From patchwork Tue Jan 9 18:28:41 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jacob Trimble X-Patchwork-Id: 7236 Delivered-To: ffmpegpatchwork@gmail.com Received: by 10.2.78.2 with SMTP id r2csp4238791jaa; Tue, 9 Jan 2018 10:28:51 -0800 (PST) X-Google-Smtp-Source: ACJfBosaBXnXc3JnX79zww2W1YjVwyOv/8UPqvCrDtN8XD3q7gBsbOle7aaG25OpG2NgpDJ+C5UZ X-Received: by 10.28.174.141 with SMTP id x135mr1417188wme.13.1515522531202; Tue, 09 Jan 2018 10:28:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515522531; cv=none; d=google.com; s=arc-20160816; b=VpN+QefLhyeHFxuY6te2+Plqpn5i866bIxDSFJfSzvxYsl4YXVc+qs6YZ/WIRAvuyF BIi27lOINBhWtwP5bykEcV016GJoxw5N/yY3k1Zli+mDA/b/Z3nlObDLoXFZAmCl0fp9 xgvY4jl2lZwR85PvLbUrzinqwOxV4uxhHOQg6qqztbLeLBG/DVAeZgZwdxthb2l1FGns B05d0zTIZdDTvKkanE7UMX6VIubQGs3pmgnF09at8PGB1ra1X3O52nz6pQhyRkhHMJNd UzMvHMeTpuSbkbhOtPyZA0OEqcB2l/8ERxewbSHaM6iYNVZQIFXLktX5UrUwdGwrsusK aAhw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:reply-to:list-subscribe:list-help:list-post :list-archive:list-unsubscribe:list-id:precedence:subject:to :message-id:date:from:references:in-reply-to:mime-version :dkim-signature:delivered-to:arc-authentication-results; bh=asAG1E1k3z5wqyv7WrBxsVJRym+wovwFPCr4zdcLaDY=; b=G0dihVGa5p9ldTaBpe0CiMMlWkSrmaBrl3mmajBpN9/uTGch49G2qz+bUdDs1vhXzh vuHTdt9Rgn+O5517p6YbcS1TQEmPRu++9a+TwjdEqx55z8m8MSKXdDn3aDRWpVIeyV22 ZSzvFG95mP1gjp91tpfyT27dcfwqmzdK+Wqkuc/2pllgTlMZtUmjbBotwKd4Zo6kSP6t 7GTg/eF1vUPCSMB3M9w+29NrBSVxhgiJxi2tJt5ipIp+N/RURfXWPsWOreQKALp4PS0C 9kVw3HL4dQC2jYcG7FzvK+EWZsTT8spFuyZsxn5HX3BSAuAlVX/NGjTYPaKDRaCbDABb bTyw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@google.com header.s=20161025 header.b=nV6TvxM7; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id a17si9537953wmg.219.2018.01.09.10.28.50; Tue, 09 Jan 2018 10:28:51 -0800 (PST) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@google.com header.s=20161025 header.b=nV6TvxM7; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 95D5C689C26; Tue, 9 Jan 2018 20:28:48 +0200 (EET) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-vk0-f42.google.com (mail-vk0-f42.google.com [209.85.213.42]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 470D8689949 for ; Tue, 9 Jan 2018 20:28:42 +0200 (EET) Received: by mail-vk0-f42.google.com with SMTP id m15so9990538vkf.13 for ; Tue, 09 Jan 2018 10:28:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=q7PmDvab6zSXhjKDjGXKmvrchg0YyWI3qkU+XNrydl8=; b=nV6TvxM7/Eg/I8mKJklOlqXBnsSf9OSOKQuJdyuFnwgmJ9DoEZX6E8IARCXUfI61wh Ni7QuGXSq+lJRzkuN96T7s/8MW3ve/KivRqP9ONEzVb5IcncTQ/L0B4zb+cAD7f1zGlN tuvESXRKDVOBhlE8F0dI1F/TQDA5A2YPTld+TAaE5fXGoIUVJad2J7x9BHc9x32PZSkk 7CfOztLQfz+fXSN/++cdpYQVSr36nG3/vgCI8G9lybuorRZ0GFEHZzTB3MkBGVnjcmKt Yejvbfmhr2k5JshP74NpUbdx6hCerixnkPezVBj3/U8f73qb/JW6CdVU/bdrFgSS56JB gQdw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=q7PmDvab6zSXhjKDjGXKmvrchg0YyWI3qkU+XNrydl8=; b=J4c/4yrOUmgVGjba6/Shce+sB7cUbrZSZ8KzUJcAhpkM+FYEzBxU2Hz227FzOzNgEq FhBopLZqij6NHZzKK0NT/PjD3v4x19E7/91vdJRtkRYfSD5Rn1WSyZfkPgrkmzI+IvlX qp34MuOwk2kXaxGGUA86QO2buwSIVAeALbozKf7CO4XeOSIJGJ0jxiyagfcH6Z4jO3C5 3xJsgBogPf9mSWUYSyPxA7ghF5aKQAZIeHMJMiaZKJXbpJy72oSMnpC7rm7BylAtuhxZ jAJv/ob0uH/rdj1jw4h8MKog/xmCH5uweGgUvxICXz6qQvObqPs8z2Nu0MxXr/E6TOJF Utdg== X-Gm-Message-State: AKwxyte0khv8wOzOHrvWJWSLN4BNP49SFwrKWBcuor/TCfpNwahZpl1Q KDAbAMSd1P258oNi0FX1+5ewD1MK4Imfxdf77HGdbFdg X-Received: by 10.31.131.15 with SMTP id f15mr14020693vkd.58.1515522522352; Tue, 09 Jan 2018 10:28:42 -0800 (PST) MIME-Version: 1.0 Received: by 10.103.212.13 with HTTP; Tue, 9 Jan 2018 10:28:41 -0800 (PST) In-Reply-To: References: <20180105194928.104085-1-modmaker@google.com> <20180105194928.104085-3-modmaker@google.com> From: Jacob Trimble Date: Tue, 9 Jan 2018 10:28:41 -0800 Message-ID: To: FFmpeg development discussions and patches Subject: Re: [FFmpeg-devel] [PATCH 3/3] avformat/mov: Expose encryption info to the app. X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" On Mon, Jan 8, 2018 at 5:23 PM, Carl Eugen Hoyos wrote: > 2018-01-09 0:22 GMT+01:00 Jacob Trimble : > >> Updated with the new design for the side data and applied the realloc >> fix to avoid large allocations. > >> + kid_count = avio_rb32(pb); > > Missing check here ... > >> + for (; i < kid_count && !pb->eof_reached; i++) { >> + unsigned int min_kid_count = FFMIN(FFMAX(i, 1024), kid_count); >> + key_ids = av_fast_realloc(info->key_ids, &alloc_size, > >> + min_kid_count * sizeof(*key_ids)); > > ... for an overflow here. Done > > Thank you, Carl Eugen > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > http://ffmpeg.org/mailman/listinfo/ffmpeg-devel From 92949de475a7fd1ede0959d452e3bf01b0a39b1f Mon Sep 17 00:00:00 2001 From: Jacob Trimble Date: Wed, 6 Dec 2017 16:17:54 -0800 Subject: [PATCH 3/3] avformat/mov: Expose encryption info to the app. This exposes encryption info from the container to the app. This includes key ID, IV, and subsample byte ranges. The info is passed using the new side-data AV_PKT_DATA_ENCRYPTION_DATA and AV_PKT_DATA_ENCRYPTION_INIT_DATA. Signed-off-by: Jacob Trimble --- libavformat/mov.c | 95 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 95 insertions(+) diff --git a/libavformat/mov.c b/libavformat/mov.c index 750b8a0860..89cd550c12 100644 --- a/libavformat/mov.c +++ b/libavformat/mov.c @@ -6085,6 +6085,94 @@ static int mov_read_saio(MOVContext *c, AVIOContext *pb, MOVAtom atom) return 0; } +static int mov_read_pssh(MOVContext *c, AVIOContext *pb, MOVAtom atom) +{ + AVEncryptionInitInfo *info; + uint8_t **key_ids; + AVStream *st; + uint8_t *side_data, *extra_data; + size_t side_data_size; + int ret = 0; + unsigned int version, kid_count, extra_data_size, alloc_size = 0, i = 0; + + if (c->fc->nb_streams < 1) + return 0; + st = c->fc->streams[c->fc->nb_streams-1]; + + version = avio_r8(pb); /* version */ + avio_rb24(pb); /* flags */ + + info = av_encryption_init_info_alloc(/* system_id_size */ 16, /* num_key_ids */ 0, + /* key_id_size */ 16, /* data_size */ 0); + if (!info) + return AVERROR(ENOMEM); + + if (avio_read(pb, info->system_id, 16) != 16) { + av_log(c->fc, AV_LOG_ERROR, "Failed to read the system id\n"); + ret = AVERROR_INVALIDDATA; + goto finish; + } + + if (version > 0) { + kid_count = avio_rb32(pb); + if (kid_count >= INT_MAX / sizeof(*key_ids)) + return AVERROR(ENOMEM); + + for (; i < kid_count && !pb->eof_reached; i++) { + unsigned int min_kid_count = FFMIN(FFMAX(i, 1024), kid_count); + key_ids = av_fast_realloc(info->key_ids, &alloc_size, + min_kid_count * sizeof(*key_ids)); + if (!key_ids) { + ret = AVERROR(ENOMEM); + goto finish; + } + info->key_ids = key_ids; + + info->key_ids[i] = av_mallocz(16); + if (!info->key_ids[i]) { + ret = AVERROR(ENOMEM); + goto finish; + } + info->num_key_ids = i + 1; + + if (avio_read(pb, info->key_ids[i], 16) != 16) { + av_log(c->fc, AV_LOG_ERROR, "Failed to read the key id\n"); + ret = AVERROR_INVALIDDATA; + goto finish; + } + } + + if (pb->eof_reached) { + av_log(c->fc, AV_LOG_ERROR, "Hit EOF while reading pssh\n"); + ret = AVERROR_INVALIDDATA; + goto finish; + } + } + + extra_data_size = avio_rb32(pb); + ret = mov_try_read_block(pb, extra_data_size, &extra_data); + if (ret < 0) + goto finish; + + av_freep(&info->data); // malloc(0) may still allocate something. + info->data = extra_data; + info->data_size = extra_data_size; + + side_data = av_encryption_init_info_add_side_data(info, &side_data_size); + if (!side_data) { + ret = AVERROR(ENOMEM); + goto finish; + } + ret = av_stream_add_side_data(st, AV_PKT_DATA_ENCRYPTION_INIT_INFO, + side_data, side_data_size); + if (ret < 0) + av_free(side_data); + +finish: + av_encryption_init_info_free(info); + return ret; +} + static int mov_read_schm(MOVContext *c, AVIOContext *pb, MOVAtom atom) { AVStream *st; @@ -6324,6 +6412,12 @@ static int cenc_filter(MOVContext *mov, MOVStreamContext *sc, AVPacket *pkt, int if (mov->decryption_key) { return cenc_decrypt(mov, sc, encrypted_sample, pkt->data, pkt->size); + } else { + size_t size; + uint8_t *side_data = av_encryption_info_add_side_data(encrypted_sample, &size); + if (!side_data) + return AVERROR(ENOMEM); + return av_packet_add_side_data(pkt, AV_PKT_DATA_ENCRYPTION_INFO, side_data, size); } } @@ -6457,6 +6551,7 @@ static const MOVParseTableEntry mov_default_parse_table[] = { { MKTAG('s','e','n','c'), mov_read_senc }, { MKTAG('s','a','i','z'), mov_read_saiz }, { MKTAG('s','a','i','o'), mov_read_saio }, +{ MKTAG('p','s','s','h'), mov_read_pssh }, { MKTAG('s','c','h','m'), mov_read_schm }, { MKTAG('s','c','h','i'), mov_read_default }, { MKTAG('t','e','n','c'), mov_read_tenc }, -- 2.16.0.rc1.238.g530d649a79-goog