Add support for encrypted WebM files as defined in the RFC.

media/crypto/aes_decryptor_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <string>
 
 #include "base/basictypes.h"
+#include "base/sys_byteorder.h"
 #include "media/base/decoder_buffer.h"
 #include "media/base/decrypt_config.h"
 #include "media/base/mock_filters.h"
 #include "media/crypto/aes_decryptor.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 using ::testing::_;
 using ::testing::Gt;
 using ::testing::NotNull;
 using ::testing::SaveArg;
 using ::testing::StrNe;
 
 namespace media {
 
+// |encrypted_data| is encrypted from |plain_text| using |key|. |key_id| is
+// used to distinguish |key|.
+struct WebmEncryptedData {
+  uint8 plain_text[32];
+  int plain_text_size;
+  uint8 key_id[32];
+  int key_id_size;
+  uint8 key[32];
+  int key_size;
+  uint8 encrypted_data[64];
+  int encrypted_data_size;
+};
+
+static const int kIntegrityCheckSize = 12;

[ddorwin, 2012/07/11 01:00:27]

WebM
"Check" seems like an action. Maybe "Value" or something like that.
Also, should we just use the value from WebM constants or is that a DEPS
violation?

[fgalligan1, 2012/07/11 22:06:33]

Done.

 static const char kClearKeySystem[] = "org.w3.clearkey";
-static const uint8 kInitData[] = { 0x69, 0x6e, 0x69, 0x74 };
-// |kEncryptedData| is encrypted from |kOriginalData| using |kRightKey|.
-// Modifying any of these independently would fail the test.
-static const uint8 kOriginalData[] = {
-  0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x6c,
-  0x20, 0x64, 0x61, 0x74, 0x61, 0x2e
+
+// Frames 0 & 1 are encrypted with the same key. Frame 2 is encrypted with a
+// different key.
+const WebmEncryptedData kEncryptedFrames[] = {
+  {
+    // plaintext
+    "Original data.", 14,
+    // key_id
+    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+      0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13}, 20,
+    // key
+    { 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
+      0x20, 0x21, 0x22, 0x23}, 16,
+    // encrypted_data
+    { 0xfb, 0xe7, 0x1d, 0xbb, 0x4c, 0x23, 0xce, 0xba, 0xcc, 0xf8, 0xda, 0xc0,
+      0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x99, 0xaa, 0xff, 0xb7,
+      0x74, 0x02, 0x4e, 0x1c, 0x75, 0x3d, 0xee, 0xcb, 0x64, 0xf7}, 34
+  }, {
+    // plaintext
+    "Changed Original data.", 22,
+    // key_id
+    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+      0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13}, 20,
+    // key
+    { 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
+      0x20, 0x21, 0x22, 0x23}, 16,
+    // encrypted_data
+    { 0x43, 0xe4, 0x78, 0x7a, 0x43, 0xe1, 0x49, 0xbb, 0x44, 0x38, 0xdf, 0xfc,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xec, 0x8e, 0x87, 0x21,
+      0xd3, 0xb9, 0x1c, 0x61, 0xf6, 0x5a, 0x60, 0xaa, 0x07, 0x0e, 0x96, 0xd0,
+      0x54, 0x5d, 0x35, 0x9a, 0x4a, 0xd3}, 42
+  }, {
+    // plaintext
+    "Original data.", 14,
+    // key_id
+    { 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
+      0x30}, 13,
+    // key
+    { 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c,
+      0x3d, 0x3e, 0x3f, 0x40}, 16,
+    // encrypted_data
+    { 0xd9, 0x43, 0x30, 0xfd, 0x82, 0x77, 0x62, 0x04, 0x08, 0xc2, 0x48, 0x89,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x48, 0x5e, 0x4a, 0x41,
+      0x2a, 0x8b, 0xf4, 0xc6, 0x47, 0x54, 0x90, 0x34, 0xf4, 0x8b}, 34
+  },
 };
-static const uint8 kEncryptedData[] = {
-  0x82, 0x3A, 0x76, 0x92, 0xEC, 0x7F, 0xF8, 0x85,
-  0xEC, 0x23, 0x52, 0xFB, 0x19, 0xB1, 0xB9, 0x09
-};
-static const uint8 kRightKey[] = {
-  0x41, 0x20, 0x77, 0x6f, 0x6e, 0x64, 0x65, 0x72,
-  0x66, 0x75, 0x6c, 0x20, 0x6b, 0x65, 0x79, 0x21
-};
+
 static const uint8 kWrongKey[] = {
   0x49, 0x27, 0x6d, 0x20, 0x61, 0x20, 0x77, 0x72,
   0x6f, 0x6e, 0x67, 0x20, 0x6b, 0x65, 0x79, 0x2e
 };
 static const uint8 kWrongSizedKey[] = { 0x20, 0x20 };
-static const uint8 kKeyId1[] = {
-  0x4b, 0x65, 0x79, 0x20, 0x49, 0x44, 0x20, 0x31
+static const unsigned char kFrame0InvalidHmac[] = {

[ddorwin, 2012/07/11 01:00:27]

How are these invalid? Size? "Wrong" (does not match actual)?

[ddorwin, 2012/07/11 01:00:27]

Are these really encrypted blocks with wrong Hmac, IV, etc.? I didn't get that
from the name and only figured it out when I saw how they are used. Is there
another name that conveys this?

[fgalligan1, 2012/07/11 22:06:33]

I changed the names and added comments on what was explicitly changed anf from
where.

+  0xfc, 0xe7, 0x1d, 0xbb, 0x4c, 0x23, 0xce, 0xba, 0xcc, 0xf8, 0xda, 0xc0, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x99, 0xaa, 0xff, 0xb7, 0x74, 0x02,
+  0x4e, 0x1c, 0x75, 0x3d, 0xee, 0xcb, 0x64, 0xf7
 };
-static const uint8 kKeyId2[] = {
-  0x4b, 0x65, 0x79, 0x20, 0x49, 0x44, 0x20, 0x32
+static const unsigned char kFrame0InvalidIv[] = {
+  0xfb, 0xe7, 0x1d, 0xbb, 0x4c, 0x23, 0xce, 0xba, 0xcc, 0xf8, 0xda, 0xc0, 0x0f,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x99, 0xaa, 0xff, 0xb7, 0x74, 0x02,
+  0x4e, 0x1c, 0x75, 0x3d, 0xee, 0xcb, 0x64, 0xf7
+};
+static const unsigned char kFrame0InvalidData[] = {
+  0xfb, 0xe7, 0x1d, 0xbb, 0x4c, 0x23, 0xce, 0xba, 0xcc, 0xf8, 0xda, 0xc0, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x99, 0xaa, 0xff, 0xb7, 0x74, 0x02,
+  0x4e, 0x1c, 0x75, 0x3d, 0xee, 0xcb, 0x64, 0xf8
 };
 
 class AesDecryptorTest : public testing::Test {
  public:
-  AesDecryptorTest() : decryptor_(&client_) {
-    encrypted_data_ = DecoderBuffer::CopyFrom(kEncryptedData,
-                                              arraysize(kEncryptedData));
+  AesDecryptorTest() : decryptor_(&client_) {}
+
+ protected:
+  scoped_refptr<DecoderBuffer> CreateEncryptedBuffer(const uint8* data,

[ddorwin, 2012/07/11 01:00:27]

WebM

[fgalligan1, 2012/07/11 22:06:33]

Done.

+                                                     int data_size,
+                                                     const uint8* key_id,
+                                                     int key_id_size) {
+    scoped_refptr<DecoderBuffer> encrypted_buffer = DecoderBuffer::CopyFrom(
+        data + kIntegrityCheckSize, data_size - kIntegrityCheckSize);
+    CHECK(encrypted_buffer);
+
+    // Every encrypted Block has an HMAC and IV prepended to it. Current WebM

[ddorwin, 2012/07/11 01:00:27]

Seems like a function level comment. Should at least come before 115.

[fgalligan1, 2012/07/11 22:06:33]

Done.

+    // encrypted request for comments specification is here
+    // http://wiki.webmproject.org/encryption/webm-encryption-rfc
+    uint64 network_iv;
+    memcpy(&network_iv,
+           data + kIntegrityCheckSize,
+           sizeof(network_iv));
+    const uint64 iv = base::NetToHost64(network_iv);
+    encrypted_buffer->SetDecryptConfig(
+        scoped_ptr<DecryptConfig>(new DecryptConfig(
+            data, kIntegrityCheckSize,

[ddorwin, 2012/07/11 01:00:27]

Might be more understandable for others if you made an alias for data named
integrity_value or something like that.

[fgalligan1, 2012/07/11 22:06:33]

Done.

+            reinterpret_cast<const uint8*>(&iv), sizeof(iv),
+            key_id, key_id_size,
+            sizeof(iv))));
+    return encrypted_buffer;
   }
 
- protected:
-  void GenerateKeyRequest() {
+  void GenerateKeyRequest(const uint8* key_id, int key_id_size) {
     EXPECT_CALL(client_, KeyMessageMock(kClearKeySystem, StrNe(std::string()),
                                         NotNull(), Gt(0), ""))
         .WillOnce(SaveArg<1>(&session_id_string_));
-    decryptor_.GenerateKeyRequest(kClearKeySystem,
-                                  kInitData, arraysize(kInitData));
+    decryptor_.GenerateKeyRequest(kClearKeySystem, key_id, key_id_size);
   }
 
-  template <int KeyIdSize, int KeySize>
-  void AddKeyAndExpectToSucceed(const uint8 (&key_id)[KeyIdSize],
-                                const uint8 (&key)[KeySize]) {
+  void AddKeyAndExpectToSucceed(const uint8* key_id, int key_id_size,
+                                const uint8* key, int key_size) {
     EXPECT_CALL(client_, KeyAdded(kClearKeySystem, session_id_string_));
-    decryptor_.AddKey(kClearKeySystem, key, KeySize, key_id, KeyIdSize,
+    decryptor_.AddKey(kClearKeySystem, key, key_size, key_id, key_id_size,
                       session_id_string_);
   }
 
-  template <int KeyIdSize, int KeySize>
-  void AddKeyAndExpectToFail(const uint8 (&key_id)[KeyIdSize],
-                             const uint8 (&key)[KeySize]) {
+  void AddKeyAndExpectToFail(const uint8* key_id, int key_id_size,
+                             const uint8* key, int key_size) {
     EXPECT_CALL(client_, KeyError(kClearKeySystem, session_id_string_,
                                   Decryptor::kUnknownError, 0));
-    decryptor_.AddKey(kClearKeySystem, key, KeySize, key_id, KeyIdSize,
+    decryptor_.AddKey(kClearKeySystem, key, key_size, key_id, key_id_size,
                       session_id_string_);
   }
 
-  template <int KeyIdSize>
-  void SetKeyIdForEncryptedData(const uint8 (&key_id)[KeyIdSize]) {
-    encrypted_data_->SetDecryptConfig(
-        scoped_ptr<DecryptConfig>(new DecryptConfig(key_id, KeyIdSize)));
+  void DecryptAndExpectToSucceed(const uint8* data, int data_size,
+                                 const uint8* plain_text,
+                                 int plain_text_size,
+                                 const uint8* key_id, int key_id_size) {
+    scoped_refptr<DecoderBuffer> encrypted_data =
+        CreateEncryptedBuffer(data, data_size, key_id, key_id_size);
+    scoped_refptr<DecoderBuffer> decrypted =
+        decryptor_.Decrypt(encrypted_data);
+    ASSERT_TRUE(decrypted);
+    ASSERT_EQ(plain_text_size, decrypted->GetDataSize());
+    EXPECT_EQ(0, memcmp(plain_text, decrypted->GetData(), plain_text_size));
   }
 
-  void DecryptAndExpectToSucceed() {
+  void DecryptAndExpectToFail(const uint8* data, int data_size,
+                              const uint8* plain_text, int plain_text_size,
+                              const uint8* key_id, int key_id_size) {
+    scoped_refptr<DecoderBuffer> encrypted_data =
+        CreateEncryptedBuffer(data, data_size, key_id, key_id_size);
     scoped_refptr<DecoderBuffer> decrypted =
-        decryptor_.Decrypt(encrypted_data_);
-    ASSERT_TRUE(decrypted);
-    int data_length = sizeof(kOriginalData);
-    ASSERT_EQ(data_length, decrypted->GetDataSize());
-    EXPECT_EQ(0, memcmp(kOriginalData, decrypted->GetData(), data_length));
-  }
-
-  void DecryptAndExpectToFail() {
-    scoped_refptr<DecoderBuffer> decrypted =
-        decryptor_.Decrypt(encrypted_data_);
+        decryptor_.Decrypt(encrypted_data);
     EXPECT_FALSE(decrypted);
   }
 
   scoped_refptr<DecoderBuffer> encrypted_data_;
   MockDecryptorClient client_;
   AesDecryptor decryptor_;
   std::string session_id_string_;
 };
 
 TEST_F(AesDecryptorTest, NormalDecryption) {
-  GenerateKeyRequest();
-  AddKeyAndExpectToSucceed(kKeyId1, kRightKey);
-  SetKeyIdForEncryptedData(kKeyId1);
-  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed());
+  const WebmEncryptedData& frame = kEncryptedFrames[0];
+  GenerateKeyRequest(frame.key_id, frame.key_id_size);
+  AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size,
+                           frame.key, frame.key_size);
+  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(frame.encrypted_data,
+                                                    frame.encrypted_data_size,
+                                                    frame.plain_text,
+                                                    frame.plain_text_size,
+                                                    frame.key_id,
+                                                    frame.key_id_size));

[xhwang, 2012/07/10 06:31:25]

Can we pass in |frame| (const WebmEncryptedData&) directly to
DecryptAndExpectToSucceed and DecryptAndEx[ectToFail? In the last three tests
(failure tests), we can memcpy frame.encrypted_data before calling
DecryptAndExpectToFail.

[ddorwin, 2012/07/11 01:00:27]

Since it's already this way, we might just leave it and see what happens when we
have to generalize this for ISO.

[fgalligan1, 2012/07/11 22:06:33]

OK, did nothing :).

 }
 
 TEST_F(AesDecryptorTest, WrongKey) {
-  GenerateKeyRequest();
-  AddKeyAndExpectToSucceed(kKeyId1, kWrongKey);
-  SetKeyIdForEncryptedData(kKeyId1);
-  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToFail());
+  const WebmEncryptedData& frame = kEncryptedFrames[0];
+  GenerateKeyRequest(frame.key_id, frame.key_id_size);
+  AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size,
+                           kWrongKey, arraysize(kWrongKey));
+  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToFail(frame.encrypted_data,
+                                                 frame.encrypted_data_size,
+                                                 frame.plain_text,
+                                                 frame.plain_text_size,
+                                                 frame.key_id,
+                                                 frame.key_id_size));
 }
 
 TEST_F(AesDecryptorTest, MultipleKeys) {

[ddorwin, 2012/07/11 01:00:27]

Suggest moving above the other MultipleKeys test and maybe just combining them.

[fgalligan1, 2012/07/11 22:06:33]

Removed.

-  GenerateKeyRequest();
-  AddKeyAndExpectToSucceed(kKeyId1, kRightKey);
-  AddKeyAndExpectToSucceed(kKeyId2, kWrongKey);
-  SetKeyIdForEncryptedData(kKeyId1);
-  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed());
+  const WebmEncryptedData& frame = kEncryptedFrames[0];
+  GenerateKeyRequest(frame.key_id, frame.key_id_size);
+  AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size,
+                           frame.key, frame.key_size);
+  const WebmEncryptedData& frame2 = kEncryptedFrames[2];
+  AddKeyAndExpectToSucceed(frame2.key_id, frame2.key_id_size,
+                           frame2.key, frame2.key_size);
+  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(frame.encrypted_data,
+                                                    frame.encrypted_data_size,
+                                                    frame.plain_text,
+                                                    frame.plain_text_size,
+                                                    frame.key_id,
+                                                    frame.key_id_size));
 }
 
 TEST_F(AesDecryptorTest, KeyReplacement) {
-  GenerateKeyRequest();
-  SetKeyIdForEncryptedData(kKeyId1);
-  AddKeyAndExpectToSucceed(kKeyId1, kWrongKey);
-  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToFail());
-  AddKeyAndExpectToSucceed(kKeyId1, kRightKey);
-  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed());
+  const WebmEncryptedData& frame = kEncryptedFrames[0];
+  GenerateKeyRequest(frame.key_id, frame.key_id_size);
+  AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size,
+                           kWrongKey, arraysize(kWrongKey));
+  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToFail(frame.encrypted_data,
+                                                 frame.encrypted_data_size,
+                                                 frame.plain_text,
+                                                 frame.plain_text_size,
+                                                 frame.key_id,
+                                                 frame.key_id_size));
+  AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size,
+                           frame.key, frame.key_size);
+  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(frame.encrypted_data,
+                                                    frame.encrypted_data_size,
+                                                    frame.plain_text,
+                                                    frame.plain_text_size,
+                                                    frame.key_id,
+                                                    frame.key_id_size));
 }
 
 TEST_F(AesDecryptorTest, WrongSizedKey) {
-  GenerateKeyRequest();
-  AddKeyAndExpectToFail(kKeyId1, kWrongSizedKey);
+  const WebmEncryptedData& frame = kEncryptedFrames[0];
+  GenerateKeyRequest(frame.key_id, frame.key_id_size);
+  AddKeyAndExpectToFail(frame.key_id, frame.key_id_size,
+                        kWrongSizedKey, arraysize(kWrongSizedKey));
 }
 
-}  // media
+TEST_F(AesDecryptorTest, MultipleKeysAndFrames) {
+  const WebmEncryptedData& frame = kEncryptedFrames[0];
+  GenerateKeyRequest(frame.key_id, frame.key_id_size);
+  AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size,
+                           frame.key, frame.key_size);
+  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(frame.encrypted_data,
+                                                    frame.encrypted_data_size,
+                                                    frame.plain_text,
+                                                    frame.plain_text_size,
+                                                    frame.key_id,
+                                                    frame.key_id_size));
+
+  const WebmEncryptedData& frame2 = kEncryptedFrames[2];

[ddorwin, 2012/07/11 01:00:27]

Probably more interesting if the keys are added before either decryption occurs.

[fgalligan1, 2012/07/11 22:06:33]

I changed this to add_key1, decrypt_key1, add_key2, decrypt_key1, decrypt_key2.
I think this should follow more real world use.

+  GenerateKeyRequest(frame2.key_id, frame2.key_id_size);
+  AddKeyAndExpectToSucceed(frame2.key_id, frame2.key_id_size,
+                           frame2.key, frame2.key_size);
+  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(frame2.encrypted_data,
+                                                    frame2.encrypted_data_size,
+                                                    frame2.plain_text,
+                                                    frame2.plain_text_size,
+                                                    frame2.key_id,
+                                                    frame2.key_id_size));
+}
+
+TEST_F(AesDecryptorTest, HmacCheckFailure) {
+  const WebmEncryptedData& frame = kEncryptedFrames[0];
+  GenerateKeyRequest(frame.key_id, frame.key_id_size);
+  AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size,
+                           frame.key, frame.key_size);
+  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToFail(kFrame0InvalidHmac,
+                                                 frame.encrypted_data_size,
+                                                 frame.plain_text,
+                                                 frame.plain_text_size,
+                                                 frame.key_id,
+                                                 frame.key_id_size));
+}
+
+TEST_F(AesDecryptorTest, IvCheckFailure) {
+  const WebmEncryptedData& frame = kEncryptedFrames[0];
+  GenerateKeyRequest(frame.key_id, frame.key_id_size);
+  AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size,
+                           frame.key, frame.key_size);
+  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToFail(kFrame0InvalidIv,
+                                                 frame.encrypted_data_size,
+                                                 frame.plain_text,
+                                                 frame.plain_text_size,
+                                                 frame.key_id,
+                                                 frame.key_id_size));
+}
+
+TEST_F(AesDecryptorTest, DataCheckFailure) {
+  const WebmEncryptedData& frame = kEncryptedFrames[0];
+  GenerateKeyRequest(frame.key_id, frame.key_id_size);
+  AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size,
+                           frame.key, frame.key_size);
+  ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToFail(kFrame0InvalidData,
+                                                 frame.encrypted_data_size,
+                                                 frame.plain_text,
+                                                 frame.plain_text_size,
+                                                 frame.key_id,
+                                                 frame.key_id_size));
+}
+
+}  // namespace media