Add PPAPI decryptor interfaces.

webkit/plugins/ppapi/ppapi_plugin_instance.cc

Index: webkit/plugins/ppapi/ppapi_plugin_instance.cc
diff --git a/webkit/plugins/ppapi/ppapi_plugin_instance.cc b/webkit/plugins/ppapi/ppapi_plugin_instance.cc
index ecc4369c4f73f7607951bfa971535cbbce431e5f..a44888d307702fe7714220bff8fa578ac2274f4e 100644
--- a/webkit/plugins/ppapi/ppapi_plugin_instance.cc
+++ b/webkit/plugins/ppapi/ppapi_plugin_instance.cc
@@ -294,6 +294,34 @@ scoped_array<const char*> StringVectorToArgArray(
   return array.Pass();
 }
 
+// Creates a PP_Resource containing a PPB_Buffer_Impl, copies |data| into the
+// buffer resource, and returns it. Returns a PP_Resource equal to 0 on
+// failure.
+PP_Resource MakeBufferResource(PP_Instance instance,
+                               const std::string& data) {
+  if (data.empty())
+    return 0;
+
+  ScopedPPResource resource(PPB_Buffer_Impl::Create(instance, data.size()));

[dmichael (off chromium), 2012/07/31 03:36:31]

I think that using this constructor, ScopedPPResource takes an additional ref,
so now you have 2. It looks like you're coding assuming you have one reference
below.

Maybe you mean the PassRef constructor?

[Tom Finegan, 2012/08/02 01:12:04]

Fixed this-- I want the returned PP_Resource to have ref count of 1.

+  if (!resource.get())
+    return 0;
+
+  EnterResourceNoLock<PPB_Buffer_API> enter(resource, true);
+  if (enter.failed())
+    return 0;
+
+  BufferAutoMapper mapper(enter.object());
+  if (!mapper.data() || mapper.size() < data.size())
+    return 0;

[dmichael (off chromium), 2012/07/31 03:36:31]

I don't think this check is necessary

[Tom Finegan, 2012/08/02 01:12:04]

Done.

+  memcpy(mapper.data(), data.data(), data.size());
+
+  // Add the resource to the tracker...
+  // TODO(tomfinegan): wild guess/no idea if this is right.
+  PpapiGlobals::Get()->GetResourceTracker()->AddRefResource(resource.get());

[dmichael (off chromium), 2012/07/31 03:36:31]

...and Release below should return the ScopedPPResource's reference out, so I
think this AddRefResource is unnecessary (even after changing to use the PassRef
constructor above).

+
+  return resource.Release();
+}
+
 }  // namespace
 
 // static
@@ -323,6 +351,7 @@ PluginInstance::PluginInstance(
       has_webkit_focus_(false),
       has_content_area_focus_(false),
       find_identifier_(-1),
+      plugin_decryption_interface_(NULL),
       plugin_find_interface_(NULL),
       plugin_input_event_interface_(NULL),
       plugin_messaging_interface_(NULL),
@@ -959,6 +988,16 @@ void PluginInstance::StopFind() {
   plugin_find_interface_->StopFind(pp_instance());
 }
 
+bool PluginInstance::LoadContentDecryptionModuleInterface() {
+  if (!plugin_decryption_interface_) {
+    plugin_decryption_interface_ =
+        static_cast<const PPP_ContentDecryptor_Dev*>(
+          module_->GetPluginInterface(

[dmichael (off chromium), 2012/07/31 03:36:31]

nit: I think there should be 2 more spaces here

+              PPP_CONTENTDECRYPTOR_DEV_INTERFACE));
+  }
+  return !!plugin_decryption_interface_;
+}
+
 bool PluginInstance::LoadFindInterface() {
   if (!plugin_find_interface_) {
     plugin_find_interface_ =
@@ -1276,6 +1315,97 @@ void PluginInstance::RotateView(WebPlugin::RotationType type) {
   // NOTE: plugin instance may have been deleted.
 }
 
+bool PluginInstance::GenerateKeyRequest(const std::string& key_system,
+                                        const std::string& init_data) {
+  if (!LoadContentDecryptionModuleInterface())
+    return false;
+
+  if (key_system.empty())
+    return false;
+
+  PP_Resource init_data_resource = 0;
+  if (init_data.size()) {
+    ScopedPPResource local_init_data(ScopedPPResource::PassRef(),
+                                     MakeBufferResource(pp_instance(),
+                                                        init_data));

[dmichael (off chromium), 2012/07/31 03:36:31]

Why is init_data a string, if you're using it for binary data? I would think
something like vector<unsigned char> or scoped_array might be more appropriate?

Then again, I'm not clear on what GenerateKeyRequest is for, so maybe there is a
goo reason ;-)

[Tom Finegan, 2012/08/01 04:19:22]

Our design uses std::string for data whether its binary or not-- it could just
as well be vector<uint8>.

Using std::string is consistent with the  media/crypto stuff-- it uses
std::string for binary data. It seems weird, but the container can handle it.
E.g.
http://code.google.com/searchframe#OAMlx_jo-ck/src/media/crypto/aes_decryptor...

+
+    if (!local_init_data.get())
+      return false;
+    init_data_resource = local_init_data.Release();
+  }
+
+  return PP_ToBool(plugin_decryption_interface_->GenerateKeyRequest(
+      pp_instance(),
+      StringVar::StringToPPVar(key_system),
+      init_data_resource));
+}
+
+bool PluginInstance::AddKey(const std::string& session_id,
+                            const std::string& key) {
+  if (!LoadContentDecryptionModuleInterface())
+    return false;
+
+  StringVar session_id_var(session_id);
+  if (session_id_var.value().size() < session_id.size())
+    return false;

[dmichael (off chromium), 2012/07/31 03:36:31]

I don't think this check should be necessary

[Tom Finegan, 2012/08/02 01:12:04]

Removed.

+
+  ScopedPPResource key_resource(ScopedPPResource::PassRef(),
+                                MakeBufferResource(pp_instance(), key));
+  if (!key_resource.get())
+    return false;
+
+  return PP_ToBool(plugin_decryption_interface_->AddKey(
+      pp_instance(),
+      session_id_var.GetPPVar(),
+      key_resource));
+}
+
+bool PluginInstance::CancelKeyRequest(const std::string& session_id) {
+  if (!LoadContentDecryptionModuleInterface())
+    return false;
+  StringVar session_id_var(session_id);
+  if (session_id_var.value().size() < session_id.size())
+    return false;

[dmichael (off chromium), 2012/07/31 03:36:31]

unnecessary check

[Tom Finegan, 2012/08/02 01:12:04]

Removed.

+  return PP_ToBool(plugin_decryption_interface_->CancelKeyRequest(
+      pp_instance(),
+      session_id_var.GetPPVar()));
+}
+
+bool PluginInstance::Decrypt(const std::string& encrypted_block,
+                             const CDMStatusCB& callback) {
+  if (!LoadContentDecryptionModuleInterface())
+    return false;
+  ScopedPPResource encrypted_resource(ScopedPPResource::PassRef(),
+                                      MakeBufferResource(pp_instance(),
+                                                         encrypted_block));
+  if (!encrypted_resource.get())
+    return false;
+  // TODO(tomfinegan): wrap callback in PP_CompletionCallback and pass it to
+  // the plugin.
+  PP_CompletionCallback pp_callback = {NULL, NULL, 0};
+  return PP_ToBool(plugin_decryption_interface_->Decrypt(pp_instance(),
+                                                         encrypted_resource,
+                                                         pp_callback));
+}
+
+bool PluginInstance::DecryptAndDecode(const std::string& encrypted_block,
+                                      const CDMStatusCB& callback) {
+  if (!LoadContentDecryptionModuleInterface())
+    return false;
+  ScopedPPResource encrypted_resource(ScopedPPResource::PassRef(),
+                                      MakeBufferResource(pp_instance(),
+                                                         encrypted_block));
+  if (!encrypted_resource.get())
+    return false;
+  // TODO(tomfinegan): wrap callback in PP_CompletionCallback and pass it to
+  // the plugin.
+  PP_CompletionCallback pp_callback = {NULL, NULL, 0};
+  return PP_ToBool(plugin_decryption_interface_->DecryptAndDecode(
+      pp_instance(),
+      encrypted_resource,
+      pp_callback));
+}
+
 bool PluginInstance::FlashIsFullscreenOrPending() {
   return fullscreen_container_ != NULL;
 }
@@ -1879,6 +2009,111 @@ PP_Var PluginInstance::GetFontFamilies(PP_Instance instance) {
   return PP_MakeUndefined();
 }
 
+void PluginInstance::NeedKey(PP_Instance instance,
+                             PP_Var key_system_var,
+                             PP_Var session_id_var,
+                             PP_Resource init_data) {
+  StringVar* key_system_string = StringVar::FromPPVar(key_system_var);
+  StringVar* session_id_string = StringVar::FromPPVar(session_id_var);
+
+  // TODO(tomfinegan): Where does the call to this method come from? Or, where
+  // does it go for handling. I need to read more of the EME proposed spec, but
+  // this is what I understand so far:
+  // - JS app sends needkey before anything else when it knows that encrypted
+  //   data is going to be streamed to the user agent.
+  // - OR is the media stack going to see something in the stream that looks
+  //   like init data, and then send NeedKey. If this is the case NeedKey
+  //   probably needs to move to the PPP interface.
+
+  HostGlobals::Get()->GetVarTracker()->ReleaseVar(key_system_var);

[dmichael (off chromium), 2012/07/31 03:36:31]

I may be wrong, but I think that our usual policy for Vars in this situation is
that the browser won't release them. The reference count is the same after the
method returns as when it's called. Our C++ wrappers, e.g., won't know about the
method call here, so you probably would get a double delete..

[Tom Finegan, 2012/08/02 01:12:04]

So the caller of this method would be responsible for cleaning up any vars
created, and I could use member pp::Vars to help minimize data copying and
reallocation?

+  HostGlobals::Get()->GetVarTracker()->ReleaseVar(session_id_var);
+}
+
+void PluginInstance::KeyAdded(PP_Instance instance,
+                              PP_Var key_system,
+                              PP_Var session_id) {
+}

[dmichael (off chromium), 2012/07/31 03:36:31]

TODO?

[Tom Finegan, 2012/08/02 01:12:04]

Added a some code here, and a TODO.

+
+void PluginInstance::KeyMessage(PP_Instance instance,
+                                PP_Var key_system_var,
+                                PP_Var session_id_var,
+                                PP_Resource message_resource,
+                                PP_Var default_url_var) {
+  StringVar* key_system_string = StringVar::FromPPVar(key_system_var);
+  StringVar* session_id_string = StringVar::FromPPVar(session_id_var);
+  StringVar* default_url_string = StringVar::FromPPVar(default_url_var);
+
+  if (!key_system_string || !session_id_string || !default_url_string) {
+    // TODO(tomfinegan): KeyError here?
+    return;
+  }
+
+  EnterResourceNoLock<PPB_Buffer_API> enter(message_resource, true);
+  if (enter.failed()) {
+    // TODO(tomfinegan): KeyError here?
+    NOTREACHED();

[dmichael (off chromium), 2012/07/31 03:36:31]

You shouldn't do NOTREACHED or other crash-inducing things just because a plugin
provided bad args (maybe this is just leftover from debugging?)

[Tom Finegan, 2012/08/02 01:12:04]

It was, removed.

+    return;
+  }
+
+  BufferAutoMapper mapper(enter.object());
+  if (!mapper.data() || !mapper.size()) {
+    // TODO(tomfinegan): KeyError here?
+    NOTREACHED();

[dmichael (off chromium), 2012/07/31 03:36:31]

Also probably not appropriate to crash here (resource exhaustion?), though I'm
less sure

[Tom Finegan, 2012/08/02 01:12:04]

Removed; my understanding is that we'll crash on out of memory anyway. Left over
debug code, anyway. :)

+    return;
+  }
+
+  std::string message(reinterpret_cast<char*>(mapper.data()), mapper.size());

[dmichael (off chromium), 2012/07/31 03:36:31]

Why are you using a string here? You don't seem to use it, so it's not clear to
me what's going on.

[Tom Finegan, 2012/08/01 04:19:22]

As above.

+  if (message.empty()) {
+    // TODO(tomfinegan): KeyError here?
+    NOTREACHED();
+    return;
+  }
+
+  // Release the PP_Vars.
+  HostGlobals::Get()->GetVarTracker()->ReleaseVar(key_system_var);
+  HostGlobals::Get()->GetVarTracker()->ReleaseVar(session_id_var);
+  HostGlobals::Get()->GetVarTracker()->ReleaseVar(default_url_var);

[dmichael (off chromium), 2012/07/31 03:36:31]

Like above, you probably shouldn't release the vars here (here and elsewhere)

[Tom Finegan, 2012/08/02 01:12:04]

Done.

+
+  // Release the PP_Resource.
+  // TODO(tomfinegan): Confirm that the buffer is freed.
+  HostGlobals::Get()->GetResourceTracker()->ReleaseResource(message_resource);

[dmichael (off chromium), 2012/07/31 03:36:31]

As with Vars, I don't think you want to release the plugin's reference to the
Resource (here and elsewhere)

[Tom Finegan, 2012/08/02 01:12:04]

Done.

+}
+
+void PluginInstance::KeyError(PP_Instance instance,
+                              PP_Var key_system_var,
+                              PP_Var session_id_var,
+                              uint16_t media_error,
+                              uint16_t system_error) {
+  StringVar* key_system_string = StringVar::FromPPVar(key_system_var);
+  StringVar* session_id_string = StringVar::FromPPVar(session_id_var);
+
+  HostGlobals::Get()->GetVarTracker()->ReleaseVar(key_system_var);
+  HostGlobals::Get()->GetVarTracker()->ReleaseVar(session_id_var);
+}
+
+void PluginInstance::DeliverBlock(PP_Instance instance,
+                                  PP_Resource decrypted_block,
+                                  PP_CompletionCallback callback) {
+  // TODO(tomfinegan): Determine where |decrypted_block| goes, and what
+  // callback actually is (callback will likely be the result of some
+  // base::Bind usage in the media stack. Hash this out with xhwang.
+  //
+  HostGlobals::Get()->GetResourceTracker()->ReleaseResource(decrypted_block);
+}
+
+void PluginInstance::DeliverFrame(PP_Instance instance,
+                                  PP_Resource decrypted_frame,
+                                  PP_CompletionCallback callback) {
+  // Not implemented in v0.1 of the EME/CDM work.

[dmichael (off chromium), 2012/07/31 03:36:31]

TODO might still be good, so curious people know whom to ask about it

[Tom Finegan, 2012/08/02 01:12:04]

Done.

+}
+
+void PluginInstance::DeliverSamples(PP_Instance instance,
+                                    PP_Resource decrypted_samples,
+                                    PP_CompletionCallback callback) {
+  // Not implemented in v0.1 of the EME/CDM work.
+}
+
+
 void PluginInstance::NumberOfFindResultsChanged(PP_Instance instance,
                                                 int32_t total,
                                                 PP_Bool final_result) {