[FFmpeg-devel] [PATCH] Encrypted SMPTE DC MXF - additional UL needed to unpack EKLV packet

Richard Ayres Richard.Ayres at bydeluxe.com
Mon Oct 3 14:47:12 EEST 2022 

Thanks, Pierre-Anthony. I've updated the patch to remove the unnecessary UL and it's now using mxf_match_uid() to detect the EKLV packet.

Signed-off-by: Richard Ayres <richard.ayres at bydeluxe.com>
---
 libavformat/mxfdec.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libavformat/mxfdec.c b/libavformat/mxfdec.c
index badd2be224..b1ab90f25f 100644
--- a/libavformat/mxfdec.c
+++ b/libavformat/mxfdec.c
@@ -3737,7 +3737,7 @@ static int mxf_read_header(AVFormatContext *s)

         PRINT_KEY(s, "read header", klv.key);
         av_log(s, AV_LOG_TRACE, "size %"PRIu64" offset %#"PRIx64"\n", klv.length, klv.offset);
-        if (IS_KLV_KEY(klv.key, mxf_encrypted_triplet_key) ||
+        if (mxf_match_uid(klv.key, mxf_encrypted_triplet_key, sizeof(mxf_encrypted_triplet_key)) ||
             IS_KLV_KEY(klv.key, mxf_essence_element_key) ||
             IS_KLV_KEY(klv.key, mxf_canopus_essence_element_key) ||
             IS_KLV_KEY(klv.key, mxf_avid_essence_element_key) ||
@@ -3983,7 +3983,7 @@ static int mxf_read_packet(AVFormatContext *s, AVPacket *pkt)
             pos = klv.next_klv - klv.length;
             PRINT_KEY(s, "read packet", klv.key);
             av_log(s, AV_LOG_TRACE, "size %"PRIu64" offset %#"PRIx64"\n", klv.length, klv.offset);
-            if (IS_KLV_KEY(klv.key, mxf_encrypted_triplet_key)) {
+            if (mxf_match_uid(klv.key, mxf_encrypted_triplet_key, sizeof(mxf_encrypted_triplet_key))) {
                 ret = mxf_decrypt_triplet(s, pkt, &klv);
                 if (ret < 0) {
                     av_log(s, AV_LOG_ERROR, "invalid encoded triplet\n");
--
2.25.1



________________________________________
From: ffmpeg-devel <ffmpeg-devel-bounces at ffmpeg.org> on behalf of Pierre-Anthony Lemieux <pal at sandflow.com>
Sent: 30 September 2022 15:31
To: FFmpeg development discussions and patches
Subject: Re: [FFmpeg-devel] [PATCH] Encrypted SMPTE DC MXF - additional UL needed to unpack EKLV packet

[ CAUTION ]

This email originated outside Deluxe.



On Fri, Sep 30, 2022 at 7:08 AM Richard Ayres
<Richard.Ayres at bydeluxe.com> wrote:
>
> We had an issue where ffmpeg was unable to unpack the EKLV of an encrypted 3D SMPTE DC MXF.
>
> The patch adds the SMPTE UL for EKLV packets (060e2b34.02040101.0d010301.027e0100), to mxfdec.c in order to unpack an EKLV packet found within an Encrypted SMPTE Digital Cinema MXF.
>
> Signed-off-by: Richard Ayres <richard.ayres at bydeluxe.com>
> ---
>  libavformat/mxfdec.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/libavformat/mxfdec.c b/libavformat/mxfdec.c
> index badd2be224..ebd64b1c68 100644
> --- a/libavformat/mxfdec.c
> +++ b/libavformat/mxfdec.c
> @@ -343,6 +343,7 @@ static const uint8_t mxf_apple_coll_prefix[]               = { 0x06,0x0e,0x2b,0x
>  /* complete keys to match */
>  static const uint8_t mxf_crypto_source_container_ul[]      = { 0x06,0x0e,0x2b,0x34,0x01,0x01,0x01,0x09,0x06,0x01,0x01,0x02,0x02,0x00,0x00,0x00 };
>  static const uint8_t mxf_encrypted_triplet_key[]           = { 0x06,0x0e,0x2b,0x34,0x02,0x04,0x01,0x07,0x0d,0x01,0x03,0x01,0x02,0x7e,0x01,0x00 };
> +static const uint8_t mxf_encrypted_triplet_smpte_key[]     = { 0x06,0x0e,0x2b,0x34,0x02,0x04,0x01,0x01,0x0d,0x01,0x03,0x01,0x02,0x7e,0x01,0x00 };
>  static const uint8_t mxf_encrypted_essence_container[]     = { 0x06,0x0e,0x2b,0x34,0x04,0x01,0x01,0x07,0x0d,0x01,0x03,0x01,0x02,0x0b,0x01,0x00 };
>  static const uint8_t mxf_sony_mpeg4_extradata[]            = { 0x06,0x0e,0x2b,0x34,0x04,0x01,0x01,0x01,0x0e,0x06,0x06,0x02,0x02,0x01,0x00,0x00 };
>  static const uint8_t mxf_ffv1_extradata[]                  = { 0x06,0x0e,0x2b,0x34,0x01,0x01,0x01,0x0e,0x04,0x01,0x06,0x0c,0x01,0x00,0x00,0x00 }; // FFV1InitializationMetadata
> @@ -3738,6 +3739,7 @@ static int mxf_read_header(AVFormatContext *s)
>          PRINT_KEY(s, "read header", klv.key);
>          av_log(s, AV_LOG_TRACE, "size %"PRIu64" offset %#"PRIx64"\n", klv.length, klv.offset);
>          if (IS_KLV_KEY(klv.key, mxf_encrypted_triplet_key) ||
> +            IS_KLV_KEY(klv.key, mxf_encrypted_triplet_smpte_key) ||

Calling one UL "mxf_encrypted_triplet_key" and the other
"mxf_encrypted_triplet_smpte_key" is misleading IMHO.

The only difference is the version byte, which should be ignored in
most, if not all, SMPTE UL comparisons.

I would instead use mxf_match_uid(), which ignores the version byte,
to compare the UL keys.


>              IS_KLV_KEY(klv.key, mxf_essence_element_key) ||
>              IS_KLV_KEY(klv.key, mxf_canopus_essence_element_key) ||
>              IS_KLV_KEY(klv.key, mxf_avid_essence_element_key) ||
> @@ -3983,7 +3985,8 @@ static int mxf_read_packet(AVFormatContext *s, AVPacket *pkt)
>              pos = klv.next_klv - klv.length;
>              PRINT_KEY(s, "read packet", klv.key);
>              av_log(s, AV_LOG_TRACE, "size %"PRIu64" offset %#"PRIx64"\n", klv.length, klv.offset);
> -            if (IS_KLV_KEY(klv.key, mxf_encrypted_triplet_key)) {
> +            if (IS_KLV_KEY(klv.key, mxf_encrypted_triplet_key) ||
> +                IS_KLV_KEY(klv.key, mxf_encrypted_triplet_smpte_key)) {
>                  ret = mxf_decrypt_triplet(s, pkt, &klv);
>                  if (ret < 0) {
>                      av_log(s, AV_LOG_ERROR, "invalid encoded triplet\n");
> --
> 2.25.1
>
> This e-mail and any attachments are intended only for use by the addressee(s) named herein and may contain confidential information. If you are not the intended recipient of this e-mail, you are hereby notified any dissemination, distribution or copying of this email and any attachments is strictly prohibited. If you receive this email in error, please immediately notify the sender by return email and permanently delete the original, any copy and any printout thereof. The integrity and security of e-mail cannot be guaranteed.
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> https://checkpoint.url-protection.com/v1/url?o=https%3A//ffmpeg.org/mailman/listinfo/ffmpeg-devel&g=YzBmMjViNTMzYjVlYTY5NA==&h=YjFjZDM2YmU5YzFlZTA1OGU3MjdhZmJkOTlhZDlkZWE3ZGJkMjYwMmQyMDIwNDMzZmMyZjZhNmZiNjRkNmM1MQ==&p=YzJ1OmRlbHV4ZW1lZGlhaW5jOmM6bzowZDZlMTllOGM5ZTZjNzU1MzFjYThhYTVmZWRiMWVjMzp2MTpwOlQ=
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel at ffmpeg.org
https://checkpoint.url-protection.com/v1/url?o=https%3A//ffmpeg.org/mailman/listinfo/ffmpeg-devel&g=NWZhZDUxMjBlZGM5ZWMwZQ==&h=MDhlOGJlNDFjN2JjYTE1MGM0YTg1NWE1ODY4ZTAyNDY0YmU2MDc1ZWQ4NTE2Njk1MjQxMDIxMjQwNzFlNThmZQ==&p=YzJ1OmRlbHV4ZW1lZGlhaW5jOmM6bzowZDZlMTllOGM5ZTZjNzU1MzFjYThhYTVmZWRiMWVjMzp2MTpwOlQ=

To unsubscribe, visit link above, or email
ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".


[ CAUTION ]

DO NOT open attachments or click links from unknown senders. Only respond if you can validate the senders legitimacy.


This e-mail and any attachments are intended only for use by the addressee(s) named herein and may contain confidential information. If you are not the intended recipient of this e-mail, you are hereby notified any dissemination, distribution or copying of this email and any attachments is strictly prohibited. If you receive this email in error, please immediately notify the sender by return email and permanently delete the original, any copy and any printout thereof. The integrity and security of e-mail cannot be guaranteed.

More information about the ffmpeg-devel mailing list