Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(209)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: media/crypto/aes_decryptor.h

Issue 10807003: Revert 147169 - Add support for encrypted WebM files as defined in the RFC. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 8 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « media/base/decrypt_config.cc ('k') | media/crypto/aes_decryptor.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef MEDIA_CRYPTO_AES_DECRYPTOR_H_ 5 #ifndef MEDIA_CRYPTO_AES_DECRYPTOR_H_
6 #define MEDIA_CRYPTO_AES_DECRYPTOR_H_ 6 #define MEDIA_CRYPTO_AES_DECRYPTOR_H_
7 7
8 #include <string> 8 #include <string>
9 9
10 #include "base/basictypes.h" 10 #include "base/basictypes.h"
11 #include "base/hash_tables.h" 11 #include "base/hash_tables.h"
12 #include "base/memory/ref_counted.h" 12 #include "base/memory/ref_counted.h"
13 #include "base/memory/scoped_ptr.h"
14 #include "base/string_piece.h"
15 #include "base/synchronization/lock.h" 13 #include "base/synchronization/lock.h"
16 #include "media/base/decryptor.h" 14 #include "media/base/decryptor.h"
17 #include "media/base/media_export.h" 15 #include "media/base/media_export.h"
18 16
19 namespace crypto { 17 namespace crypto {
20 class SymmetricKey; 18 class SymmetricKey;
21 } 19 }
22 20
23 namespace media { 21 namespace media {
24 22
25 class DecryptorClient; 23 class DecryptorClient;
26 24
27 // Decrypts an AES encrypted buffer into an unencrypted buffer. The AES 25 // Decryptor implementation that decrypts AES-encrypted buffer.
28 // encryption must be CTR with a key size of 128bits. Optionally checks the
29 // integrity of the encrypted data.
30 class MEDIA_EXPORT AesDecryptor : public Decryptor { 26 class MEDIA_EXPORT AesDecryptor : public Decryptor {
31 public: 27 public:
32 // The AesDecryptor does not take ownership of the |client|. The |client| 28 // The AesDecryptor does not take ownership of the |client|. The |client|
33 // must be valid throughout the lifetime of the AesDecryptor. 29 // must be valid throughout the lifetime of the AesDecryptor.
34 explicit AesDecryptor(DecryptorClient* client); 30 explicit AesDecryptor(DecryptorClient* client);
35 virtual ~AesDecryptor(); 31 virtual ~AesDecryptor();
36 32
37 // Decryptor implementation. 33 // Decryptor implementation.
38 virtual void GenerateKeyRequest(const std::string& key_system, 34 virtual void GenerateKeyRequest(const std::string& key_system,
39 const uint8* init_data, 35 const uint8* init_data,
40 int init_data_length) OVERRIDE; 36 int init_data_length) OVERRIDE;
41 virtual void AddKey(const std::string& key_system, 37 virtual void AddKey(const std::string& key_system,
42 const uint8* key, 38 const uint8* key,
43 int key_length, 39 int key_length,
44 const uint8* init_data, 40 const uint8* init_data,
45 int init_data_length, 41 int init_data_length,
46 const std::string& session_id) OVERRIDE; 42 const std::string& session_id) OVERRIDE;
47 virtual void CancelKeyRequest(const std::string& key_system, 43 virtual void CancelKeyRequest(const std::string& key_system,
48 const std::string& session_id) OVERRIDE; 44 const std::string& session_id) OVERRIDE;
49 // Decrypts |encrypted| buffer. |encrypted| should not be NULL. |encrypted|
50 // will signal if an integrity check must be performed before decryption.
51 // Returns a DecoderBuffer with the decrypted data if the decryption
52 // succeeded through |decrypt_cb|.
53 virtual void Decrypt(const scoped_refptr<DecoderBuffer>& encrypted, 45 virtual void Decrypt(const scoped_refptr<DecoderBuffer>& encrypted,
54 const DecryptCB& decrypt_cb) OVERRIDE; 46 const DecryptCB& decrypt_cb) OVERRIDE;
55 47
56 private: 48 private:
57 // Helper class that manages the decryption key and HMAC key. The HMAC key 49 // KeyMap owns the crypto::SymmetricKey* and must delete them when they are
58 // may be NULL.
59 class DecryptionKey {
60 public:
61 explicit DecryptionKey(const std::string& secret);
62 ~DecryptionKey();
63
64 // Creates the encryption key and HMAC. If |derive_webm_keys| is true then
65 // the object will derive the decryption key and the HMAC key from
66 // |secret_|.
67 bool Init(bool derive_webm_keys);
68
69 crypto::SymmetricKey* decryption_key() { return decryption_key_.get(); }
70 base::StringPiece hmac_key() { return base::StringPiece(hmac_key_); }
71
72 private:
73 // The base secret that is used to derive the decryption key and optionally
74 // the HMAC key.
75 const std::string secret_;
76
77 // The key used to decrypt the data.
78 scoped_ptr<crypto::SymmetricKey> decryption_key_;
79
80 // The key used to perform the integrity check. Currently the HMAC key is
81 // defined by the WebM encrypted specification. Current encrypted WebM
82 // request for comments specification is here
83 // http://wiki.webmproject.org/encryption/webm-encryption-rfc
84 std::string hmac_key_;
85
86 DISALLOW_COPY_AND_ASSIGN(DecryptionKey);
87 };
88
89 // KeyMap owns the DecryptionKey* and must delete them when they are
90 // not needed any more. 50 // not needed any more.
91 typedef base::hash_map<std::string, DecryptionKey*> KeyMap; 51 typedef base::hash_map<std::string, crypto::SymmetricKey*> KeyMap;
92 52
93 // Since only Decrypt() is called off the renderer thread, we only need to 53 // Since only Decrypt() is called off the renderer thread, we only need to
94 // protect |key_map_|, the only member variable that is shared between 54 // protect |key_map_|, the only member variable that is shared between
95 // Decrypt() and other methods. 55 // Decrypt() and other methods.
96 KeyMap key_map_; // Protected by the |key_map_lock_|. 56 KeyMap key_map_; // Protected by the |key_map_lock_|.
97 base::Lock key_map_lock_; // Protects the |key_map_|. 57 base::Lock key_map_lock_; // Protects the |key_map_|.
98 58
99 // Make session ID unique per renderer by making it static. 59 // Make session ID unique per renderer by making it static.
100 // TODO(xhwang): Make session ID more strictly defined if needed: 60 // TODO(xhwang): Make session ID more strictly defined if needed:
101 // https://www.w3.org/Bugs/Public/show_bug.cgi?id=16739#c0 61 // https://www.w3.org/Bugs/Public/show_bug.cgi?id=16739#c0
102 static uint32 next_session_id_; 62 static uint32 next_session_id_;
103 63
104 DecryptorClient* const client_; 64 DecryptorClient* const client_;
105 65
106 DISALLOW_COPY_AND_ASSIGN(AesDecryptor); 66 DISALLOW_COPY_AND_ASSIGN(AesDecryptor);
107 }; 67 };
108 68
109 } // namespace media 69 } // namespace media
110 70
111 #endif // MEDIA_CRYPTO_AES_DECRYPTOR_H_ 71 #endif // MEDIA_CRYPTO_AES_DECRYPTOR_H_
OLDNEW
« no previous file with comments | « media/base/decrypt_config.cc ('k') | media/crypto/aes_decryptor.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698