OLD | NEW |
| (Empty) |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include <string> | |
6 #include <vector> | |
7 | |
8 #include "base/basictypes.h" | |
9 #include "base/bind.h" | |
10 #include "media/base/decoder_buffer.h" | |
11 #include "media/base/decrypt_config.h" | |
12 #include "media/base/mock_filters.h" | |
13 #include "media/crypto/aes_decryptor.h" | |
14 #include "media/webm/webm_constants.h" | |
15 #include "testing/gmock/include/gmock/gmock.h" | |
16 #include "testing/gtest/include/gtest/gtest.h" | |
17 | |
18 using ::testing::_; | |
19 using ::testing::ElementsAreArray; | |
20 using ::testing::Gt; | |
21 using ::testing::IsNull; | |
22 using ::testing::NotNull; | |
23 using ::testing::SaveArg; | |
24 using ::testing::StrEq; | |
25 using ::testing::StrNe; | |
26 | |
27 MATCHER(IsEmpty, "") { return arg.empty(); } | |
28 | |
29 namespace media { | |
30 | |
31 // |encrypted_data| is encrypted from |plain_text| using |key|. |key_id| is | |
32 // used to distinguish |key|. | |
33 struct WebmEncryptedData { | |
34 uint8 plain_text[32]; | |
35 int plain_text_size; | |
36 uint8 key_id[32]; | |
37 int key_id_size; | |
38 uint8 key[32]; | |
39 int key_size; | |
40 uint8 encrypted_data[64]; | |
41 int encrypted_data_size; | |
42 }; | |
43 | |
44 static const char kClearKeySystem[] = "org.w3.clearkey"; | |
45 | |
46 // Frames 0 & 1 are encrypted with the same key. Frame 2 is encrypted with a | |
47 // different key. Frame 3 is unencrypted. | |
48 const WebmEncryptedData kWebmEncryptedFrames[] = { | |
49 { | |
50 // plaintext | |
51 "Original data.", 14, | |
52 // key_id | |
53 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | |
54 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | |
55 0x10, 0x11, 0x12, 0x13 | |
56 }, 20, | |
57 // key | |
58 { 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, | |
59 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23 | |
60 }, 16, | |
61 // encrypted_data | |
62 { 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, | |
63 0xff, 0xf0, 0xd1, 0x12, 0xd5, 0x24, 0x81, 0x96, | |
64 0x55, 0x1b, 0x68, 0x9f, 0x38, 0x91, 0x85 | |
65 }, 23 | |
66 }, { | |
67 // plaintext | |
68 "Changed Original data.", 22, | |
69 // key_id | |
70 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | |
71 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | |
72 0x10, 0x11, 0x12, 0x13 | |
73 }, 20, | |
74 // key | |
75 { 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, | |
76 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23 | |
77 }, 16, | |
78 // encrypted_data | |
79 { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
80 0x00, 0x57, 0x66, 0xf4, 0x12, 0x1a, 0xed, 0xb5, | |
81 0x79, 0x1c, 0x8e, 0x25, 0xd7, 0x17, 0xe7, 0x5e, | |
82 0x16, 0xe3, 0x40, 0x08, 0x27, 0x11, 0xe9 | |
83 }, 31 | |
84 }, { | |
85 // plaintext | |
86 "Original data.", 14, | |
87 // key_id | |
88 { 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, | |
89 0x2c, 0x2d, 0x2e, 0x2f, 0x30 | |
90 }, 13, | |
91 // key | |
92 { 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, | |
93 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40 | |
94 }, 16, | |
95 // encrypted_data | |
96 { 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
97 0x00, 0x9c, 0x71, 0x26, 0x57, 0x3e, 0x25, 0x37, | |
98 0xf7, 0x31, 0x81, 0x19, 0x64, 0xce, 0xbc | |
99 }, 23 | |
100 }, { | |
101 // plaintext | |
102 "Changed Original data.", 22, | |
103 // key_id | |
104 { 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, | |
105 0x2c, 0x2d, 0x2e, 0x2f, 0x30 | |
106 }, 13, | |
107 // key | |
108 { 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, | |
109 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40 | |
110 }, 16, | |
111 // encrypted_data | |
112 { 0x00, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x64, | |
113 0x20, 0x4f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, | |
114 0x6c, 0x20, 0x64, 0x61, 0x74, 0x61, 0x2e | |
115 }, 23 | |
116 } | |
117 }; | |
118 | |
119 static const uint8 kWebmWrongSizedKey[] = { 0x20, 0x20 }; | |
120 | |
121 static const uint8 kSubsampleOriginalData[] = "Original subsample data."; | |
122 static const int kSubsampleOriginalDataSize = 24; | |
123 | |
124 static const uint8 kSubsampleKeyId[] = { 0x00, 0x01, 0x02, 0x03 }; | |
125 | |
126 static const uint8 kSubsampleKey[] = { | |
127 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, | |
128 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13 | |
129 }; | |
130 | |
131 static const uint8 kSubsampleIv[] = { | |
132 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, | |
133 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 | |
134 }; | |
135 | |
136 // kSubsampleOriginalData encrypted with kSubsampleKey and kSubsampleIv using | |
137 // kSubsampleEntriesNormal. | |
138 static const uint8 kSubsampleEncryptedData[] = { | |
139 0x4f, 0x72, 0x09, 0x16, 0x09, 0xe6, 0x79, 0xad, | |
140 0x70, 0x73, 0x75, 0x62, 0x09, 0xbb, 0x83, 0x1d, | |
141 0x4d, 0x08, 0xd7, 0x78, 0xa4, 0xa7, 0xf1, 0x2e | |
142 }; | |
143 | |
144 // kSubsampleEncryptedData with 8 bytes padding at the beginning. | |
145 static const uint8 kPaddedSubsampleEncryptedData[] = { | |
146 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | |
147 0x4f, 0x72, 0x09, 0x16, 0x09, 0xe6, 0x79, 0xad, | |
148 0x70, 0x73, 0x75, 0x62, 0x09, 0xbb, 0x83, 0x1d, | |
149 0x4d, 0x08, 0xd7, 0x78, 0xa4, 0xa7, 0xf1, 0x2e | |
150 }; | |
151 | |
152 // kSubsampleOriginalData encrypted with kSubsampleKey and kSubsampleIv but | |
153 // without any subsamples (or equivalently using kSubsampleEntriesCypherOnly). | |
154 static const uint8 kEncryptedData[] = { | |
155 0x2f, 0x03, 0x09, 0xef, 0x71, 0xaf, 0x31, 0x16, | |
156 0xfa, 0x9d, 0x18, 0x43, 0x1e, 0x96, 0x71, 0xb5, | |
157 0xbf, 0xf5, 0x30, 0x53, 0x9a, 0x20, 0xdf, 0x95 | |
158 }; | |
159 | |
160 // Subsample entries for testing. The sum of |cypher_bytes| and |clear_bytes| of | |
161 // all entries must be equal to kSubsampleOriginalDataSize to make the subsample | |
162 // entries valid. | |
163 | |
164 static const SubsampleEntry kSubsampleEntriesNormal[] = { | |
165 { 2, 7 }, | |
166 { 3, 11 }, | |
167 { 1, 0 } | |
168 }; | |
169 | |
170 static const SubsampleEntry kSubsampleEntriesClearOnly[] = { | |
171 { 7, 0 }, | |
172 { 8, 0 }, | |
173 { 9, 0 } | |
174 }; | |
175 | |
176 static const SubsampleEntry kSubsampleEntriesCypherOnly[] = { | |
177 { 0, 6 }, | |
178 { 0, 8 }, | |
179 { 0, 10 } | |
180 }; | |
181 | |
182 // Generates a 16 byte CTR counter block. The CTR counter block format is a | |
183 // CTR IV appended with a CTR block counter. |iv| is an 8 byte CTR IV. | |
184 // |iv_size| is the size of |iv| in bytes. Returns a string of | |
185 // kDecryptionKeySize bytes. | |
186 static std::string GenerateCounterBlock(const uint8* iv, int iv_size) { | |
187 CHECK_GT(iv_size, 0); | |
188 CHECK_LE(iv_size, DecryptConfig::kDecryptionKeySize); | |
189 | |
190 std::string counter_block(reinterpret_cast<const char*>(iv), iv_size); | |
191 counter_block.append(DecryptConfig::kDecryptionKeySize - iv_size, 0); | |
192 return counter_block; | |
193 } | |
194 | |
195 // Creates a WebM encrypted buffer that the demuxer would pass to the | |
196 // decryptor. |data| is the payload of a WebM encrypted Block. |key_id| is | |
197 // initialization data from the WebM file. Every encrypted Block has | |
198 // a signal byte prepended to a frame. If the frame is encrypted then an IV is | |
199 // prepended to the Block. Current encrypted WebM request for comments | |
200 // specification is here | |
201 // http://wiki.webmproject.org/encryption/webm-encryption-rfc | |
202 static scoped_refptr<DecoderBuffer> CreateWebMEncryptedBuffer( | |
203 const uint8* data, int data_size, | |
204 const uint8* key_id, int key_id_size) { | |
205 scoped_refptr<DecoderBuffer> encrypted_buffer = DecoderBuffer::CopyFrom( | |
206 data, data_size); | |
207 CHECK(encrypted_buffer.get()); | |
208 DCHECK_EQ(kWebMSignalByteSize, 1); | |
209 | |
210 uint8 signal_byte = data[0]; | |
211 int data_offset = kWebMSignalByteSize; | |
212 | |
213 // Setting the DecryptConfig object of the buffer while leaving the | |
214 // initialization vector empty will tell the decryptor that the frame is | |
215 // unencrypted. | |
216 std::string counter_block_str; | |
217 | |
218 if (signal_byte & kWebMFlagEncryptedFrame) { | |
219 counter_block_str = GenerateCounterBlock(data + data_offset, kWebMIvSize); | |
220 data_offset += kWebMIvSize; | |
221 } | |
222 | |
223 encrypted_buffer->set_decrypt_config( | |
224 scoped_ptr<DecryptConfig>(new DecryptConfig( | |
225 std::string(reinterpret_cast<const char*>(key_id), key_id_size), | |
226 counter_block_str, | |
227 data_offset, | |
228 std::vector<SubsampleEntry>()))); | |
229 return encrypted_buffer; | |
230 } | |
231 | |
232 // TODO(xhwang): Refactor this function to encapsulate more details about | |
233 // creating an encrypted DecoderBuffer with subsamples so we don't have so much | |
234 // boilerplate code in each test before calling this function. | |
235 static scoped_refptr<DecoderBuffer> CreateSubsampleEncryptedBuffer( | |
236 const uint8* data, int data_size, | |
237 const uint8* key_id, int key_id_size, | |
238 const uint8* iv, int iv_size, | |
239 int data_offset, | |
240 const std::vector<SubsampleEntry>& subsample_entries) { | |
241 scoped_refptr<DecoderBuffer> encrypted_buffer = | |
242 DecoderBuffer::CopyFrom(data, data_size); | |
243 CHECK(encrypted_buffer.get()); | |
244 encrypted_buffer->set_decrypt_config( | |
245 scoped_ptr<DecryptConfig>(new DecryptConfig( | |
246 std::string(reinterpret_cast<const char*>(key_id), key_id_size), | |
247 std::string(reinterpret_cast<const char*>(iv), iv_size), | |
248 data_offset, | |
249 subsample_entries))); | |
250 return encrypted_buffer; | |
251 } | |
252 | |
253 class AesDecryptorTest : public testing::Test { | |
254 public: | |
255 AesDecryptorTest() | |
256 : decryptor_( | |
257 base::Bind(&AesDecryptorTest::KeyAdded, base::Unretained(this)), | |
258 base::Bind(&AesDecryptorTest::KeyError, base::Unretained(this)), | |
259 base::Bind(&AesDecryptorTest::KeyMessage, base::Unretained(this))), | |
260 decrypt_cb_(base::Bind(&AesDecryptorTest::BufferDecrypted, | |
261 base::Unretained(this))), | |
262 subsample_entries_normal_( | |
263 kSubsampleEntriesNormal, | |
264 kSubsampleEntriesNormal + arraysize(kSubsampleEntriesNormal)) { | |
265 } | |
266 | |
267 protected: | |
268 void GenerateKeyRequest(const uint8* key_id, int key_id_size) { | |
269 EXPECT_CALL(*this, KeyMessage( | |
270 StrNe(std::string()), ElementsAreArray(key_id, key_id_size), "")) | |
271 .WillOnce(SaveArg<0>(&session_id_string_)); | |
272 EXPECT_TRUE(decryptor_.GenerateKeyRequest( | |
273 std::string(), key_id, key_id_size)); | |
274 } | |
275 | |
276 void AddKeyAndExpectToSucceed(const uint8* key_id, int key_id_size, | |
277 const uint8* key, int key_size) { | |
278 EXPECT_CALL(*this, KeyAdded(session_id_string_)); | |
279 decryptor_.AddKey(key, key_size, key_id, key_id_size, | |
280 session_id_string_); | |
281 } | |
282 | |
283 void AddKeyAndExpectToFail(const uint8* key_id, int key_id_size, | |
284 const uint8* key, int key_size) { | |
285 EXPECT_CALL(*this, KeyError(session_id_string_, | |
286 MediaKeys::kUnknownError, 0)); | |
287 decryptor_.AddKey(key, key_size, key_id, key_id_size, session_id_string_); | |
288 } | |
289 | |
290 MOCK_METHOD2(BufferDecrypted, void(Decryptor::Status, | |
291 const scoped_refptr<DecoderBuffer>&)); | |
292 | |
293 void DecryptAndExpectToSucceed(const scoped_refptr<DecoderBuffer>& encrypted, | |
294 const uint8* plain_text, int plain_text_size) { | |
295 scoped_refptr<DecoderBuffer> decrypted; | |
296 EXPECT_CALL(*this, BufferDecrypted(AesDecryptor::kSuccess, NotNull())) | |
297 .WillOnce(SaveArg<1>(&decrypted)); | |
298 | |
299 decryptor_.Decrypt(Decryptor::kVideo, encrypted, decrypt_cb_); | |
300 ASSERT_TRUE(decrypted.get()); | |
301 ASSERT_EQ(plain_text_size, decrypted->data_size()); | |
302 EXPECT_EQ(0, memcmp(plain_text, decrypted->data(), plain_text_size)); | |
303 } | |
304 | |
305 void DecryptAndExpectDataMismatch( | |
306 const scoped_refptr<DecoderBuffer>& encrypted, | |
307 const uint8* plain_text, int plain_text_size) { | |
308 scoped_refptr<DecoderBuffer> decrypted; | |
309 EXPECT_CALL(*this, BufferDecrypted(AesDecryptor::kSuccess, NotNull())) | |
310 .WillOnce(SaveArg<1>(&decrypted)); | |
311 | |
312 decryptor_.Decrypt(Decryptor::kVideo, encrypted, decrypt_cb_); | |
313 ASSERT_TRUE(decrypted.get()); | |
314 ASSERT_EQ(plain_text_size, decrypted->data_size()); | |
315 EXPECT_NE(0, memcmp(plain_text, decrypted->data(), plain_text_size)); | |
316 } | |
317 | |
318 void DecryptAndExpectSizeDataMismatch( | |
319 const scoped_refptr<DecoderBuffer>& encrypted, | |
320 const uint8* plain_text, int plain_text_size) { | |
321 scoped_refptr<DecoderBuffer> decrypted; | |
322 EXPECT_CALL(*this, BufferDecrypted(AesDecryptor::kSuccess, NotNull())) | |
323 .WillOnce(SaveArg<1>(&decrypted)); | |
324 | |
325 decryptor_.Decrypt(Decryptor::kVideo, encrypted, decrypt_cb_); | |
326 ASSERT_TRUE(decrypted.get()); | |
327 EXPECT_NE(plain_text_size, decrypted->data_size()); | |
328 EXPECT_NE(0, memcmp(plain_text, decrypted->data(), plain_text_size)); | |
329 } | |
330 | |
331 void DecryptAndExpectToFail(const scoped_refptr<DecoderBuffer>& encrypted) { | |
332 EXPECT_CALL(*this, BufferDecrypted(AesDecryptor::kError, IsNull())); | |
333 decryptor_.Decrypt(Decryptor::kVideo, encrypted, decrypt_cb_); | |
334 } | |
335 | |
336 MOCK_METHOD1(KeyAdded, void(const std::string&)); | |
337 MOCK_METHOD3(KeyError, void(const std::string&, | |
338 MediaKeys::KeyError, int)); | |
339 MOCK_METHOD3(KeyMessage, void(const std::string& session_id, | |
340 const std::vector<uint8>& message, | |
341 const std::string& default_url)); | |
342 | |
343 AesDecryptor decryptor_; | |
344 std::string session_id_string_; | |
345 AesDecryptor::DecryptCB decrypt_cb_; | |
346 std::vector<SubsampleEntry> subsample_entries_normal_; | |
347 }; | |
348 | |
349 TEST_F(AesDecryptorTest, GenerateKeyRequestWithNullInitData) { | |
350 EXPECT_CALL(*this, KeyMessage(StrNe(std::string()), IsEmpty(), "")); | |
351 EXPECT_TRUE(decryptor_.GenerateKeyRequest(std::string(), NULL, 0)); | |
352 } | |
353 | |
354 TEST_F(AesDecryptorTest, NormalWebMDecryption) { | |
355 const WebmEncryptedData& frame = kWebmEncryptedFrames[0]; | |
356 GenerateKeyRequest(frame.key_id, frame.key_id_size); | |
357 AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size, | |
358 frame.key, frame.key_size); | |
359 scoped_refptr<DecoderBuffer> encrypted_data = | |
360 CreateWebMEncryptedBuffer(frame.encrypted_data, | |
361 frame.encrypted_data_size, | |
362 frame.key_id, frame.key_id_size); | |
363 ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(encrypted_data, | |
364 frame.plain_text, | |
365 frame.plain_text_size)); | |
366 } | |
367 | |
368 TEST_F(AesDecryptorTest, UnencryptedFrameWebMDecryption) { | |
369 const WebmEncryptedData& frame = kWebmEncryptedFrames[3]; | |
370 GenerateKeyRequest(frame.key_id, frame.key_id_size); | |
371 AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size, | |
372 frame.key, frame.key_size); | |
373 scoped_refptr<DecoderBuffer> encrypted_data = | |
374 CreateWebMEncryptedBuffer(frame.encrypted_data, | |
375 frame.encrypted_data_size, | |
376 frame.key_id, frame.key_id_size); | |
377 ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(encrypted_data, | |
378 frame.plain_text, | |
379 frame.plain_text_size)); | |
380 } | |
381 | |
382 TEST_F(AesDecryptorTest, WrongKey) { | |
383 const WebmEncryptedData& frame = kWebmEncryptedFrames[0]; | |
384 GenerateKeyRequest(frame.key_id, frame.key_id_size); | |
385 | |
386 // Change the first byte of the key. | |
387 std::vector<uint8> wrong_key(frame.key, frame.key + frame.key_size); | |
388 wrong_key[0]++; | |
389 | |
390 AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size, | |
391 &wrong_key[0], frame.key_size); | |
392 scoped_refptr<DecoderBuffer> encrypted_data = | |
393 CreateWebMEncryptedBuffer(frame.encrypted_data, | |
394 frame.encrypted_data_size, | |
395 frame.key_id, frame.key_id_size); | |
396 ASSERT_NO_FATAL_FAILURE(DecryptAndExpectDataMismatch(encrypted_data, | |
397 frame.plain_text, | |
398 frame.plain_text_size)); | |
399 } | |
400 | |
401 TEST_F(AesDecryptorTest, NoKey) { | |
402 const WebmEncryptedData& frame = kWebmEncryptedFrames[0]; | |
403 GenerateKeyRequest(frame.key_id, frame.key_id_size); | |
404 | |
405 scoped_refptr<DecoderBuffer> encrypted_data = | |
406 CreateWebMEncryptedBuffer(frame.encrypted_data, frame.encrypted_data_size, | |
407 frame.key_id, frame.key_id_size); | |
408 EXPECT_CALL(*this, BufferDecrypted(AesDecryptor::kNoKey, IsNull())); | |
409 decryptor_.Decrypt(Decryptor::kVideo, encrypted_data, decrypt_cb_); | |
410 } | |
411 | |
412 TEST_F(AesDecryptorTest, KeyReplacement) { | |
413 const WebmEncryptedData& frame = kWebmEncryptedFrames[0]; | |
414 GenerateKeyRequest(frame.key_id, frame.key_id_size); | |
415 | |
416 // Change the first byte of the key. | |
417 std::vector<uint8> wrong_key(frame.key, frame.key + frame.key_size); | |
418 wrong_key[0]++; | |
419 | |
420 AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size, | |
421 &wrong_key[0], frame.key_size); | |
422 scoped_refptr<DecoderBuffer> encrypted_data = | |
423 CreateWebMEncryptedBuffer(frame.encrypted_data, | |
424 frame.encrypted_data_size, | |
425 frame.key_id, frame.key_id_size); | |
426 ASSERT_NO_FATAL_FAILURE(DecryptAndExpectDataMismatch(encrypted_data, | |
427 frame.plain_text, | |
428 frame.plain_text_size)); | |
429 AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size, | |
430 frame.key, frame.key_size); | |
431 ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(encrypted_data, | |
432 frame.plain_text, | |
433 frame.plain_text_size)); | |
434 } | |
435 | |
436 TEST_F(AesDecryptorTest, WrongSizedKey) { | |
437 const WebmEncryptedData& frame = kWebmEncryptedFrames[0]; | |
438 GenerateKeyRequest(frame.key_id, frame.key_id_size); | |
439 AddKeyAndExpectToFail(frame.key_id, frame.key_id_size, | |
440 kWebmWrongSizedKey, arraysize(kWebmWrongSizedKey)); | |
441 } | |
442 | |
443 TEST_F(AesDecryptorTest, MultipleKeysAndFrames) { | |
444 const WebmEncryptedData& frame = kWebmEncryptedFrames[0]; | |
445 GenerateKeyRequest(frame.key_id, frame.key_id_size); | |
446 AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size, | |
447 frame.key, frame.key_size); | |
448 scoped_refptr<DecoderBuffer> encrypted_data = | |
449 CreateWebMEncryptedBuffer(frame.encrypted_data, | |
450 frame.encrypted_data_size, | |
451 frame.key_id, frame.key_id_size); | |
452 ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(encrypted_data, | |
453 frame.plain_text, | |
454 frame.plain_text_size)); | |
455 | |
456 const WebmEncryptedData& frame2 = kWebmEncryptedFrames[2]; | |
457 GenerateKeyRequest(frame2.key_id, frame2.key_id_size); | |
458 AddKeyAndExpectToSucceed(frame2.key_id, frame2.key_id_size, | |
459 frame2.key, frame2.key_size); | |
460 | |
461 const WebmEncryptedData& frame1 = kWebmEncryptedFrames[1]; | |
462 scoped_refptr<DecoderBuffer> encrypted_data1 = | |
463 CreateWebMEncryptedBuffer(frame1.encrypted_data, | |
464 frame1.encrypted_data_size, | |
465 frame1.key_id, frame1.key_id_size); | |
466 ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(encrypted_data1, | |
467 frame1.plain_text, | |
468 frame1.plain_text_size)); | |
469 | |
470 scoped_refptr<DecoderBuffer> encrypted_data2 = | |
471 CreateWebMEncryptedBuffer(frame2.encrypted_data, | |
472 frame2.encrypted_data_size, | |
473 frame2.key_id, frame2.key_id_size); | |
474 ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(encrypted_data2, | |
475 frame2.plain_text, | |
476 frame2.plain_text_size)); | |
477 } | |
478 | |
479 TEST_F(AesDecryptorTest, CorruptedIv) { | |
480 const WebmEncryptedData& frame = kWebmEncryptedFrames[0]; | |
481 GenerateKeyRequest(frame.key_id, frame.key_id_size); | |
482 AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size, | |
483 frame.key, frame.key_size); | |
484 | |
485 // Change byte 13 to modify the IV. Bytes 13-20 of WebM encrypted data | |
486 // contains the IV. | |
487 std::vector<uint8> frame_with_bad_iv( | |
488 frame.encrypted_data, frame.encrypted_data + frame.encrypted_data_size); | |
489 frame_with_bad_iv[1]++; | |
490 | |
491 scoped_refptr<DecoderBuffer> encrypted_data = | |
492 CreateWebMEncryptedBuffer(&frame_with_bad_iv[0], | |
493 frame.encrypted_data_size, | |
494 frame.key_id, frame.key_id_size); | |
495 ASSERT_NO_FATAL_FAILURE(DecryptAndExpectDataMismatch(encrypted_data, | |
496 frame.plain_text, | |
497 frame.plain_text_size)); | |
498 } | |
499 | |
500 TEST_F(AesDecryptorTest, CorruptedData) { | |
501 const WebmEncryptedData& frame = kWebmEncryptedFrames[0]; | |
502 GenerateKeyRequest(frame.key_id, frame.key_id_size); | |
503 AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size, | |
504 frame.key, frame.key_size); | |
505 | |
506 // Change last byte to modify the data. Bytes 21+ of WebM encrypted data | |
507 // contains the encrypted frame. | |
508 std::vector<uint8> frame_with_bad_vp8_data( | |
509 frame.encrypted_data, frame.encrypted_data + frame.encrypted_data_size); | |
510 frame_with_bad_vp8_data[frame.encrypted_data_size - 1]++; | |
511 | |
512 scoped_refptr<DecoderBuffer> encrypted_data = | |
513 CreateWebMEncryptedBuffer(&frame_with_bad_vp8_data[0], | |
514 frame.encrypted_data_size, | |
515 frame.key_id, frame.key_id_size); | |
516 ASSERT_NO_FATAL_FAILURE(DecryptAndExpectDataMismatch(encrypted_data, | |
517 frame.plain_text, | |
518 frame.plain_text_size)); | |
519 } | |
520 | |
521 TEST_F(AesDecryptorTest, EncryptedAsUnencryptedFailure) { | |
522 const WebmEncryptedData& frame = kWebmEncryptedFrames[0]; | |
523 GenerateKeyRequest(frame.key_id, frame.key_id_size); | |
524 AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size, | |
525 frame.key, frame.key_size); | |
526 | |
527 // Change signal byte from an encrypted frame to an unencrypted frame. Byte | |
528 // 12 of WebM encrypted data contains the signal byte. | |
529 std::vector<uint8> frame_with_wrong_signal_byte( | |
530 frame.encrypted_data, frame.encrypted_data + frame.encrypted_data_size); | |
531 frame_with_wrong_signal_byte[0] = 0; | |
532 | |
533 scoped_refptr<DecoderBuffer> encrypted_data = | |
534 CreateWebMEncryptedBuffer(&frame_with_wrong_signal_byte[0], | |
535 frame.encrypted_data_size, | |
536 frame.key_id, frame.key_id_size); | |
537 ASSERT_NO_FATAL_FAILURE( | |
538 DecryptAndExpectSizeDataMismatch(encrypted_data, | |
539 frame.plain_text, | |
540 frame.plain_text_size)); | |
541 } | |
542 | |
543 TEST_F(AesDecryptorTest, UnencryptedAsEncryptedFailure) { | |
544 const WebmEncryptedData& frame = kWebmEncryptedFrames[3]; | |
545 GenerateKeyRequest(frame.key_id, frame.key_id_size); | |
546 AddKeyAndExpectToSucceed(frame.key_id, frame.key_id_size, | |
547 frame.key, frame.key_size); | |
548 | |
549 // Change signal byte from an unencrypted frame to an encrypted frame. Byte | |
550 // 0 of WebM encrypted data contains the signal byte. | |
551 std::vector<uint8> frame_with_wrong_signal_byte( | |
552 frame.encrypted_data, frame.encrypted_data + frame.encrypted_data_size); | |
553 frame_with_wrong_signal_byte[0] = kWebMFlagEncryptedFrame; | |
554 | |
555 scoped_refptr<DecoderBuffer> encrypted_data = | |
556 CreateWebMEncryptedBuffer(&frame_with_wrong_signal_byte[0], | |
557 frame.encrypted_data_size, | |
558 frame.key_id, frame.key_id_size); | |
559 ASSERT_NO_FATAL_FAILURE( | |
560 DecryptAndExpectSizeDataMismatch(encrypted_data, | |
561 frame.plain_text, | |
562 frame.plain_text_size)); | |
563 } | |
564 | |
565 TEST_F(AesDecryptorTest, SubsampleDecryption) { | |
566 GenerateKeyRequest(kSubsampleKeyId, arraysize(kSubsampleKeyId)); | |
567 AddKeyAndExpectToSucceed(kSubsampleKeyId, arraysize(kSubsampleKeyId), | |
568 kSubsampleKey, arraysize(kSubsampleKey)); | |
569 scoped_refptr<DecoderBuffer> encrypted_data = CreateSubsampleEncryptedBuffer( | |
570 kSubsampleEncryptedData, arraysize(kSubsampleEncryptedData), | |
571 kSubsampleKeyId, arraysize(kSubsampleKeyId), | |
572 kSubsampleIv, arraysize(kSubsampleIv), | |
573 0, | |
574 subsample_entries_normal_); | |
575 ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed( | |
576 encrypted_data, kSubsampleOriginalData, kSubsampleOriginalDataSize)); | |
577 } | |
578 | |
579 // Ensures noninterference of data offset and subsample mechanisms. We never | |
580 // expect to encounter this in the wild, but since the DecryptConfig doesn't | |
581 // disallow such a configuration, it should be covered. | |
582 TEST_F(AesDecryptorTest, SubsampleDecryptionWithOffset) { | |
583 GenerateKeyRequest(kSubsampleKeyId, arraysize(kSubsampleKeyId)); | |
584 AddKeyAndExpectToSucceed(kSubsampleKeyId, arraysize(kSubsampleKeyId), | |
585 kSubsampleKey, arraysize(kSubsampleKey)); | |
586 scoped_refptr<DecoderBuffer> encrypted_data = CreateSubsampleEncryptedBuffer( | |
587 kPaddedSubsampleEncryptedData, arraysize(kPaddedSubsampleEncryptedData), | |
588 kSubsampleKeyId, arraysize(kSubsampleKeyId), | |
589 kSubsampleIv, arraysize(kSubsampleIv), | |
590 arraysize(kPaddedSubsampleEncryptedData) | |
591 - arraysize(kSubsampleEncryptedData), | |
592 subsample_entries_normal_); | |
593 ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed( | |
594 encrypted_data, kSubsampleOriginalData, kSubsampleOriginalDataSize)); | |
595 } | |
596 | |
597 // No subsample or offset. | |
598 TEST_F(AesDecryptorTest, NormalDecryption) { | |
599 GenerateKeyRequest(kSubsampleKeyId, arraysize(kSubsampleKeyId)); | |
600 AddKeyAndExpectToSucceed(kSubsampleKeyId, arraysize(kSubsampleKeyId), | |
601 kSubsampleKey, arraysize(kSubsampleKey)); | |
602 scoped_refptr<DecoderBuffer> encrypted_data = CreateSubsampleEncryptedBuffer( | |
603 kEncryptedData, arraysize(kEncryptedData), | |
604 kSubsampleKeyId, arraysize(kSubsampleKeyId), | |
605 kSubsampleIv, arraysize(kSubsampleIv), | |
606 0, | |
607 std::vector<SubsampleEntry>()); | |
608 ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed( | |
609 encrypted_data, kSubsampleOriginalData, kSubsampleOriginalDataSize)); | |
610 } | |
611 | |
612 TEST_F(AesDecryptorTest, IncorrectSubsampleSize) { | |
613 GenerateKeyRequest(kSubsampleKeyId, arraysize(kSubsampleKeyId)); | |
614 AddKeyAndExpectToSucceed(kSubsampleKeyId, arraysize(kSubsampleKeyId), | |
615 kSubsampleKey, arraysize(kSubsampleKey)); | |
616 std::vector<SubsampleEntry> entries = subsample_entries_normal_; | |
617 entries[2].cypher_bytes += 1; | |
618 | |
619 scoped_refptr<DecoderBuffer> encrypted_data = CreateSubsampleEncryptedBuffer( | |
620 kSubsampleEncryptedData, arraysize(kSubsampleEncryptedData), | |
621 kSubsampleKeyId, arraysize(kSubsampleKeyId), | |
622 kSubsampleIv, arraysize(kSubsampleIv), | |
623 0, | |
624 entries); | |
625 ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToFail(encrypted_data)); | |
626 } | |
627 | |
628 // No cypher bytes in any of the subsamples. | |
629 TEST_F(AesDecryptorTest, SubsampleClearBytesOnly) { | |
630 GenerateKeyRequest(kSubsampleKeyId, arraysize(kSubsampleKeyId)); | |
631 AddKeyAndExpectToSucceed(kSubsampleKeyId, arraysize(kSubsampleKeyId), | |
632 kSubsampleKey, arraysize(kSubsampleKey)); | |
633 std::vector<SubsampleEntry> subsample_entries_clear_only( | |
634 kSubsampleEntriesClearOnly, | |
635 kSubsampleEntriesClearOnly + arraysize(kSubsampleEntriesClearOnly)); | |
636 scoped_refptr<DecoderBuffer> encrypted_data = CreateSubsampleEncryptedBuffer( | |
637 kSubsampleOriginalData, kSubsampleOriginalDataSize, | |
638 kSubsampleKeyId, arraysize(kSubsampleKeyId), | |
639 kSubsampleIv, arraysize(kSubsampleIv), | |
640 0, | |
641 subsample_entries_clear_only); | |
642 ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(encrypted_data, | |
643 kSubsampleOriginalData, kSubsampleOriginalDataSize)); | |
644 } | |
645 | |
646 // No clear bytes in any of the subsamples. | |
647 TEST_F(AesDecryptorTest, SubsampleCypherBytesOnly) { | |
648 GenerateKeyRequest(kSubsampleKeyId, arraysize(kSubsampleKeyId)); | |
649 AddKeyAndExpectToSucceed(kSubsampleKeyId, arraysize(kSubsampleKeyId), | |
650 kSubsampleKey, arraysize(kSubsampleKey)); | |
651 std::vector<SubsampleEntry> subsample_entries_cypher_only( | |
652 kSubsampleEntriesCypherOnly, | |
653 kSubsampleEntriesCypherOnly + arraysize(kSubsampleEntriesCypherOnly)); | |
654 scoped_refptr<DecoderBuffer> encrypted_data = CreateSubsampleEncryptedBuffer( | |
655 kEncryptedData, arraysize(kEncryptedData), | |
656 kSubsampleKeyId, arraysize(kSubsampleKeyId), | |
657 kSubsampleIv, arraysize(kSubsampleIv), | |
658 0, | |
659 subsample_entries_cypher_only); | |
660 ASSERT_NO_FATAL_FAILURE(DecryptAndExpectToSucceed(encrypted_data, | |
661 kSubsampleOriginalData, kSubsampleOriginalDataSize)); | |
662 } | |
663 | |
664 } // namespace media | |
OLD | NEW |