Add support for v0.3 of the encrypted WebM specification.

- Added code to handle the signal_byte contained within WebM
  encrypted Blocks.
- Added a unittest to aes_decryptor to hanlde an encrypted WebM
  Block with an unencrypted frame.

BUG=139876
TEST=Run media_unittests  --gtest_filter=AesDecryptor* and all
     tests must pass.


Review URL: https://chromiumcodereview.appspot.com/10823110

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149449 0039d316-1c4b-4281-b951-d872f2087c98

6 files changed, 141 insertions, 85 deletions

diff --git a/media/base/decrypt_config.cc b/media/base/decrypt_config.cc
index c499c92..3142751 100644
--- a/media/base/decrypt_config.cc
+++ b/media/base/decrypt_config.cc
@@ -19,7 +19,8 @@ DecryptConfig::DecryptConfig(const std::string& key_id,
       data_offset_(data_offset),
       subsamples_(subsamples) {
   CHECK_GT(key_id.size(), 0u);
-  CHECK_EQ(iv.size(), static_cast<size_t>(DecryptConfig::kDecryptionKeySize));
+  CHECK(iv.size() == static_cast<size_t>(DecryptConfig::kDecryptionKeySize) ||
+        iv.empty());
   CHECK_GE(data_offset, 0);
 }
 
diff --git a/media/base/decrypt_config.h b/media/base/decrypt_config.h
index d8ad224..669aa36 100644
--- a/media/base/decrypt_config.h
+++ b/media/base/decrypt_config.h
@@ -36,7 +36,9 @@ class MEDIA_EXPORT DecryptConfig {
 
   // |key_id| is the ID that references the decryption key for this sample.
   // |iv| is the initialization vector defined by the encrypted format.
-  //   Currently |iv_size| must be 16 bytes as defined by WebM and ISO.
+  //   Currently |iv| must be 16 bytes as defined by WebM and ISO. Or must be
+  //   empty which signals to perform the integrity check on an unencrypted
+  //   frame as defined WebM.
   // |checksum| is the hash value of the encrypted buffer. |checksum| is
   //   defined by the encrypted format and may be NULL.
   // |data_offset| is the amount of data that should be discarded from the
diff --git a/media/crypto/aes_decryptor.cc b/media/crypto/aes_decryptor.cc
index e585800..27272c6 100644
--- a/media/crypto/aes_decryptor.cc
+++ b/media/crypto/aes_decryptor.cc
@@ -285,17 +285,24 @@ void AesDecryptor::Decrypt(const scoped_refptr<DecoderBuffer>& encrypted,
     return;
   }
 
-  // TODO(strobe): Currently, presence of checksum is used to indicate the use
-  // of normal or WebM decryption keys. Consider a more explicit signaling
-  // mechanism and the removal of the webm_decryption_key member.
-  crypto::SymmetricKey* decryption_key = (checksum_size > 0) ?
-      key->webm_decryption_key() : key->decryption_key();
-  scoped_refptr<DecoderBuffer> decrypted =
-      DecryptData(*encrypted, decryption_key);
-  if (!decrypted) {
-    DVLOG(1) << "Decryption failed.";
-    decrypt_cb.Run(kError, NULL);
-    return;
+  scoped_refptr<DecoderBuffer> decrypted;
+  // An empty iv string signals that the frame is unencrypted.
+  if (encrypted->GetDecryptConfig()->iv().empty()) {
+    int data_offset = encrypted->GetDecryptConfig()->data_offset();
+    decrypted = DecoderBuffer::CopyFrom(encrypted->GetData() + data_offset,
+                                        encrypted->GetDataSize() - data_offset);
+  } else {
+    // TODO(strobe): Currently, presence of checksum is used to indicate the use
+    // of normal or WebM decryption keys. Consider a more explicit signaling
+    // mechanism and the removal of the webm_decryption_key member.
+    crypto::SymmetricKey* decryption_key = (checksum_size > 0) ?
+        key->webm_decryption_key() : key->decryption_key();
+    decrypted = DecryptData(*encrypted, decryption_key);
+    if (!decrypted) {
+      DVLOG(1) << "Decryption failed.";
+      decrypt_cb.Run(kError, NULL);
+      return;
+    }
   }
 
   decrypted->SetTimestamp(encrypted->GetTimestamp());
diff --git a/media/crypto/aes_decryptor_unittest.cc b/media/crypto/aes_decryptor_unittest.cc
index 12df91a..fd1704a 100644
--- a/media/crypto/aes_decryptor_unittest.cc
+++ b/media/crypto/aes_decryptor_unittest.cc
@@ -41,7 +41,8 @@ struct WebmEncryptedData {
 static const char kClearKeySystem[] = "org.w3.clearkey";
 
 // Frames 0 & 1 are encrypted with the same key. Frame 2 is encrypted with a
-// different key.
+// different key. Frame 3 has the same HMAC key as frame 2, but frame 3 is
+// unencrypted.
 const WebmEncryptedData kWebmEncryptedFrames[] = {
   {
     // plaintext
@@ -50,18 +51,18 @@ const WebmEncryptedData kWebmEncryptedFrames[] = {
     { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
       0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
       0x10, 0x11, 0x12, 0x13
-    }, 20,
+      }, 20,
     // key
     { 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b,
       0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23
-    }, 16,
+      }, 16,
     // encrypted_data
-    { 0xfb, 0xe7, 0x1d, 0xbb, 0x4c, 0x23, 0xce, 0xba,
-      0xcc, 0xf8, 0xda, 0xc0, 0xff, 0xff, 0xff, 0xff,
-      0xff, 0xff, 0xff, 0xff, 0x99, 0xaa, 0xff, 0xb7,
-      0x74, 0x02, 0x4e, 0x1c, 0x75, 0x3d, 0xee, 0xcb,
-      0x64, 0xf7
-    }, 34
+    { 0x3c, 0x4e, 0xb8, 0xd9, 0x5c, 0x20, 0x48, 0x18,
+      0x4f, 0x03, 0x74, 0xa1, 0x01, 0xff, 0xff, 0xff,
+      0xff, 0xff, 0xff, 0xff, 0xff, 0x99, 0xaa, 0xff,
+      0xb7, 0x74, 0x02, 0x4e, 0x1c, 0x75, 0x3d, 0xee,
+      0xcb, 0x64, 0xf7
+      }, 35
   },
   {
     // plaintext
@@ -70,19 +71,19 @@ const WebmEncryptedData kWebmEncryptedFrames[] = {
     { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
       0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
       0x10, 0x11, 0x12, 0x13
-    }, 20,
+      }, 20,
     // key
     { 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b,
       0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23
-    }, 16,
+      }, 16,
     // encrypted_data
-    { 0x43, 0xe4, 0x78, 0x7a, 0x43, 0xe1, 0x49, 0xbb,
-      0x44, 0x38, 0xdf, 0xfc, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0xec, 0x8e, 0x87, 0x21,
-      0xd3, 0xb9, 0x1c, 0x61, 0xf6, 0x5a, 0x60, 0xaa,
-      0x07, 0x0e, 0x96, 0xd0, 0x54, 0x5d, 0x35, 0x9a,
-      0x4a, 0xd3
-    }, 42
+    { 0xe8, 0x4c, 0x51, 0x33, 0x14, 0x0d, 0xc7, 0x17,
+      0x32, 0x60, 0xc9, 0xd0, 0x01, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0xec, 0x8e, 0x87,
+      0x21, 0xd3, 0xb9, 0x1c, 0x61, 0xf6, 0x5a, 0x60,
+      0xaa, 0x07, 0x0e, 0x96, 0xd0, 0x54, 0x5d, 0x35,
+      0x9a, 0x4a, 0xd3
+      }, 43
   },
   {
     // plaintext
@@ -90,18 +91,37 @@ const WebmEncryptedData kWebmEncryptedFrames[] = {
     // key_id
     { 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b,
       0x2c, 0x2d, 0x2e, 0x2f, 0x30
-    }, 13,
+      }, 13,
     // key
     { 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
       0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40
-    }, 16,
+      }, 16,
     // encrypted_data
-    { 0xd9, 0x43, 0x30, 0xfd, 0x82, 0x77, 0x62, 0x04,
-      0x08, 0xc2, 0x48, 0x89, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x01, 0x48, 0x5e, 0x4a, 0x41,
-      0x2a, 0x8b, 0xf4, 0xc6, 0x47, 0x54, 0x90, 0x34,
-      0xf4, 0x8b
-    }, 34
+    { 0x46, 0x93, 0x8c, 0x93, 0x48, 0xf9, 0xeb, 0x30,
+      0x74, 0x55, 0x6b, 0xf2, 0x01, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x01, 0x48, 0x5e, 0x4a,
+      0x41, 0x2a, 0x8b, 0xf4, 0xc6, 0x47, 0x54, 0x90,
+      0x34, 0xf4, 0x8b
+      }, 35
+  },
+  {
+    // plaintext
+    "Changed Original data.", 22,
+    // key_id
+    { 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b,
+      0x2c, 0x2d, 0x2e, 0x2f, 0x30
+      }, 13,
+    // key
+    { 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
+      0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40
+      }, 16,
+    // encrypted_data
+    { 0xee, 0xd6, 0xf5, 0x64, 0x5f, 0xe0, 0x6a, 0xa2,
+      0x9e, 0xd6, 0xce, 0x34, 0x00, 0x43, 0x68, 0x61,
+      0x6e, 0x67, 0x65, 0x64, 0x20, 0x4f, 0x72, 0x69,
+      0x67, 0x69, 0x6e, 0x61, 0x6c, 0x20, 0x64, 0x61,
+      0x74, 0x61, 0x2e
+      }, 35
   }
 };
 
@@ -192,22 +212,18 @@ static std::string GenerateCounterBlock(const uint8* iv, int iv_size) {
   const int kDecryptionKeySize = 16;
   CHECK_GT(iv_size, 0);
   CHECK_LE(iv_size, kDecryptionKeySize);
-  char counter_block_data[kDecryptionKeySize];
 
-  // Set the IV.
-  memcpy(counter_block_data, iv, iv_size);
-
-  // Set block counter to all 0's.
-  memset(counter_block_data + iv_size, 0, kDecryptionKeySize - iv_size);
-
-  return std::string(counter_block_data, kDecryptionKeySize);
+  std::string counter_block(reinterpret_cast<const char*>(iv), iv_size);
+  counter_block.append(kDecryptionKeySize - iv_size, 0);
+  return counter_block;
 }
 
 // Creates a WebM encrypted buffer that the demuxer would pass to the
 // decryptor. |data| is the payload of a WebM encrypted Block. |key_id| is
 // initialization data from the WebM file. Every encrypted Block has
-// an HMAC and IV prepended to an encrypted frame. Current encrypted WebM
-// request for comments specification is here
+// an HMAC and a signal byte prepended to a frame. If the frame is encrypted
+// then an IV is prepended to the Block. Current encrypted WebM request for
+// comments specification is here
 // http://wiki.webmproject.org/encryption/webm-encryption-rfc
 static scoped_refptr<DecoderBuffer> CreateWebMEncryptedBuffer(
     const uint8* data, int data_size,
@@ -216,17 +232,29 @@ static scoped_refptr<DecoderBuffer> CreateWebMEncryptedBuffer(
       data + kWebMHmacSize, data_size - kWebMHmacSize);
   CHECK(encrypted_buffer);
 
-  uint64 network_iv;
-  memcpy(&network_iv, data + kWebMHmacSize, sizeof(network_iv));
-  const uint64 iv = base::NetToHost64(network_iv);
-  std::string webm_iv =
-      GenerateCounterBlock(reinterpret_cast<const uint8*>(&iv), sizeof(iv));
+  uint8 signal_byte = data[kWebMHmacSize];
+  int data_offset = sizeof(signal_byte);
+
+  // Setting the DecryptConfig object of the buffer while leaving the
+  // initialization vector empty will tell the decryptor that the frame is
+  // unencrypted but integrity should still be checked.
+  std::string counter_block_str;
+
+  if (signal_byte & kWebMFlagEncryptedFrame) {
+    uint64 network_iv;
+    memcpy(&network_iv, data + kWebMHmacSize + data_offset, sizeof(network_iv));
+    const uint64 iv = base::NetToHost64(network_iv);
+    counter_block_str =
+        GenerateCounterBlock(reinterpret_cast<const uint8*>(&iv), sizeof(iv));
+    data_offset += sizeof(iv);
+  }
+
   encrypted_buffer->SetDecryptConfig(
       scoped_ptr<DecryptConfig>(new DecryptConfig(
           std::string(reinterpret_cast<const char*>(key_id), key_id_size),
-          webm_iv,
+          counter_block_str,
           std::string(reinterpret_cast<const char*>(data), kWebMHmacSize),
-          sizeof(iv),
+          data_offset,
           std::vector<SubsampleEntry>())));
   return encrypted_buffer;
 }
@@ -324,6 +352,20 @@ TEST_F(AesDecryptorTest, NormalWebMDecryption) {
                                                     frame.plain_text_size));
 }
 
+TEST_F(AesDecryptorTest, UnencryptedFrameWebMDecryption) {
+  const WebmEncryptedData& frame = kWebmEncryptedFrames[3];
+  GenerateKeyRequest(frame.key_id, frame.key_id_size);
+  AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size,
+                           frame.key, frame.key_size);
+  scoped_refptr<DecoderBuffer> encrypted_data =
+      CreateWebMEncryptedBuffer(frame.encrypted_data,
+                                frame.encrypted_data_size,
+                                frame.key_id, frame.key_id_size);
+  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(encrypted_data,
+                                                    frame.plain_text,
+                                                    frame.plain_text_size));
+}
+
 TEST_F(AesDecryptorTest, WrongKey) {
   const WebmEncryptedData& frame = kWebmEncryptedFrames[0];
   GenerateKeyRequest(frame.key_id, frame.key_id_size);
diff --git a/media/webm/webm_cluster_parser.cc b/media/webm/webm_cluster_parser.cc
index e9ef93e..7878fa8 100644
--- a/media/webm/webm_cluster_parser.cc
+++ b/media/webm/webm_cluster_parser.cc
@@ -14,20 +14,11 @@ namespace media {
 
 // Generates a 16 byte CTR counter block. The CTR counter block format is a
 // CTR IV appended with a CTR block counter. |iv| is an 8 byte CTR IV.
-// Always returns a valid pointer to a buffer of kDecryptionKeySize bytes.
-static scoped_array<uint8> GenerateCounterBlock(uint64 iv) {
-  scoped_array<uint8> counter_block_data(
-      new uint8[DecryptConfig::kDecryptionKeySize]);
-
-  // Set the IV.
-  memcpy(counter_block_data.get(), &iv, sizeof(iv));
-
-  // Set block counter to all 0's.
-  memset(counter_block_data.get() + sizeof(iv),
-         0,
-         DecryptConfig::kDecryptionKeySize - sizeof(iv));
-
-  return counter_block_data.Pass();
+// Returns a string of kDecryptionKeySize bytes.
+static std::string GenerateCounterBlock(uint64 iv) {
+  std::string counter_block(reinterpret_cast<char*>(&iv), sizeof(iv));
+  counter_block.append(DecryptConfig::kDecryptionKeySize - sizeof(iv), 0);
+  return counter_block;
 }
 
 WebMClusterParser::WebMClusterParser(int64 timecode_scale,
@@ -220,12 +211,14 @@ bool WebMClusterParser::OnBlock(int track_num, int timecode,
   // Every encrypted Block has an HMAC and IV prepended to it. Current encrypted
   // WebM request for comments specification is here
   // http://wiki.webmproject.org/encryption/webm-encryption-rfc
-  bool encrypted = track_num == video_.track_num() &&
-                   video_encryption_key_id_.get();
-  // If encrypted skip past the HMAC. Encrypted buffers must include the IV and
-  // the encrypted frame because the decryptor will verify this data before
-  // decryption. The HMAC and IV will be copied into DecryptConfig.
-  int offset = (encrypted) ? kWebMHmacSize : 0;
+  bool is_track_encrypted = track_num == video_.track_num() &&
+                            video_encryption_key_id_.get();
+
+  // If stream is encrypted skip past the HMAC. Encrypted buffers must include
+  // the signal byte, the IV (if frame is encrypted) and
+  // the frame because the decryptor will verify this data before decryption.
+  // The HMAC and IV will be copied into DecryptConfig.
+  int offset = (is_track_encrypted) ? kWebMHmacSize : 0;
 
   // The first bit of the flags is set when the block contains only keyframes.
   // http://www.matroska.org/technical/specs/index.html
@@ -233,21 +226,31 @@ bool WebMClusterParser::OnBlock(int track_num, int timecode,
   scoped_refptr<StreamParserBuffer> buffer =
       StreamParserBuffer::CopyFrom(data + offset, size - offset, is_keyframe);
 
-  if (encrypted) {
-    uint64 network_iv;
-    memcpy(&network_iv, data + kWebMHmacSize, sizeof(network_iv));
-    const uint64 iv = base::NetToHost64(network_iv);
+  if (is_track_encrypted) {
+    uint8 signal_byte = data[kWebMHmacSize];
+    int data_offset = sizeof(signal_byte);
+
+    // Setting the DecryptConfig object of the buffer while leaving the
+    // initialization vector empty will tell the decryptor that the frame is
+    // unencrypted but integrity should still be checked.
+    std::string counter_block;
+
+    if (signal_byte & kWebMFlagEncryptedFrame) {
+      uint64 network_iv;
+      memcpy(&network_iv, data + kWebMHmacSize + data_offset,
+             sizeof(network_iv));
+      const uint64 iv = base::NetToHost64(network_iv);
+      counter_block = GenerateCounterBlock(iv);
+      data_offset += sizeof(iv);
+    }
 
-    scoped_array<uint8> counter_block(GenerateCounterBlock(iv));
     buffer->SetDecryptConfig(scoped_ptr<DecryptConfig>(new DecryptConfig(
         std::string(
             reinterpret_cast<const char*>(video_encryption_key_id_.get()),
             video_encryption_key_id_size_),
-        std::string(
-            reinterpret_cast<const char*>(counter_block.get()),
-            DecryptConfig::kDecryptionKeySize),
+        counter_block,
         std::string(reinterpret_cast<const char*>(data), kWebMHmacSize),
-        sizeof(iv),
+        data_offset,
         std::vector<SubsampleEntry>())));
   }
 
diff --git a/media/webm/webm_constants.h b/media/webm/webm_constants.h
index 93041b2..7d6f3ed 100644
--- a/media/webm/webm_constants.h
+++ b/media/webm/webm_constants.h
@@ -202,6 +202,7 @@ const uint8 kWebMFlagKeyframe = 0x80;
 // The size is from the WebM encrypted specification. Current encrypted WebM
 // request for comments specification is here
 // http://wiki.webmproject.org/encryption/webm-encryption-rfc
+const uint8 kWebMFlagEncryptedFrame = 0x1;
 const int kWebMHmacSize = 12;
 
 }  // namespace media