Add support for encrypted WebM files as defined in the RFC.

media/filters/ffmpeg_video_decoder_unittest.cc

Index: media/filters/ffmpeg_video_decoder_unittest.cc
diff --git a/media/filters/ffmpeg_video_decoder_unittest.cc b/media/filters/ffmpeg_video_decoder_unittest.cc
index a9468879b6f36e4f210d2a24eea3e7f0fb0690e3..fd0fa9ae0f679821b217da5a7a713562186d2448 100644
--- a/media/filters/ffmpeg_video_decoder_unittest.cc
+++ b/media/filters/ffmpeg_video_decoder_unittest.cc
@@ -43,17 +43,25 @@ static const gfx::Rect kVisibleRect(320, 240);
 static const gfx::Size kNaturalSize(522, 288);
 static const AVRational kFrameRate = { 100, 1 };
 static const AVRational kAspectRatio = { 1, 1 };
+
 static const char kClearKeySystem[] = "org.w3.clearkey";
 static const uint8 kInitData[] = { 0x69, 0x6e, 0x69, 0x74 };
-static const uint8 kRightKey[] = {
-  0x41, 0x20, 0x77, 0x6f, 0x6e, 0x64, 0x65, 0x72,
-  0x66, 0x75, 0x6c, 0x20, 0x6b, 0x65, 0x79, 0x21
-};
-static const uint8 kWrongKey[] = {
+static const uint8 kWrongSecret[] = {
   0x49, 0x27, 0x6d, 0x20, 0x61, 0x20, 0x77, 0x72,
   0x6f, 0x6e, 0x67, 0x20, 0x6b, 0x65, 0x79, 0x2e
 };
 static const uint8 kKeyId[] = { 0x4b, 0x65, 0x79, 0x20, 0x49, 0x44 };
+static const uint8 kSecretKey[] = {
+  0xfb, 0x67, 0x8a, 0x91, 0x19, 0x12, 0x7b, 0x6b,
+  0x0b, 0x63, 0x11, 0xf8, 0x6f, 0xe1, 0xc4, 0x2d
+};
+
+static const int kDecryptionKeySize = 16;
+static const uint64 kIv = 3735928559;
+static const uint8 kHmac[] = {
+  0x16, 0xc0, 0x65, 0x1f, 0xf8, 0x0b, 0x36, 0x16,
+  0xb8, 0x32, 0x35, 0x56
+};
 
 ACTION_P(ReturnBuffer, buffer) {
   arg0.Run(buffer);
@@ -77,8 +85,13 @@ class FFmpegVideoDecoderTest : public testing::Test {
     end_of_stream_buffer_ = DecoderBuffer::CreateEOSBuffer();
     i_frame_buffer_ = ReadTestDataFile("vp8-I-frame-320x240");
     corrupt_i_frame_buffer_ = ReadTestDataFile("vp8-corrupt-I-frame");
-    encrypted_i_frame_buffer_ = ReadTestDataFile(
-        "vp8-encrypted-I-frame-320x240");
+    {
+      scoped_refptr<DecoderBuffer> temp_buffer = ReadTestDataFile(
+          "vp8-encrypted-I-frame-320x240");
+      encrypted_i_frame_buffer_ = DecoderBuffer::CopyFrom(
+          temp_buffer->GetData() + arraysize(kHmac),
+          temp_buffer->GetDataSize() - arraysize(kHmac));
+    }
 
     config_.Initialize(kCodecVP8, VIDEO_CODEC_PROFILE_UNKNOWN,
                        kVideoFormat, kCodedSize, kVisibleRect,
@@ -207,6 +220,21 @@ class FFmpegVideoDecoderTest : public testing::Test {
     message_loop_.RunAllPending();
   }
 
+  // Generates a 16 byte CTR counter block. The CTR counter block format is a
+  // CTR IV appended with a CTR block counter. |iv| is a CTR IV. |iv_size| is
+  // the size of |iv| in bytes. Returns counter block on success.
+  std::string GenerateCounterBlock(uint64 iv) {

[xhwang, 2012/07/14 00:05:22]

It seems odd that we return std::string here and then later convert to const
uint8*. We are doing unnecessary data copying and casting. Can we pass in a
counter_block_size and return by scoped_array<unit8>, so that the caller knows
what the size of the data in the returned scoped_array is? Or anything else that
eliminates this extra copy and cast.

[fgalligan1, 2012/07/16 23:51:42]

Done.

+    char counter_block_data[kDecryptionKeySize];
+
+    // Set the IV.
+    memcpy(counter_block_data, &iv, sizeof(iv));
+
+    // Set block counter to all 0's.
+    memset(counter_block_data + sizeof(iv), 0, kDecryptionKeySize - sizeof(iv));
+
+    return std::string(counter_block_data, kDecryptionKeySize);
+  }
+
   MOCK_METHOD2(FrameReady, void(VideoDecoder::DecoderStatus,
                                 const scoped_refptr<VideoFrame>&));
 
@@ -388,7 +416,9 @@ TEST_F(FFmpegVideoDecoderTest, DecodeFrame_SmallerHeight) {
   DecodeIFrameThenTestFile("vp8-I-frame-320x120", 320, 120);
 }
 
-TEST_F(FFmpegVideoDecoderTest, DecodeEncryptedFrame_Normal) {
+// TODO(fgalligan): Enable test when encrypted test data is updated and new
+// decryption code is landed. http://crbug.com/132801
+TEST_F(FFmpegVideoDecoderTest, DISABLED_DecodeEncryptedFrame_Normal) {
   Initialize();
   std::string sessing_id_string;
   EXPECT_CALL(decryptor_client_,
@@ -398,12 +428,21 @@ TEST_F(FFmpegVideoDecoderTest, DecodeEncryptedFrame_Normal) {
   decryptor_->GenerateKeyRequest(kClearKeySystem,
                                  kInitData, arraysize(kInitData));
   EXPECT_CALL(decryptor_client_, KeyAdded(kClearKeySystem, sessing_id_string));
-  decryptor_->AddKey(kClearKeySystem, kRightKey, arraysize(kRightKey),
+  decryptor_->AddKey(kClearKeySystem, kSecretKey, arraysize(kSecretKey),
                      kKeyId, arraysize(kKeyId), sessing_id_string);
 
+  std::string counter_block = GenerateCounterBlock(kIv);
+  const uint8* counter_block_data =
+      reinterpret_cast<const uint8*>(counter_block.data());
+
   // Simulate decoding a single encrypted frame.
   encrypted_i_frame_buffer_->SetDecryptConfig(scoped_ptr<DecryptConfig>(
-      new DecryptConfig(kKeyId, arraysize(kKeyId))));
+      new DecryptConfig(
+          kKeyId, arraysize(kKeyId),
+          counter_block_data, counter_block.size(),
+          kHmac, arraysize(kHmac),
+          sizeof(kIv))));
+
   VideoDecoder::DecoderStatus status;
   scoped_refptr<VideoFrame> video_frame;
   DecodeSingleFrame(encrypted_i_frame_buffer_, &status, &video_frame);
@@ -416,10 +455,17 @@ TEST_F(FFmpegVideoDecoderTest, DecodeEncryptedFrame_Normal) {
 // No key is provided to the decryptor and we expect to see a decrypt error.
 TEST_F(FFmpegVideoDecoderTest, DecodeEncryptedFrame_NoKey) {
   Initialize();
+  std::string counter_block = GenerateCounterBlock(kIv);
+  const uint8* counter_block_data =
+      reinterpret_cast<const uint8*>(counter_block.data());
 
   // Simulate decoding a single encrypted frame.
   encrypted_i_frame_buffer_->SetDecryptConfig(scoped_ptr<DecryptConfig>(
-      new DecryptConfig(kKeyId, arraysize(kKeyId))));
+      new DecryptConfig(
+          kKeyId, arraysize(kKeyId),
+          counter_block_data, counter_block.size(),
+          kHmac, arraysize(kHmac),
+          sizeof(kIv))));
 
   EXPECT_CALL(*demuxer_, Read(_))
       .WillRepeatedly(ReturnBuffer(encrypted_i_frame_buffer_));
@@ -439,31 +485,30 @@ TEST_F(FFmpegVideoDecoderTest, DecodeEncryptedFrame_NoKey) {
 TEST_F(FFmpegVideoDecoderTest, DecodeEncryptedFrame_WrongKey) {
   Initialize();
   EXPECT_CALL(decryptor_client_, KeyAdded("", ""));
-  decryptor_->AddKey("", kWrongKey, arraysize(kWrongKey),
+  decryptor_->AddKey("", kWrongSecret, arraysize(kWrongSecret),
                      kKeyId, arraysize(kKeyId), "");
 
+  std::string counter_block = GenerateCounterBlock(kIv);
+  const uint8* counter_block_data =
+      reinterpret_cast<const uint8*>(counter_block.data());
+
+  // Simulate decoding a single encrypted frame.
   encrypted_i_frame_buffer_->SetDecryptConfig(scoped_ptr<DecryptConfig>(
-      new DecryptConfig(kKeyId, arraysize(kKeyId))));
+      new DecryptConfig(
+          kKeyId, arraysize(kKeyId),
+          counter_block_data, counter_block.size(),
+          kHmac, arraysize(kHmac),
+          sizeof(kIv))));
+
   EXPECT_CALL(*demuxer_, Read(_))
       .WillRepeatedly(ReturnBuffer(encrypted_i_frame_buffer_));
 
-  // Using the wrong key on some platforms doesn't cause an decryption error but
-  // actually attempts to decode the content, however we're unable to
-  // distinguish between the two (see http://crbug.com/124434).
-#if defined(USE_NSS) || defined(OS_WIN) || defined(OS_MACOSX)
-  EXPECT_CALL(statistics_cb_, OnStatistics(_));
-#endif
-
   // Our read should still get satisfied with end of stream frame during an
   // error.
   VideoDecoder::DecoderStatus status;
   scoped_refptr<VideoFrame> video_frame;
   Read(&status, &video_frame);
-#if defined(USE_NSS) || defined(OS_WIN) || defined(OS_MACOSX)
-  EXPECT_EQ(VideoDecoder::kDecodeError, status);
-#else
   EXPECT_EQ(VideoDecoder::kDecryptError, status);
-#endif
   EXPECT_FALSE(video_frame);
 
   message_loop_.RunAllPending();