| Index: media/crypto/aes_decryptor_unittest.cc
|
| diff --git a/media/crypto/aes_decryptor_unittest.cc b/media/crypto/aes_decryptor_unittest.cc
|
| index 0b33f61f043ed147e8a527512bffbebe36c2b541..714b2bc8d354f60b574c162fcd7e7c4090db3998 100644
|
| --- a/media/crypto/aes_decryptor_unittest.cc
|
| +++ b/media/crypto/aes_decryptor_unittest.cc
|
| @@ -4,6 +4,8 @@
|
|
|
| #include <string>
|
|
|
| +#include "base/logging.h"
|
| +#include "base/sys_byteorder.h"
|
| #include "media/base/decoder_buffer.h"
|
| #include "media/base/decrypt_config.h"
|
| #include "media/crypto/aes_decryptor.h"
|
| @@ -11,77 +13,254 @@
|
|
|
| namespace media {
|
|
|
| -// |kEncryptedData| is encrypted from |kOriginalData| using |kRightKey|, whose
|
| -// length is |kKeySize|. Modifying any of these independently would fail the
|
| -// test.
|
| -static const char kOriginalData[] = "Original data.";
|
| -static const int kEncryptedDataSize = 16;
|
| -static const unsigned char kEncryptedData[] =
|
| - "\x82\x3A\x76\x92\xEC\x7F\xF8\x85\xEC\x23\x52\xFB\x19\xB1\xB9\x09";
|
| +struct WebmEncryptedData {
|
| + uint8 plain_text[32];
|
| + int plain_text_size;
|
| + uint8 key_id[32];
|
| + int key_id_size;
|
| + uint8 key[32];
|
| + int key_size;
|
| + uint8 encrypted_data[64];
|
| + int encrypted_data_size;
|
| +};
|
| +
|
| +const WebmEncryptedData kEncryptedFrames[] = {
|
| + {
|
| + // plaintext
|
| + "Original data.", 14,
|
| + // key_id
|
| + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
|
| + 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13}, 20,
|
| + // key
|
| + { 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
|
| + 0x20, 0x21, 0x22, 0x23}, 16,
|
| + // encrypted_data
|
| + { 0xfb, 0xe7, 0x1d, 0xbb, 0x4c, 0x23, 0xce, 0xba, 0xcc, 0xf8, 0xda, 0xc0,
|
| + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x99, 0xaa, 0xff, 0xb7,
|
| + 0x74, 0x02, 0x4e, 0x1c, 0x75, 0x3d, 0xee, 0xcb, 0x64, 0xf7}, 34
|
| + },
|
| + {
|
| + // plaintext
|
| + "Changed Original data.", 22,
|
| + // key_id
|
| + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
|
| + 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13}, 20,
|
| + // key
|
| + { 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
|
| + 0x20, 0x21, 0x22, 0x23}, 16,
|
| + // encrypted_data
|
| + { 0x43, 0xe4, 0x78, 0x7a, 0x43, 0xe1, 0x49, 0xbb, 0x44, 0x38, 0xdf, 0xfc,
|
| + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xec, 0x8e, 0x87, 0x21,
|
| + 0xd3, 0xb9, 0x1c, 0x61, 0xf6, 0x5a, 0x60, 0xaa, 0x07, 0x0e, 0x96, 0xd0,
|
| + 0x54, 0x5d, 0x35, 0x9a, 0x4a, 0xd3}, 42
|
| + },
|
| + {
|
| + // plaintext
|
| + "Original data.", 14,
|
| + // key_id
|
| + { 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
|
| + 0x30}, 13,
|
| + // key
|
| + { 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c,
|
| + 0x3d, 0x3e, 0x3f, 0x40}, 16,
|
| + // encrypted_data
|
| + { 0xd9, 0x43, 0x30, 0xfd, 0x82, 0x77, 0x62, 0x04, 0x08, 0xc2, 0x48, 0x89,
|
| + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x48, 0x5e, 0x4a, 0x41,
|
| + 0x2a, 0x8b, 0xf4, 0xc6, 0x47, 0x54, 0x90, 0x34, 0xf4, 0x8b}, 34
|
| + },
|
| +};
|
| +
|
| +static const int kIntegrityCheckSize = 12;
|
| +static const int kIvSize = 8;
|
| static const int kKeySize = 16;
|
| -static const unsigned char kRightKey[] = "A wonderful key!";
|
| static const unsigned char kWrongKey[] = "I'm a wrong key.";
|
| -static const int kKeyIdSize = 9;
|
| -static const unsigned char kKeyId1[] = "Key ID 1.";
|
| -static const unsigned char kKeyId2[] = "Key ID 2.";
|
| +static const unsigned char kFrame0InvalidHmac[] = {
|
| + 0xfc, 0xe7, 0x1d, 0xbb, 0x4c, 0x23, 0xce, 0xba, 0xcc, 0xf8, 0xda, 0xc0, 0xff,
|
| + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x99, 0xaa, 0xff, 0xb7, 0x74, 0x02,
|
| + 0x4e, 0x1c, 0x75, 0x3d, 0xee, 0xcb, 0x64, 0xf7
|
| +};
|
| +static const unsigned char kFrame0InvalidIv[] = {
|
| + 0xfb, 0xe7, 0x1d, 0xbb, 0x4c, 0x23, 0xce, 0xba, 0xcc, 0xf8, 0xda, 0xc0, 0x0f,
|
| + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x99, 0xaa, 0xff, 0xb7, 0x74, 0x02,
|
| + 0x4e, 0x1c, 0x75, 0x3d, 0xee, 0xcb, 0x64, 0xf7
|
| +};
|
| +static const unsigned char kFrame0InvalidData[] = {
|
| + 0xfb, 0xe7, 0x1d, 0xbb, 0x4c, 0x23, 0xce, 0xba, 0xcc, 0xf8, 0xda, 0xc0, 0xff,
|
| + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x99, 0xaa, 0xff, 0xb7, 0x74, 0x02,
|
| + 0x4e, 0x1c, 0x75, 0x3d, 0xee, 0xcb, 0x64, 0xf8
|
| +};
|
|
|
| -class AesDecryptorTest : public testing::Test {
|
| +class HmacAesDecryptorTest : public testing::Test {
|
| public:
|
| - AesDecryptorTest() {
|
| - encrypted_data_ = DecoderBuffer::CopyFrom(
|
| - kEncryptedData, kEncryptedDataSize);
|
| - }
|
| + HmacAesDecryptorTest() {}
|
|
|
| protected:
|
| - void SetKeyIdForEncryptedData(const uint8* key_id, int key_id_size) {
|
| - encrypted_data_->SetDecryptConfig(
|
| - scoped_ptr<DecryptConfig>(new DecryptConfig(key_id, key_id_size)));
|
| + scoped_refptr<DecoderBuffer> CreateEncryptedBuffer(const uint8* data,
|
| + int data_size,
|
| + const uint8* key_id,
|
| + int key_id_size) {
|
| + CHECK_GT(data_size, kIntegrityCheckSize + kIvSize);
|
| + scoped_refptr<DecoderBuffer> encrypted_buffer = DecoderBuffer::CopyFrom(
|
| + data + kIntegrityCheckSize, data_size - kIntegrityCheckSize);
|
| + CHECK(encrypted_buffer);
|
| +
|
| + // Every encrypted Block has an HMAC and IV prepended to it. Current WebM
|
| + // encrypted request for comments specification is here
|
| + // http://wiki.webmproject.org/encryption/webm-encryption-rfc
|
| + uint64 network_iv;
|
| + memcpy(&network_iv,
|
| + data + kIntegrityCheckSize,
|
| + sizeof(network_iv));
|
| + const uint64 iv = base::NetToHost64(network_iv);
|
| + encrypted_buffer->SetDecryptConfig(
|
| + scoped_ptr<DecryptConfig>(new DecryptConfig(
|
| + data, kIntegrityCheckSize,
|
| + reinterpret_cast<const uint8*>(&iv), sizeof(iv),
|
| + key_id, key_id_size,
|
| + sizeof(iv))));
|
| + return encrypted_buffer;
|
| }
|
|
|
| - void DecryptAndExpectToSucceed() {
|
| + void DecryptAndExpectToSucceed(const uint8* data, int data_size,
|
| + const uint8* plain_text,
|
| + int plain_text_size,
|
| + const uint8* key_id, int key_id_size) {
|
| + scoped_refptr<DecoderBuffer> encrypted_data =
|
| + CreateEncryptedBuffer(data, data_size, key_id, key_id_size);
|
| scoped_refptr<DecoderBuffer> decrypted =
|
| - decryptor_.Decrypt(encrypted_data_);
|
| + decryptor_.Decrypt(encrypted_data);
|
| ASSERT_TRUE(decrypted);
|
| - int data_length = sizeof(kOriginalData) - 1;
|
| - ASSERT_EQ(data_length, decrypted->GetDataSize());
|
| - EXPECT_EQ(0, memcmp(kOriginalData, decrypted->GetData(), data_length));
|
| + ASSERT_EQ(plain_text_size, decrypted->GetDataSize());
|
| + EXPECT_EQ(0, memcmp(plain_text, decrypted->GetData(), plain_text_size));
|
| }
|
|
|
| - void DecryptAndExpectToFail() {
|
| + void DecryptAndExpectToFail(const uint8* data, int data_size,
|
| + const uint8* plain_text, int plain_text_size,
|
| + const uint8* key_id, int key_id_size) {
|
| + scoped_refptr<DecoderBuffer> encrypted_data =
|
| + CreateEncryptedBuffer(data, data_size, key_id, key_id_size);
|
| scoped_refptr<DecoderBuffer> decrypted =
|
| - decryptor_.Decrypt(encrypted_data_);
|
| + decryptor_.Decrypt(encrypted_data);
|
| EXPECT_FALSE(decrypted);
|
| }
|
|
|
| - scoped_refptr<DecoderBuffer> encrypted_data_;
|
| - AesDecryptor decryptor_;
|
| + HmacAesDecryptor decryptor_;
|
| };
|
|
|
| -TEST_F(AesDecryptorTest, NormalDecryption) {
|
| - decryptor_.AddKey(kKeyId1, kKeyIdSize, kRightKey, kKeySize);
|
| - SetKeyIdForEncryptedData(kKeyId1, kKeyIdSize);
|
| - ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed());
|
| +TEST_F(HmacAesDecryptorTest, NormalDecryption) {
|
| + const WebmEncryptedData& frame = kEncryptedFrames[0];
|
| + decryptor_.AddKey(frame.key_id, frame.key_id_size,
|
| + frame.key, frame.key_size);
|
| + ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(frame.encrypted_data,
|
| + frame.encrypted_data_size,
|
| + frame.plain_text,
|
| + frame.plain_text_size,
|
| + frame.key_id,
|
| + frame.key_id_size));
|
| +}
|
| +
|
| +TEST_F(HmacAesDecryptorTest, WrongKey) {
|
| + const WebmEncryptedData& frame = kEncryptedFrames[0];
|
| + decryptor_.AddKey(frame.key_id, frame.key_id_size,
|
| + kWrongKey, kKeySize);
|
| + ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToFail(frame.encrypted_data,
|
| + frame.encrypted_data_size,
|
| + frame.plain_text,
|
| + frame.plain_text_size,
|
| + frame.key_id,
|
| + frame.key_id_size));
|
| +}
|
| +
|
| +TEST_F(HmacAesDecryptorTest, MultipleKeys) {
|
| + const WebmEncryptedData& frame = kEncryptedFrames[0];
|
| + decryptor_.AddKey(frame.key_id, frame.key_id_size,
|
| + frame.key, frame.key_size);
|
| + const WebmEncryptedData& frame2 = kEncryptedFrames[2];
|
| + decryptor_.AddKey(frame2.key_id, frame2.key_id_size,
|
| + frame2.key, frame2.key_size);
|
| + ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(frame.encrypted_data,
|
| + frame.encrypted_data_size,
|
| + frame.plain_text,
|
| + frame.plain_text_size,
|
| + frame.key_id,
|
| + frame.key_id_size));
|
| +}
|
| +
|
| +TEST_F(HmacAesDecryptorTest, KeyReplacement) {
|
| + const WebmEncryptedData& frame = kEncryptedFrames[0];
|
| + decryptor_.AddKey(frame.key_id, frame.key_id_size,
|
| + kWrongKey, kKeySize);
|
| + ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToFail(frame.encrypted_data,
|
| + frame.encrypted_data_size,
|
| + frame.plain_text,
|
| + frame.plain_text_size,
|
| + frame.key_id,
|
| + frame.key_id_size));
|
| + decryptor_.AddKey(frame.key_id, frame.key_id_size,
|
| + frame.key, frame.key_size);
|
| + ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(frame.encrypted_data,
|
| + frame.encrypted_data_size,
|
| + frame.plain_text,
|
| + frame.plain_text_size,
|
| + frame.key_id,
|
| + frame.key_id_size));
|
| +}
|
| +
|
| +TEST_F(HmacAesDecryptorTest, MultipleKeysAndFrames) {
|
| + const WebmEncryptedData& frame = kEncryptedFrames[0];
|
| + decryptor_.AddKey(frame.key_id, frame.key_id_size,
|
| + frame.key, frame.key_size);
|
| + const WebmEncryptedData& frame2 = kEncryptedFrames[2];
|
| + decryptor_.AddKey(frame2.key_id, frame2.key_id_size,
|
| + frame2.key, frame2.key_size);
|
| + ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(frame.encrypted_data,
|
| + frame.encrypted_data_size,
|
| + frame.plain_text,
|
| + frame.plain_text_size,
|
| + frame.key_id,
|
| + frame.key_id_size));
|
| + ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(frame2.encrypted_data,
|
| + frame2.encrypted_data_size,
|
| + frame2.plain_text,
|
| + frame2.plain_text_size,
|
| + frame2.key_id,
|
| + frame2.key_id_size));
|
| }
|
|
|
| -TEST_F(AesDecryptorTest, WrongKey) {
|
| - decryptor_.AddKey(kKeyId1, kKeyIdSize, kWrongKey, kKeySize);
|
| - SetKeyIdForEncryptedData(kKeyId1, kKeyIdSize);
|
| - ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToFail());
|
| +TEST_F(HmacAesDecryptorTest, HmacCheckFailure) {
|
| + const WebmEncryptedData& frame = kEncryptedFrames[0];
|
| + decryptor_.AddKey(frame.key_id, frame.key_id_size,
|
| + frame.key, frame.key_size);
|
| + ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToFail(kFrame0InvalidHmac,
|
| + frame.encrypted_data_size,
|
| + frame.plain_text,
|
| + frame.plain_text_size,
|
| + frame.key_id,
|
| + frame.key_id_size));
|
| }
|
|
|
| -TEST_F(AesDecryptorTest, MultipleKeys) {
|
| - decryptor_.AddKey(kKeyId1, kKeyIdSize, kRightKey, kKeySize);
|
| - decryptor_.AddKey(kKeyId2, kKeyIdSize, kWrongKey, kKeySize);
|
| - SetKeyIdForEncryptedData(kKeyId1, kKeyIdSize);
|
| - ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed());
|
| +TEST_F(HmacAesDecryptorTest, IvCheckFailure) {
|
| + const WebmEncryptedData& frame = kEncryptedFrames[0];
|
| + decryptor_.AddKey(frame.key_id, frame.key_id_size,
|
| + frame.key, frame.key_size);
|
| + ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToFail(kFrame0InvalidIv,
|
| + frame.encrypted_data_size,
|
| + frame.plain_text,
|
| + frame.plain_text_size,
|
| + frame.key_id,
|
| + frame.key_id_size));
|
| }
|
|
|
| -TEST_F(AesDecryptorTest, KeyReplacement) {
|
| - SetKeyIdForEncryptedData(kKeyId1, kKeyIdSize);
|
| - decryptor_.AddKey(kKeyId1, kKeyIdSize, kWrongKey, kKeySize);
|
| - ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToFail());
|
| - decryptor_.AddKey(kKeyId1, kKeyIdSize, kRightKey, kKeySize);
|
| - ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed());
|
| +TEST_F(HmacAesDecryptorTest, DataCheckFailure) {
|
| + const WebmEncryptedData& frame = kEncryptedFrames[0];
|
| + decryptor_.AddKey(frame.key_id, frame.key_id_size,
|
| + frame.key, frame.key_size);
|
| + ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToFail(kFrame0InvalidData,
|
| + frame.encrypted_data_size,
|
| + frame.plain_text,
|
| + frame.plain_text_size,
|
| + frame.key_id,
|
| + frame.key_id_size));
|
| }
|
|
|
| } // media
|
|
|
Chromium Code Reviews
Issue 10535029:
Add support for encrypted WebM files as defined in the RFC. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master