKeyRequestInternal( weak_factory_.GetWeakPtr()))); } - if (!proxy_decryptor_->InitializeCDM(key_system, - frame_->document().url())) { + GURL security_origin(frame_->document().securityOrigin().toString()); + if (!proxy_decryptor_->InitializeCDM(key_system, security_origin)) return WebMediaPlayer::MediaKeyExceptionKeySystemNotSupported; - } if (!decryptor_ready_cb_.is_null()) { base::ResetAndReturn(&decryptor_ready_cb_) diff --git a/content/renderer/media/cdm_session_adapter.cc b/content/renderer/media/cdm_session_adapter.cc index 473a53b..c369514 100644 --- a/content/renderer/media/cdm_session_adapter.cc +++ b/content/renderer/media/cdm_session_adapter.cc @@ -31,25 +31,24 @@ bool CdmSessionAdapter::Initialize( #if defined(ENABLE_PEPPER_CDMS) const CreatePepperCdmCB& create_pepper_cdm_cb, #endif // defined(ENABLE_PEPPER_CDMS) - const std::string& key_system) { + const std::string& key_system, + const GURL& security_origin) { base::WeakPtr<CdmSessionAdapter> weak_this = weak_ptr_factory_.GetWeakPtr(); - media_keys_ = - ContentDecryptionModuleFactory::Create( - key_system, + media_keys_ = ContentDecryptionModuleFactory::Create( + key_system, + security_origin, #if defined(ENABLE_PEPPER_CDMS) - create_pepper_cdm_cb, + create_pepper_cdm_cb, #elif defined(OS_ANDROID) - // TODO(xhwang): Support Android. - NULL, - // TODO(ddorwin): Get the URL for the frame containing the MediaKeys. - GURL(), - &cdm_id_, + // TODO(xhwang): Support Android. + NULL, + &cdm_id_, #endif // defined(ENABLE_PEPPER_CDMS) - base::Bind(&CdmSessionAdapter::OnSessionCreated, weak_this), - base::Bind(&CdmSessionAdapter::OnSessionMessage, weak_this), - base::Bind(&CdmSessionAdapter::OnSessionReady, weak_this), - base::Bind(&CdmSessionAdapter::OnSessionClosed, weak_this), - base::Bind(&CdmSessionAdapter::OnSessionError, weak_this)); + base::Bind(&CdmSessionAdapter::OnSessionCreated, weak_this), + base::Bind(&CdmSessionAdapter::OnSessionMessage, weak_this), + base::Bind(&CdmSessionAdapter::OnSessionReady, weak_this), + base::Bind(&CdmSessionAdapter::OnSessionClosed, weak_this), + base::Bind(&CdmSessionAdapter::OnSessionError, weak_this)); // Success if |media_keys_| created. return media_keys_; diff --git a/content/renderer/media/cdm_session_adapter.h b/content/renderer/media/cdm_session_adapter.h index b0443a0..1756054 100644 --- a/content/renderer/media/cdm_session_adapter.h +++ b/content/renderer/media/cdm_session_adapter.h @@ -17,6 +17,8 @@ #include "content/renderer/media/crypto/pepper_cdm_wrapper.h" #endif +class GURL; + namespace content { class WebContentDecryptionModuleSessionImpl; @@ -34,7 +36,8 @@ class CdmSessionAdapter : public base::RefCounted<CdmSessionAdapter> { #if defined(ENABLE_PEPPER_CDMS) const CreatePepperCdmCB& create_pepper_cdm_cb, #endif - const std::string& key_system); + const std::string& key_system, + const GURL& security_origin); // Creates a new session and adds it to the internal map. The caller owns the // created session. RemoveSession() must be called when destroying it. diff --git a/content/renderer/media/crypto/content_decryption_module_factory.cc b/content/renderer/media/crypto/content_decryption_module_factory.cc index 77aad29..a7f4cc1 100644 --- a/content/renderer/media/crypto/content_decryption_module_factory.cc +++ b/content/renderer/media/crypto/content_decryption_module_factory.cc @@ -7,14 +7,10 @@ #include "base/logging.h" #include "content/renderer/media/crypto/key_systems.h" #include "media/cdm/aes_decryptor.h" +#include "url/gurl.h" #if defined(ENABLE_PEPPER_CDMS) #include "content/renderer/media/crypto/ppapi_decryptor.h" -#include "content/renderer/pepper/pepper_plugin_instance_impl.h" -#include "content/renderer/pepper/pepper_webplugin_impl.h" -#include "third_party/WebKit/public/platform/WebMediaPlayerClient.h" -#include "third_party/WebKit/public/platform/WebString.h" -#include "third_party/WebKit/public/web/WebFrame.h" #elif defined(OS_ANDROID) #include "content/renderer/media/android/proxy_media_keys.h" #include "content/renderer/media/android/renderer_media_player_manager.h" @@ -24,11 +20,11 @@ namespace content { scoped_ptr<media::MediaKeys> ContentDecryptionModuleFactory::Create( const std::string& key_system, + const GURL& security_origin, #if defined(ENABLE_PEPPER_CDMS) const CreatePepperCdmCB& create_pepper_cdm_cb, #elif defined(OS_ANDROID) RendererMediaPlayerManager* manager, - const GURL& frame_url, int* cdm_id, #endif // defined(ENABLE_PEPPER_CDMS) const media::SessionCreatedCB& session_created_cb, @@ -36,9 +32,15 @@ scoped_ptr<media::MediaKeys> ContentDecryptionModuleFactory::Create( const media::SessionReadyCB& session_ready_cb, const media::SessionClosedCB& session_closed_cb, const media::SessionErrorCB& session_error_cb) { + // TODO(jrummell): Pass |security_origin| to all constructors. + // TODO(jrummell): Enable the following line once blink code updated to + // check the security origin before calling. + // DCHECK(security_origin.is_valid()); + #if defined(OS_ANDROID) *cdm_id = RendererMediaPlayerManager::kInvalidCdmId; #endif + if (CanUseAesDecryptor(key_system)) { return scoped_ptr<media::MediaKeys>( new media::AesDecryptor(session_created_cb, @@ -64,7 +66,7 @@ scoped_ptr<media::MediaKeys> ContentDecryptionModuleFactory::Create( session_ready_cb, session_closed_cb, session_error_cb)); - proxy_media_keys->InitializeCdm(key_system, frame_url); + proxy_media_keys->InitializeCdm(key_system, security_origin); *cdm_id = proxy_media_keys->GetCdmId(); return proxy_media_keys.PassAs<media::MediaKeys>(); #else diff --git a/content/renderer/media/crypto/content_decryption_module_factory.h b/content/renderer/media/crypto/content_decryption_module_factory.h index df3f34e..d7d8269 100644 --- a/content/renderer/media/crypto/content_decryption_module_factory.h +++ b/content/renderer/media/crypto/content_decryption_module_factory.h @@ -26,11 +26,11 @@ class ContentDecryptionModuleFactory { // callbacks can be called asynchronously. static scoped_ptr<media::MediaKeys> Create( const std::string& key_system, + const GURL& security_origin, #if defined(ENABLE_PEPPER_CDMS) const CreatePepperCdmCB& create_pepper_cdm_cb, #elif defined(OS_ANDROID) RendererMediaPlayerManager* manager, - const GURL& frame_url, int* cdm_id, // Output parameter indicating the CDM ID of the MediaKeys. #endif // defined(ENABLE_PEPPER_CDMS) const media::SessionCreatedCB& session_created_cb, diff --git a/content/renderer/media/crypto/pepper_cdm_wrapper_impl.cc b/content/renderer/media/crypto/pepper_cdm_wrapper_impl.cc index f32dc03..69059cd 100644 --- a/content/renderer/media/crypto/pepper_cdm_wrapper_impl.cc +++ b/content/renderer/media/crypto/pepper_cdm_wrapper_impl.cc @@ -23,12 +23,7 @@ void WebHelperPluginDeleter::operator()(blink::WebHelperPlugin* plugin) const { scoped_ptr<PepperCdmWrapper> PepperCdmWrapperImpl::Create( blink::WebFrame* frame, const std::string& pluginType) { - - // TODO(jrummell): Convert to DCHECK(frame) once Blink starts passing the - // WebFrame to WebContentDecryptionModuleImpl. - if (!frame) - return scoped_ptr<PepperCdmWrapper>(); - + DCHECK(frame); ScopedHelperPlugin helper_plugin(blink::WebHelperPlugin::create( blink::WebString::fromUTF8(pluginType), frame)); if (!helper_plugin) diff --git a/content/renderer/media/crypto/proxy_decryptor.cc b/content/renderer/media/crypto/proxy_decryptor.cc index 189d8ad..95fe49f 100644 --- a/content/renderer/media/crypto/proxy_decryptor.cc +++ b/content/renderer/media/crypto/proxy_decryptor.cc @@ -82,11 +82,11 @@ int ProxyDecryptor::GetCdmId() { #endif bool ProxyDecryptor::InitializeCDM(const std::string& key_system, - const GURL& frame_url) { + const GURL& security_origin) { DVLOG(1) << "InitializeCDM: key_system = " << key_system; DCHECK(!media_keys_); - media_keys_ = CreateMediaKeys(key_system, frame_url); + media_keys_ = CreateMediaKeys(key_system, security_origin); if (!media_keys_) return false; @@ -189,14 +189,14 @@ void ProxyDecryptor::CancelKeyRequest(const std::string& session_id) { scoped_ptr<media::MediaKeys> ProxyDecryptor::CreateMediaKeys( const std::string& key_system, - const GURL& frame_url) { + const GURL& security_origin) { return ContentDecryptionModuleFactory::Create( key_system, + security_origin, #if defined(ENABLE_PEPPER_CDMS) create_pepper_cdm_cb_, #elif defined(OS_ANDROID) manager_, - frame_url, &cdm_id_, #endif // defined(ENABLE_PEPPER_CDMS) base::Bind(&ProxyDecryptor::OnSessionCreated, diff --git a/content/renderer/media/crypto/proxy_decryptor.h b/content/renderer/media/crypto/proxy_decryptor.h index c07af0ac..2919ef7 100644 --- a/content/renderer/media/crypto/proxy_decryptor.h +++ b/content/renderer/media/crypto/proxy_decryptor.h @@ -76,7 +76,8 @@ class ProxyDecryptor { #endif // Only call this once. - bool InitializeCDM(const std::string& key_system, const GURL& frame_url); + bool InitializeCDM(const std::string& key_system, + const GURL& security_origin); // May only be called after InitializeCDM() succeeds. bool GenerateKeyRequest(const std::string& type, @@ -93,7 +94,7 @@ class ProxyDecryptor { // Helper function to create MediaKeys to handle the given |key_system|. scoped_ptr<media::MediaKeys> CreateMediaKeys(const std::string& key_system, - const GURL& frame_url); + const GURL& security_origin); // Callbacks for firing session events. void OnSessionCreated(uint32 session_id, const std::string& web_session_id); diff --git a/content/renderer/media/webcontentdecryptionmodule_impl.cc b/content/renderer/media/webcontentdecryptionmodule_impl.cc index 206a7cc..db2c519 100644 --- a/content/renderer/media/webcontentdecryptionmodule_impl.cc +++ b/content/renderer/media/webcontentdecryptionmodule_impl.cc @@ -15,7 +15,9 @@ #include "content/renderer/media/cdm_session_adapter.h" #include "content/renderer/media/webcontentdecryptionmodulesession_impl.h" #include "media/base/media_keys.h" +#include "third_party/WebKit/public/platform/WebString.h" #include "third_party/WebKit/public/web/WebSecurityOrigin.h" +#include "url/gurl.h" #if defined(ENABLE_PEPPER_CDMS) #include "content/renderer/media/crypto/pepper_cdm_wrapper_impl.h" @@ -31,7 +33,6 @@ WebContentDecryptionModuleImpl* WebContentDecryptionModuleImpl::Create( blink::WebFrame* frame, const blink::WebSecurityOrigin& security_origin, const base::string16& key_system) { - // TODO(jrummell): Use |security_origin| rather than using the document URL. DCHECK(frame); DCHECK(!security_origin.isNull()); DCHECK(!key_system.empty()); @@ -44,12 +45,14 @@ WebContentDecryptionModuleImpl* WebContentDecryptionModuleImpl::Create( } scoped_refptr<CdmSessionAdapter> adapter(new CdmSessionAdapter()); + GURL security_origin_as_gurl(security_origin.toString()); if (!adapter->Initialize( #if defined(ENABLE_PEPPER_CDMS) base::Bind(&PepperCdmWrapperImpl::Create, frame), #endif - base::UTF16ToASCII(key_system))) { + base::UTF16ToASCII(key_system), + security_origin_as_gurl)) { return NULL; } diff --git a/content/renderer/media/webmediaplayer_impl.cc b/content/renderer/media/webmediaplayer_impl.cc index 711245b..f74b81c 100644 --- a/content/renderer/media/webmediaplayer_impl.cc +++ b/content/renderer/media/webmediaplayer_impl.cc @@ -67,6 +67,7 @@ #include "third_party/WebKit/public/platform/WebURL.h" #include "third_party/WebKit/public/web/WebDocument.h" #include "third_party/WebKit/public/web/WebRuntimeFeatures.h" +#include "third_party/WebKit/public/web/WebSecurityOrigin.h" #include "third_party/WebKit/public/web/WebView.h" #include "v8/include/v8.h" #include "webkit/renderer/compositor_bindings/web_layer_impl.h" @@ -779,7 +780,8 @@ WebMediaPlayerImpl::GenerateKeyRequestInternal(const std::string& key_system, BIND_TO_RENDER_LOOP(&WebMediaPlayerImpl::OnKeyMessage))); } - if (!proxy_decryptor_->InitializeCDM(key_system, frame_->document().url())) + GURL security_origin(frame_->document().securityOrigin().toString()); + if (!proxy_decryptor_->InitializeCDM(key_system, security_origin)) return WebMediaPlayer::MediaKeyExceptionKeySystemNotSupported; if (proxy_decryptor_ && !decryptor_ready_cb_.is_null()) { |