Add support for encrypted WebM files as defined in the RFC.

media/crypto/aes_decryptor.h

Index: media/crypto/aes_decryptor.h
diff --git a/media/crypto/aes_decryptor.h b/media/crypto/aes_decryptor.h
index 72010526a90323430d716d349f63eec8b56d04cf..17c0f970dceee23bd06140017dca422c2f6ad7e6 100644
--- a/media/crypto/aes_decryptor.h
+++ b/media/crypto/aes_decryptor.h
@@ -10,6 +10,8 @@
 #include "base/basictypes.h"
 #include "base/hash_tables.h"
 #include "base/memory/ref_counted.h"
+#include "base/memory/scoped_ptr.h"
+#include "base/string_piece.h"
 #include "base/synchronization/lock.h"
 #include "media/base/decryptor.h"
 #include "media/base/media_export.h"
@@ -22,7 +24,9 @@ namespace media {
 
 class DecryptorClient;
 
-// Decryptor implementation that decrypts AES-encrypted buffer.
+// Decrypts an AES encrypted buffer into an unencrypted buffer. The AES
+// encryption must be CTR with a key size of 128bits. Optionally checks the
+// integrity of the encrypted data.
 class MEDIA_EXPORT AesDecryptor : public Decryptor {
  public:
   // The AesDecryptor does not take ownership of the |client|. The |client|
@@ -42,13 +46,52 @@ class MEDIA_EXPORT AesDecryptor : public Decryptor {
                       const std::string& session_id) OVERRIDE;
   virtual void CancelKeyRequest(const std::string& key_system,
                                 const std::string& session_id) OVERRIDE;
+
+  // Decrypts |input| buffer. |input| should not be NULL. |input| will signal
+  // if an integrity check must be performed before decryption. Return a
+  // DecoderBuffer with the decrypted data if the decryption succeeded. Return
+  // NULL if the integrity check or decryption failed.
   virtual scoped_refptr<DecoderBuffer> Decrypt(
       const scoped_refptr<DecoderBuffer>& input) OVERRIDE;
 
  private:
-  // KeyMap owns the crypto::SymmetricKey* and must delete them when they are
+  // Helper class that manages the decryption key and HMAC key. The HMAC key
+  // may be NULL.
+  class DecryptionKey {
+   public:
+    explicit DecryptionKey(const std::string& secret);
+    ~DecryptionKey();
+
+    // Creates the HMAC and encryption key.
+    bool Init(bool derive_hmac);
+
+    bool initialized() { return initialized_; }

[ddorwin, 2012/07/13 00:48:00]

is_initialized for both.

[fgalligan1, 2012/07/13 21:40:41]

Done.

+    base::StringPiece hmac_key() { return base::StringPiece(hmac_key_); }

[ddorwin, 2012/07/13 00:48:00]

nit: swap with below since it is common. swap the members too.

[fgalligan1, 2012/07/13 21:40:41]

Done.

+    crypto::SymmetricKey* decryption_key() { return decryption_key_.get(); }
+
+   private:
+    // Flag telling if the object was initialized.

[ddorwin, 2012/07/13 00:48:00]

unnecessary

[fgalligan1, 2012/07/13 21:40:41]

Done.

+    bool initialized_;
+
+    // The base secret that is used to derive the decryption key and optionally
+    // the HMAC key.
+    const std::string secret_;
+
+    // The key used to perform the integrity check.  Currently the HMAC key is
+    // defined by the WebM encrypted specification. Current encrypted WebM
+    // request for comments specification is here
+    // http://wiki.webmproject.org/encryption/webm-encryption-rfc
+    std::string hmac_key_;
+
+    // The key used to decrypt the data.
+    scoped_ptr<crypto::SymmetricKey> decryption_key_;
+
+    DISALLOW_COPY_AND_ASSIGN(DecryptionKey);
+  };
+
+  // KeyMap owns the DecryptionKey* and must delete them when they are
   // not needed any more.
-  typedef base::hash_map<std::string, crypto::SymmetricKey*> KeyMap;
+  typedef base::hash_map<std::string, DecryptionKey*> KeyMap;
 
   // Since only Decrypt() is called off the renderer thread, we only need to
   // protect |key_map_|, the only member variable that is shared between