From patchwork Sun Apr 11 19:08:59 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nachiket Tarate X-Patchwork-Id: 26869 Return-Path: X-Original-To: patchwork@ffaux-bg.ffmpeg.org Delivered-To: patchwork@ffaux-bg.ffmpeg.org Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by ffaux.localdomain (Postfix) with ESMTP id E1D6B449A47 for ; Sun, 11 Apr 2021 22:33:02 +0300 (EEST) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id B8C1768814C; Sun, 11 Apr 2021 22:33:02 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-pg1-f177.google.com (mail-pg1-f177.google.com [209.85.215.177]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 3D67668814C for ; Sun, 11 Apr 2021 22:32:55 +0300 (EEST) Received: by mail-pg1-f177.google.com with SMTP id f29so7697143pgm.8 for ; Sun, 11 Apr 2021 12:32:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id; bh=JN7yJK8u4D7yjhencqFKXLOTwql7szjWS9b4dlXN3+w=; b=h+sJQDEWFPO+JJhhcrF1W/CQkNe3dRrHL/kOBIY6fPU/C9CQ7AMDOdN5RcSej5UY7G MV059ROuO4BmxWhspFgDPkPUOH5P5X/M0EpiXlDQygDuzXxTYz3BpueIuPhMlnQpOBtD y/+FBgZbsT15exHkjVXyMWEdR6q0QWd4jo0MtRnrEpW8ZlbxHwr4nTVhndMuO0069One iduQlxakOdt0tBGK7/lfXXR1jlhjmy0X5zC8t9G/a1Tlf5owTNDrPh31PwVvXgBNZ9Uu DylbvPl05Sfz/uMK/DCiHHdayjyn6OJqAY6009z9J3fhx4UAWVd+9mCrFy0ZWFKBLsUe xWbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id; bh=JN7yJK8u4D7yjhencqFKXLOTwql7szjWS9b4dlXN3+w=; b=H5WCDmi8dZRxgHdwz2kSM/J6hDQ1oc8Wz6mQHZ2NYdi6hqIFL7pI3bBWMX59j/69bB WEDK9TKbLgljNBs6BFdOTRKEgZofH5GWkCM1JBVgtNE9XJlKi1bYdfzJEo86mCSIp+ja SqTK8rg6olUFdrvmpz0iwBqlmIb5vRuylv1RQXmh80z2IqujFTSOP8MAJcLjJJe1R5g/ ++6jEjViCL8VcxwK/aquvQrzOpiPt1fLhCI3QVOaR2H1uIoB4B1b73n2pYKwE/2ww0qx 1aw0Zp37BbBVIbURHCx3KymmpNdgOoVOlFbmSyKaVL6HzEaNJgqaSZ3NSsaL4CnBvqBi 32JA== X-Gm-Message-State: AOAM5313U4IwARU5QPBlsLh95EJKnhPTTR6gJT0mcw+KlpSXE7cD19bm TOZhYNl73xfpwG0cG19RYj/Z5foLABTvXQ== X-Google-Smtp-Source: ABdhPJxZAAG+N1hLisge+gdZYDjfoNI5qs46bj6eLtUKu4+SscsirNfBJda+nmQKehDWBj1hr2KK0g== X-Received: by 2002:a17:902:5988:b029:ea:ac90:529b with SMTP id p8-20020a1709025988b02900eaac90529bmr11848296pli.78.1618168279211; Sun, 11 Apr 2021 12:11:19 -0700 (PDT) Received: from lab-21.india.rsystems.com ([106.198.214.134]) by smtp.gmail.com with ESMTPSA id c11sm8756893pgk.83.2021.04.11.12.11.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 11 Apr 2021 12:11:18 -0700 (PDT) From: Nachiket Tarate To: ffmpeg-devel@ffmpeg.org Date: Mon, 12 Apr 2021 00:38:59 +0530 Message-Id: <20210411190859.17714-1-nachiket.programmer@gmail.com> X-Mailer: git-send-email 2.17.1 Subject: [FFmpeg-devel] [PATCH 3/4] libavformat/hls: add support for decryption of HLS media segments encrypted using SAMPLE-AES encryption method X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches MIME-Version: 1.0 Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Apple HTTP Live Streaming Sample Encryption: https://developer.apple.com/library/ios/documentation/AudioVideo/Conceptual/HLS_Sample_Encryption Signed-off-by: Nachiket Tarate --- libavformat/Makefile | 2 +- libavformat/hls.c | 123 ++++++++- libavformat/hls_sample_encryption.c | 391 ++++++++++++++++++++++++++++ libavformat/hls_sample_encryption.h | 65 +++++ libavformat/mpegts.c | 12 + 5 files changed, 578 insertions(+), 15 deletions(-) create mode 100644 libavformat/hls_sample_encryption.c create mode 100644 libavformat/hls_sample_encryption.h diff --git a/libavformat/Makefile b/libavformat/Makefile index 0f340f74a0..56fdc65e1a 100644 --- a/libavformat/Makefile +++ b/libavformat/Makefile @@ -236,7 +236,7 @@ OBJS-$(CONFIG_HCOM_DEMUXER) += hcom.o pcm.o OBJS-$(CONFIG_HDS_MUXER) += hdsenc.o OBJS-$(CONFIG_HEVC_DEMUXER) += hevcdec.o rawdec.o OBJS-$(CONFIG_HEVC_MUXER) += rawenc.o -OBJS-$(CONFIG_HLS_DEMUXER) += hls.o +OBJS-$(CONFIG_HLS_DEMUXER) += hls.o hls_sample_encryption.o OBJS-$(CONFIG_HLS_MUXER) += hlsenc.o hlsplaylist.o avc.o OBJS-$(CONFIG_HNM_DEMUXER) += hnm.o OBJS-$(CONFIG_ICO_DEMUXER) += icodec.o diff --git a/libavformat/hls.c b/libavformat/hls.c index 597bea7f25..51b8da7c99 100644 --- a/libavformat/hls.c +++ b/libavformat/hls.c @@ -2,6 +2,7 @@ * Apple HTTP Live Streaming demuxer * Copyright (c) 2010 Martin Storsjo * Copyright (c) 2013 Anssi Hannula + * Copyright (c) 2021 Nachiket Tarate * * This file is part of FFmpeg. * @@ -39,6 +40,8 @@ #include "avio_internal.h" #include "id3v2.h" +#include "hls_sample_encryption.h" + #define INITIAL_BUFFER_SIZE 32768 #define MAX_FIELD_LEN 64 @@ -145,6 +148,8 @@ struct playlist { int id3_changed; /* ID3 tag data has changed at some point */ ID3v2ExtraMeta *id3_deferred_extra; /* stored here until subdemuxer is opened */ + HLSAudioSetupInfo audio_setup_info; + int64_t seek_timestamp; int seek_flags; int seek_stream_index; /* into subdemuxer stream array */ @@ -213,6 +218,7 @@ typedef struct HLSContext { int http_multiple; int http_seekable; AVIOContext *playlist_pb; + HLSCryptoContext crypto_ctx; } HLSContext; static void free_segment_dynarray(struct segment **segments, int n_segments) @@ -1001,7 +1007,10 @@ fail: static struct segment *current_segment(struct playlist *pls) { - return pls->segments[pls->cur_seq_no - pls->start_seq_no]; + int64_t n = pls->cur_seq_no - pls->start_seq_no; + if (n >= pls->n_segments) + return NULL; + return pls->segments[n]; } static struct segment *next_segment(struct playlist *pls) @@ -1030,10 +1039,11 @@ static int read_from_url(struct playlist *pls, struct segment *seg, /* Parse the raw ID3 data and pass contents to caller */ static void parse_id3(AVFormatContext *s, AVIOContext *pb, - AVDictionary **metadata, int64_t *dts, + AVDictionary **metadata, int64_t *dts, HLSAudioSetupInfo *audio_setup_info, ID3v2ExtraMetaAPIC **apic, ID3v2ExtraMeta **extra_meta) { static const char id3_priv_owner_ts[] = "com.apple.streaming.transportStreamTimestamp"; + static const char id3_priv_owner_audio_setup[] = "com.apple.streaming.audioDescription"; ID3v2ExtraMeta *meta; ff_id3v2_read_dict(pb, metadata, ID3v2_DEFAULT_MAGIC, extra_meta); @@ -1048,6 +1058,8 @@ static void parse_id3(AVFormatContext *s, AVIOContext *pb, *dts = ts; else av_log(s, AV_LOG_ERROR, "Invalid HLS ID3 audio timestamp %"PRId64"\n", ts); + } else if (priv->datasize >= 8 && !strcmp(priv->owner, id3_priv_owner_audio_setup)) { + ff_hls_senc_read_audio_setup_info(audio_setup_info, priv->data, priv->datasize); } } else if (!strcmp(meta->tag, "APIC") && apic) *apic = &meta->data.apic; @@ -1091,7 +1103,7 @@ static void handle_id3(AVIOContext *pb, struct playlist *pls) ID3v2ExtraMeta *extra_meta = NULL; int64_t timestamp = AV_NOPTS_VALUE; - parse_id3(pls->ctx, pb, &metadata, ×tamp, &apic, &extra_meta); + parse_id3(pls->ctx, pb, &metadata, ×tamp, &pls->audio_setup_info, &apic, &extra_meta); if (timestamp != AV_NOPTS_VALUE) { pls->id3_mpegts_timestamp = timestamp; @@ -1245,10 +1257,7 @@ static int open_input(HLSContext *c, struct playlist *pls, struct segment *seg, av_log(pls->parent, AV_LOG_VERBOSE, "HLS request for url '%s', offset %"PRId64", playlist %d\n", seg->url, seg->url_offset, pls->index); - if (seg->key_type == KEY_NONE) { - ret = open_url(pls->parent, in, seg->url, &c->avio_opts, opts, &is_http); - } else if (seg->key_type == KEY_AES_128) { - char iv[33], key[33], url[MAX_URL_SIZE]; + if (seg->key_type == KEY_AES_128 || seg->key_type == KEY_SAMPLE_AES) { if (strcmp(seg->key, pls->key_url)) { AVIOContext *pb = NULL; if (open_url(pls->parent, &pb, seg->key, &c->avio_opts, opts, NULL) == 0) { @@ -1264,6 +1273,10 @@ static int open_input(HLSContext *c, struct playlist *pls, struct segment *seg, } av_strlcpy(pls->key_url, seg->key, sizeof(pls->key_url)); } + } + + if (seg->key_type == KEY_AES_128) { + char iv[33], key[33], url[MAX_URL_SIZE]; ff_data_to_hex(iv, seg->iv, sizeof(seg->iv), 0); ff_data_to_hex(key, pls->key, sizeof(pls->key), 0); iv[32] = key[32] = '\0'; @@ -1280,13 +1293,9 @@ static int open_input(HLSContext *c, struct playlist *pls, struct segment *seg, goto cleanup; } ret = 0; - } else if (seg->key_type == KEY_SAMPLE_AES) { - av_log(pls->parent, AV_LOG_ERROR, - "SAMPLE-AES encryption is not supported yet\n"); - ret = AVERROR_PATCHWELCOME; + } else { + ret = open_url(pls->parent, in, seg->url, &c->avio_opts, opts, &is_http); } - else - ret = AVERROR(ENOSYS); /* Seek to the requested position. If this was a HTTP request, the offset * should already be where want it to, but this allows e.g. local testing @@ -1849,6 +1858,10 @@ static int hls_close(AVFormatContext *s) free_variant_list(c); free_rendition_list(c); + if (c->crypto_ctx.aes_ctx) + av_free(c->crypto_ctx.aes_ctx); + + av_dict_free(&c->avio_opts); ff_format_io_close(c->ctx, &c->playlist_pb); @@ -1860,6 +1873,7 @@ static int hls_read_header(AVFormatContext *s) HLSContext *c = s->priv_data; int ret = 0, i; int64_t highest_cur_seq_no = 0; + AVDictionary *options = NULL; c->ctx = s; c->interrupt_callback = &s->interrupt_callback; @@ -1955,6 +1969,7 @@ static int hls_read_header(AVFormatContext *s) struct playlist *pls = c->playlists[i]; char *url; ff_const59 AVInputFormat *in_fmt = NULL; + struct segment *seg = NULL; if (!(pls->ctx = avformat_alloc_context())) { ret = AVERROR(ENOMEM); @@ -1987,8 +2002,55 @@ static int hls_read_header(AVFormatContext *s) pls->ctx = NULL; goto fail; } + ffio_init_context(&pls->pb, pls->read_buffer, INITIAL_BUFFER_SIZE, 0, pls, read_data, NULL, NULL); + + /* + * If encryption scheme is SAMPLE-AES, try to read ID3 tags of + * external audio track that contains audio setup information + */ + seg = current_segment(pls); + if (seg && seg->key_type == KEY_SAMPLE_AES && pls->n_renditions > 0 && + pls->renditions[0]->type == AVMEDIA_TYPE_AUDIO) { + uint8_t buf[HLS_MAX_ID3_TAGS_DATA_LEN]; + if ((ret = avio_read(&pls->pb, buf, HLS_MAX_ID3_TAGS_DATA_LEN)) < 0) { + /* Fail if error was not end of file */ + if (ret != AVERROR_EOF) { + avformat_free_context(pls->ctx); + pls->ctx = NULL; + goto fail; + } + } + ret = 0; + /* Reset reading */ + ff_format_io_close(pls->parent, &pls->input); + pls->input = NULL; + pls->input_read_done = 0; + ff_format_io_close(pls->parent, &pls->input_next); + pls->input_next = NULL; + pls->input_next_requested = 0; + pls->cur_seg_offset = 0; + pls->cur_init_section = NULL; + /* Reset EOF flag */ + pls->pb.eof_reached = 0; + /* Clear any buffered data */ + pls->pb.buf_end = pls->pb.buf_ptr = pls->pb.buffer; + /* Reset the position */ + pls->pb.pos = 0; + } + + /* + * If encryption scheme is SAMPLE-AES and audio setup information is present in external audio track, + * use that information to find the media format, otherwise probe input data + */ + if (seg && seg->key_type == KEY_SAMPLE_AES && pls->is_id3_timestamped && + pls->audio_setup_info.codec_id != AV_CODEC_ID_NONE) { + void *iter = NULL; + while ((in_fmt = (ff_const59 AVInputFormat *)av_demuxer_iterate(&iter))) + if (in_fmt->raw_codec_id == pls->audio_setup_info.codec_id) + break; + } else { pls->ctx->probesize = s->probesize > 0 ? s->probesize : 1024 * 4; pls->ctx->max_analyze_duration = s->max_analyze_duration > 0 ? s->max_analyze_duration : 4 * AV_TIME_BASE; pls->ctx->interrupt_callback = s->interrupt_callback; @@ -2006,6 +2068,25 @@ static int hls_read_header(AVFormatContext *s) goto fail; } av_free(url); + } + + if (seg && seg->key_type == KEY_SAMPLE_AES) { + if (strstr(in_fmt->name, "mov")) { + char key[33]; + ff_data_to_hex(key, pls->key, sizeof(pls->key), 0); + key[32] = '\0'; + av_dict_set(&options, "decryption_key", key, AV_OPT_FLAG_DECODING_PARAM); + } else if (!c->crypto_ctx.aes_ctx) { + c->crypto_ctx.aes_ctx = av_aes_alloc(); + if (!c->crypto_ctx.aes_ctx) { + avformat_free_context(pls->ctx); + pls->ctx = NULL; + ret = AVERROR(ENOMEM); + goto fail; + } + } + } + pls->ctx->pb = &pls->pb; pls->ctx->io_open = nested_io_open; pls->ctx->flags |= s->flags & ~AVFMT_FLAG_CUSTOM_IO; @@ -2013,7 +2094,7 @@ static int hls_read_header(AVFormatContext *s) if ((ret = ff_copy_whiteblacklists(pls->ctx, s)) < 0) goto fail; - ret = avformat_open_input(&pls->ctx, pls->segments[0]->url, in_fmt, NULL); + ret = avformat_open_input(&pls->ctx, pls->segments[0]->url, in_fmt, &options); if (ret < 0) goto fail; @@ -2034,7 +2115,12 @@ static int hls_read_header(AVFormatContext *s) * on us if they want to. */ if (pls->is_id3_timestamped || (pls->n_renditions > 0 && pls->renditions[0]->type == AVMEDIA_TYPE_AUDIO)) { + if (seg && seg->key_type == KEY_SAMPLE_AES && pls->audio_setup_info.setup_data_length > 0 && + pls->ctx->nb_streams == 1) + ret = ff_hls_senc_parse_audio_setup_info(pls->ctx->streams[0], &pls->audio_setup_info); + else ret = avformat_find_stream_info(pls->ctx, NULL); + if (ret < 0) goto fail; } @@ -2164,6 +2250,7 @@ static int hls_read_packet(AVFormatContext *s, AVPacket *pkt) while (1) { int64_t ts_diff; AVRational tb; + struct segment *seg = NULL; ret = av_read_frame(pls->ctx, pls->pkt); if (ret < 0) { if (!avio_feof(&pls->pb) && ret != AVERROR_EOF) @@ -2182,6 +2269,14 @@ static int hls_read_packet(AVFormatContext *s, AVPacket *pkt) get_timebase(pls), AV_TIME_BASE_Q); } + seg = current_segment(pls); + if (seg && seg->key_type == KEY_SAMPLE_AES && !strstr(pls->ctx->iformat->name, "mov")) { + enum AVCodecID codec_id = pls->ctx->streams[pls->pkt->stream_index]->codecpar->codec_id; + memcpy(c->crypto_ctx.iv, seg->iv, sizeof(seg->iv)); + memcpy(c->crypto_ctx.key, pls->key, sizeof(pls->key)); + ff_hls_senc_decrypt_frame(codec_id, &c->crypto_ctx, pls->pkt); + } + if (pls->seek_timestamp == AV_NOPTS_VALUE) break; diff --git a/libavformat/hls_sample_encryption.c b/libavformat/hls_sample_encryption.c new file mode 100644 index 0000000000..dea60c5cdf --- /dev/null +++ b/libavformat/hls_sample_encryption.c @@ -0,0 +1,391 @@ +/* + * Apple HTTP Live Streaming Sample Encryption/Decryption + * + * Copyright (c) 2021 Nachiket Tarate + * + * This file is part of FFmpeg. + * + * FFmpeg is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * FFmpeg is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with FFmpeg; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/** + * @file + * Apple HTTP Live Streaming Sample Encryption + * https://developer.apple.com/library/ios/documentation/AudioVideo/Conceptual/HLS_Sample_Encryption + */ + +#include "hls_sample_encryption.h" + +#include "libavcodec/adts_header.h" +#include "libavcodec/adts_parser.h" +#include "libavcodec/ac3_parser_internal.h" + + +typedef struct NALUnit { + uint8_t *data; + int type; + int length; + int start_code_length; +} NALUnit; + +typedef struct AudioFrame { + uint8_t *data; + int length; + int header_length; +} AudioFrame; + +typedef struct CodecParserContext { + const uint8_t *buf_ptr; + const uint8_t *buf_end; +} CodecParserContext; + +static const int eac3_sample_rate_tab[] = { 48000, 44100, 32000, 0 }; + +void ff_hls_senc_read_audio_setup_info(HLSAudioSetupInfo *info, const uint8_t *buf, size_t size) +{ + if (size < 8) + return; + + info->codec_tag = AV_RL32(buf); + + if (info->codec_tag == MKTAG('z','a','a','c')) + info->codec_id = AV_CODEC_ID_AAC; + else if (info->codec_tag == MKTAG('z','a','c','3')) + info->codec_id = AV_CODEC_ID_AC3; + else if (info->codec_tag == MKTAG('z','e','c','3')) + info->codec_id = AV_CODEC_ID_EAC3; + else + info->codec_id = AV_CODEC_ID_NONE; + + buf += 4; + info->priming = AV_RL16(buf); + buf += 2; + info->version = *buf++; + info->setup_data_length = *buf++; + + if (info->setup_data_length > size - 8) + info->setup_data_length = size - 8; + + if (info->setup_data_length > HLS_MAX_AUDIO_SETUP_DATA_LEN) + return; + + memcpy(info->setup_data, buf, info->setup_data_length); +} + +int ff_hls_senc_parse_audio_setup_info(AVStream *st, HLSAudioSetupInfo *info) +{ + int ret = 0; + + st->codecpar->codec_tag = info->codec_tag; + + if (st->codecpar->codec_id == AV_CODEC_ID_AAC) + return 0; + + if (st->codecpar->codec_id != AV_CODEC_ID_AC3 && st->codecpar->codec_id != AV_CODEC_ID_EAC3) + return AVERROR_INVALIDDATA; + + if (st->codecpar->codec_id == AV_CODEC_ID_AC3) { + + AC3HeaderInfo *ac3hdr = NULL; + + ret = avpriv_ac3_parse_header(&ac3hdr, info->setup_data, info->setup_data_length); + if (ret < 0) { + if (ret != AVERROR(ENOMEM)) + av_free(ac3hdr); + return ret; + } + + st->codecpar->sample_rate = ac3hdr->sample_rate; + st->codecpar->channels = ac3hdr->channels; + st->codecpar->channel_layout = ac3hdr->channel_layout; + st->codecpar->bit_rate = ac3hdr->bit_rate; + + av_free(ac3hdr); + } else { /* Parse 'dec3' EC3SpecificBox */ + + GetBitContext gb; + int data_rate, fscod, acmod, lfeon; + + ret = init_get_bits8(&gb, info->setup_data, info->setup_data_length); + if (ret < 0) + return AVERROR_INVALIDDATA; + + data_rate = get_bits(&gb, 13); + skip_bits(&gb, 3); + fscod = get_bits(&gb, 2); + skip_bits(&gb, 10); + acmod = get_bits(&gb, 3); + lfeon = get_bits(&gb, 1); + + st->codecpar->sample_rate = eac3_sample_rate_tab[fscod]; + + st->codecpar->channel_layout = avpriv_ac3_channel_layout_tab[acmod]; + if (lfeon) + st->codecpar->channel_layout |= AV_CH_LOW_FREQUENCY; + + st->codecpar->channels = av_get_channel_layout_nb_channels(st->codecpar->channel_layout); + + st->codecpar->bit_rate = data_rate*1000; + } + + return 0; +} + +/* + * Remove start code emulation prevention 0x03 bytes + */ +static void remove_scep_3_bytes(NALUnit *nalu) +{ + int i = 0; + int j = 0; + + uint8_t *data = nalu->data; + + while (i < nalu->length) { + if (nalu->length - i > 3 && AV_RB24(&data[i]) == 0x000003) { + data[j++] = data[i++]; + data[j++] = data[i++]; + i++; + } else { + data[j++] = data[i++]; + } + } + + nalu->length = j; +} + +static int get_next_nal_unit(CodecParserContext *ctx, NALUnit *nalu) +{ + const uint8_t *nalu_start = ctx->buf_ptr; + + if (ctx->buf_end - ctx->buf_ptr >= 4 && AV_RB32(ctx->buf_ptr) == 0x00000001) + nalu->start_code_length = 4; + else if (ctx->buf_end - ctx->buf_ptr >= 3 && AV_RB24(ctx->buf_ptr) == 0x000001) + nalu->start_code_length = 3; + else /* No start code at the beginning of the NAL unit */ + return -1; + + ctx->buf_ptr += nalu->start_code_length; + + while (ctx->buf_ptr < ctx->buf_end) { + if (ctx->buf_end - ctx->buf_ptr >= 4 && AV_RB32(ctx->buf_ptr) == 0x00000001) + break; + else if (ctx->buf_end - ctx->buf_ptr >= 3 && AV_RB24(ctx->buf_ptr) == 0x000001) + break; + ctx->buf_ptr++; + } + + nalu->data = (uint8_t *)nalu_start + nalu->start_code_length; + nalu->length = ctx->buf_ptr - nalu->data; + nalu->type = *nalu->data & 0x1F; + + return 0; +} + +static int decrypt_nal_unit(HLSCryptoContext *crypto_ctx, NALUnit *nalu) +{ + int ret = 0; + int rem_bytes; + uint8_t *data; + uint8_t iv[16]; + + ret = av_aes_init(crypto_ctx->aes_ctx, crypto_ctx->key, 16 * 8, 1); + if (ret < 0) + return ret; + + /* Remove start code emulation prevention 0x03 bytes */ + remove_scep_3_bytes(nalu); + + data = nalu->data + 32; + rem_bytes = nalu->length - 32; + + memcpy(iv, crypto_ctx->iv, 16); + + while (rem_bytes > 0) { + if (rem_bytes > 16) { + av_aes_crypt(crypto_ctx->aes_ctx, data, data, 1, iv, 1); + data += 16; + rem_bytes -= 16; + } + data += FFMIN(144, rem_bytes); + rem_bytes -= FFMIN(144, rem_bytes); + } + + return 0; +} + +static int decrypt_video_frame(HLSCryptoContext *crypto_ctx, AVPacket *pkt) +{ + int ret = 0; + CodecParserContext ctx; + NALUnit nalu; + uint8_t *data_ptr; + int move_nalu = 0; + + memset(&ctx, 0, sizeof(ctx)); + ctx.buf_ptr = pkt->data; + ctx.buf_end = pkt->data + pkt->size; + + data_ptr = pkt->data; + + while (ctx.buf_ptr < ctx.buf_end) { + memset(&nalu, 0, sizeof(nalu)); + ret = get_next_nal_unit(&ctx, &nalu); + if (ret < 0) + return ret; + if ((nalu.type == 0x01 || nalu.type == 0x05) && nalu.length > 48) { + int encrypted_nalu_length = nalu.length; + ret = decrypt_nal_unit(crypto_ctx, &nalu); + if (ret < 0) + return ret; + move_nalu = nalu.length != encrypted_nalu_length; + } + if (move_nalu) + memmove(data_ptr, nalu.data - nalu.start_code_length, nalu.start_code_length + nalu.length); + data_ptr += nalu.start_code_length + nalu.length; + } + + av_shrink_packet(pkt, data_ptr - pkt->data); + + return 0; +} + +static int get_next_adts_frame(CodecParserContext *ctx, AudioFrame *frame) +{ + int ret = 0; + + AACADTSHeaderInfo *adts_hdr = NULL; + + /* Find next sync word 0xFFF */ + while (ctx->buf_ptr < ctx->buf_end - 1) { + if (*ctx->buf_ptr == 0xFF && *(ctx->buf_ptr + 1) & 0xF0 == 0xF0) + break; + ctx->buf_ptr++; + } + + if (ctx->buf_ptr >= ctx->buf_end - 1) + return -1; + + frame->data = (uint8_t*)ctx->buf_ptr; + + ret = avpriv_adts_header_parse (&adts_hdr, frame->data, ctx->buf_end - frame->data); + if (ret < 0) + return ret; + + frame->header_length = adts_hdr->crc_absent ? AV_AAC_ADTS_HEADER_SIZE : AV_AAC_ADTS_HEADER_SIZE + 2; + frame->length = adts_hdr->frame_length; + + av_free(adts_hdr); + + return 0; +} + +static int get_next_ac3_eac3_sync_frame(CodecParserContext *ctx, AudioFrame *frame) +{ + int ret = 0; + + AC3HeaderInfo *hdr = NULL; + + /* Find next sync word 0x0B77 */ + while (ctx->buf_ptr < ctx->buf_end - 1) { + if (*ctx->buf_ptr == 0x0B && *(ctx->buf_ptr + 1) == 0x77) + break; + ctx->buf_ptr++; + } + + if (ctx->buf_ptr >= ctx->buf_end - 1) + return -1; + + frame->data = (uint8_t*)ctx->buf_ptr; + frame->header_length = 0; + + ret = avpriv_ac3_parse_header(&hdr, frame->data, ctx->buf_end - frame->data); + if (ret < 0) { + if (ret != AVERROR(ENOMEM)) + av_free(hdr); + return ret; + } + + frame->length = hdr->frame_size; + + av_free(hdr); + + return 0; +} + +static int get_next_sync_frame(enum AVCodecID codec_id, CodecParserContext *ctx, AudioFrame *frame) +{ + if (codec_id == AV_CODEC_ID_AAC) + return get_next_adts_frame(ctx, frame); + else if (codec_id == AV_CODEC_ID_AC3 || codec_id == AV_CODEC_ID_EAC3) + return get_next_ac3_eac3_sync_frame(ctx, frame); + else + return AVERROR_INVALIDDATA; +} + +static int decrypt_sync_frame(enum AVCodecID codec_id, HLSCryptoContext *crypto_ctx, AudioFrame *frame) +{ + int ret = 0; + uint8_t *data; + int num_of_encrypted_blocks; + + ret = av_aes_init(crypto_ctx->aes_ctx, crypto_ctx->key, 16 * 8, 1); + if (ret < 0) + return ret; + + data = frame->data + frame->header_length + 16; + + num_of_encrypted_blocks = (frame->length - frame->header_length - 16)/16; + + av_aes_crypt(crypto_ctx->aes_ctx, data, data, num_of_encrypted_blocks, crypto_ctx->iv, 1); + + return 0; +} + +static int decrypt_audio_frame(enum AVCodecID codec_id, HLSCryptoContext *crypto_ctx, AVPacket *pkt) +{ + int ret = 0; + CodecParserContext ctx; + AudioFrame frame; + + memset(&ctx, 0, sizeof(ctx)); + ctx.buf_ptr = pkt->data; + ctx.buf_end = pkt->data + pkt->size; + + while (ctx.buf_ptr < ctx.buf_end) { + memset(&frame, 0, sizeof(frame)); + ret = get_next_sync_frame(codec_id, &ctx, &frame); + if (ret < 0) + return ret; + if (frame.length - frame.header_length > 31) { + ret = decrypt_sync_frame(codec_id, crypto_ctx, &frame); + if (ret < 0) + return ret; + } + ctx.buf_ptr += frame.length; + } + + return 0; +} + +int ff_hls_senc_decrypt_frame(enum AVCodecID codec_id, HLSCryptoContext *crypto_ctx, AVPacket *pkt) +{ + if (codec_id == AV_CODEC_ID_H264) + return decrypt_video_frame(crypto_ctx, pkt); + else if (codec_id == AV_CODEC_ID_AAC || codec_id == AV_CODEC_ID_AC3 || codec_id == AV_CODEC_ID_EAC3) + return decrypt_audio_frame(codec_id, crypto_ctx, pkt); + + return AVERROR_INVALIDDATA; +} diff --git a/libavformat/hls_sample_encryption.h b/libavformat/hls_sample_encryption.h new file mode 100644 index 0000000000..ff3f9c22f7 --- /dev/null +++ b/libavformat/hls_sample_encryption.h @@ -0,0 +1,65 @@ +/* + * Apple HTTP Live Streaming Sample Encryption/Decryption + * + * Copyright (c) 2021 Nachiket Tarate + * + * This file is part of FFmpeg. + * + * FFmpeg is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * FFmpeg is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with FFmpeg; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/** + * @file + * Apple HTTP Live Streaming Sample Encryption + * https://developer.apple.com/library/ios/documentation/AudioVideo/Conceptual/HLS_Sample_Encryption + */ + +#ifndef AVFORMAT_HLS_SAMPLE_ENCRYPTION_H +#define AVFORMAT_HLS_SAMPLE_ENCRYPTION_H + +#include + +#include "avformat.h" +#include "libavcodec/avcodec.h" + +#include "libavutil/aes.h" + +#define HLS_MAX_ID3_TAGS_DATA_LEN 138 +#define HLS_MAX_AUDIO_SETUP_DATA_LEN 10 + +typedef struct HLSCryptoContext { + struct AVAES *aes_ctx; + uint8_t key[16]; + uint8_t iv[16]; +} HLSCryptoContext; + +typedef struct HLSAudioSetupInfo { + enum AVCodecID codec_id; + uint32_t codec_tag; + uint16_t priming; + uint8_t version; + uint8_t setup_data_length; + uint8_t setup_data[HLS_MAX_AUDIO_SETUP_DATA_LEN]; +} HLSAudioSetupInfo; + + +void ff_hls_senc_read_audio_setup_info(HLSAudioSetupInfo *info, const uint8_t *buf, size_t size); + +int ff_hls_senc_parse_audio_setup_info(AVStream *st, HLSAudioSetupInfo *info); + +int ff_hls_senc_decrypt_frame(enum AVCodecID codec_id, HLSCryptoContext *crypto_ctx, AVPacket *pkt); + +#endif /* AVFORMAT_HLS_SAMPLE_ENCRYPTION_H */ + diff --git a/libavformat/mpegts.c b/libavformat/mpegts.c index 6e0d9d7496..1dfe3c5f7b 100644 --- a/libavformat/mpegts.c +++ b/libavformat/mpegts.c @@ -839,6 +839,16 @@ static const StreamType MISC_types[] = { { 0 }, }; +/* HLS Sample Encryption Types */ +static const StreamType HLS_SAMPLE_ENC_types[] = { + { 0xdb, AVMEDIA_TYPE_VIDEO, AV_CODEC_ID_H264}, + { 0xcf, AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_AAC }, + { 0xc1, AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_AC3 }, + { 0xc2, AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_EAC3}, + { 0 }, +}; + + static const StreamType REGD_types[] = { { MKTAG('d', 'r', 'a', 'c'), AVMEDIA_TYPE_VIDEO, AV_CODEC_ID_DIRAC }, { MKTAG('A', 'C', '-', '3'), AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_AC3 }, @@ -948,6 +958,8 @@ static int mpegts_set_stream_info(AVStream *st, PESContext *pes, } if (st->codecpar->codec_id == AV_CODEC_ID_NONE) mpegts_find_stream_type(st, pes->stream_type, MISC_types); + if (st->codecpar->codec_id == AV_CODEC_ID_NONE) + mpegts_find_stream_type(st, pes->stream_type, HLS_SAMPLE_ENC_types); if (st->codecpar->codec_id == AV_CODEC_ID_NONE) { st->codecpar->codec_id = old_codec_id; st->codecpar->codec_type = old_codec_type;