1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef MEDIA_CRYPTO_AES_DECRYPTOR_H_
6 #define MEDIA_CRYPTO_AES_DECRYPTOR_H_
11 #include "base/basictypes.h"
12 #include "base/containers/scoped_ptr_hash_map.h"
13 #include "base/memory/ref_counted.h"
14 #include "base/memory/scoped_ptr.h"
15 #include "base/synchronization/lock.h"
16 #include "media/base/decryptor.h"
17 #include "media/base/media_export.h"
18 #include "media/base/media_keys.h"
26 // Decrypts an AES encrypted buffer into an unencrypted buffer. The AES
27 // encryption must be CTR with a key size of 128bits.
28 class MEDIA_EXPORT AesDecryptor : public MediaKeys, public Decryptor {
30 AesDecryptor(const SessionMessageCB& session_message_cb,
31 const SessionClosedCB& session_closed_cb,
32 const SessionKeysChangeCB& session_keys_change_cb);
33 virtual ~AesDecryptor();
35 // MediaKeys implementation.
36 virtual void SetServerCertificate(
37 const uint8* certificate_data,
38 int certificate_data_length,
39 scoped_ptr<SimpleCdmPromise> promise) OVERRIDE;
40 virtual void CreateSession(const std::string& init_data_type,
41 const uint8* init_data,
43 SessionType session_type,
44 scoped_ptr<NewSessionCdmPromise> promise) OVERRIDE;
45 virtual void LoadSession(const std::string& web_session_id,
46 scoped_ptr<NewSessionCdmPromise> promise) OVERRIDE;
47 virtual void UpdateSession(const std::string& web_session_id,
48 const uint8* response,
50 scoped_ptr<SimpleCdmPromise> promise) OVERRIDE;
51 virtual void CloseSession(const std::string& web_session_id,
52 scoped_ptr<SimpleCdmPromise> promise) OVERRIDE;
53 virtual void RemoveSession(const std::string& web_session_id,
54 scoped_ptr<SimpleCdmPromise> promise) OVERRIDE;
55 virtual void GetUsableKeyIds(const std::string& web_session_id,
56 scoped_ptr<KeyIdsPromise> promise) OVERRIDE;
57 virtual Decryptor* GetDecryptor() OVERRIDE;
59 // Decryptor implementation.
60 virtual void RegisterNewKeyCB(StreamType stream_type,
61 const NewKeyCB& key_added_cb) OVERRIDE;
62 virtual void Decrypt(StreamType stream_type,
63 const scoped_refptr<DecoderBuffer>& encrypted,
64 const DecryptCB& decrypt_cb) OVERRIDE;
65 virtual void CancelDecrypt(StreamType stream_type) OVERRIDE;
66 virtual void InitializeAudioDecoder(const AudioDecoderConfig& config,
67 const DecoderInitCB& init_cb) OVERRIDE;
68 virtual void InitializeVideoDecoder(const VideoDecoderConfig& config,
69 const DecoderInitCB& init_cb) OVERRIDE;
70 virtual void DecryptAndDecodeAudio(
71 const scoped_refptr<DecoderBuffer>& encrypted,
72 const AudioDecodeCB& audio_decode_cb) OVERRIDE;
73 virtual void DecryptAndDecodeVideo(
74 const scoped_refptr<DecoderBuffer>& encrypted,
75 const VideoDecodeCB& video_decode_cb) OVERRIDE;
76 virtual void ResetDecoder(StreamType stream_type) OVERRIDE;
77 virtual void DeinitializeDecoder(StreamType stream_type) OVERRIDE;
80 // TODO(fgalligan): Remove this and change KeyMap to use crypto::SymmetricKey
81 // as there are no decryptors that are performing an integrity check.
82 // Helper class that manages the decryption key.
85 explicit DecryptionKey(const std::string& secret);
88 // Creates the encryption key.
91 crypto::SymmetricKey* decryption_key() { return decryption_key_.get(); }
94 // The base secret that is used to create the decryption key.
95 const std::string secret_;
97 // The key used to decrypt the data.
98 scoped_ptr<crypto::SymmetricKey> decryption_key_;
100 DISALLOW_COPY_AND_ASSIGN(DecryptionKey);
103 // Keep track of the keys for a key ID. If multiple sessions specify keys
104 // for the same key ID, then the last key inserted is used. The structure is
105 // optimized so that Decrypt() has fast access, at the cost of slow deletion
106 // of keys when a session is released.
107 class SessionIdDecryptionKeyMap;
109 // Key ID <-> SessionIdDecryptionKeyMap map.
110 typedef base::ScopedPtrHashMap<std::string, SessionIdDecryptionKeyMap>
111 KeyIdToSessionKeysMap;
113 // Creates a DecryptionKey using |key_string| and associates it with |key_id|.
114 // Returns true if successful.
115 bool AddDecryptionKey(const std::string& web_session_id,
116 const std::string& key_id,
117 const std::string& key_string);
119 // Gets a DecryptionKey associated with |key_id|. The AesDecryptor still owns
120 // the key. Returns NULL if no key is associated with |key_id|.
121 DecryptionKey* GetKey(const std::string& key_id) const;
123 // Deletes all keys associated with |web_session_id|.
124 void DeleteKeysForSession(const std::string& web_session_id);
126 // Callbacks for firing session events.
127 SessionMessageCB session_message_cb_;
128 SessionClosedCB session_closed_cb_;
129 SessionKeysChangeCB session_keys_change_cb_;
131 // Since only Decrypt() is called off the renderer thread, we only need to
132 // protect |key_map_|, the only member variable that is shared between
133 // Decrypt() and other methods.
134 KeyIdToSessionKeysMap key_map_; // Protected by |key_map_lock_|.
135 mutable base::Lock key_map_lock_; // Protects the |key_map_|.
137 // Keeps track of current valid sessions.
138 std::set<std::string> valid_sessions_;
140 // Make web session ID unique per renderer by making it static. Web session
141 // IDs seen by the app will be "1", "2", etc.
142 static uint32 next_web_session_id_;
144 NewKeyCB new_audio_key_cb_;
145 NewKeyCB new_video_key_cb_;
147 // Protect |new_audio_key_cb_| and |new_video_key_cb_| as they are set on the
148 // main thread but called on the media thread.
149 mutable base::Lock new_key_cb_lock_;
151 DISALLOW_COPY_AND_ASSIGN(AesDecryptor);
156 #endif // MEDIA_CRYPTO_AES_DECRYPTOR_H_