FFmpeg
hls_sample_encryption.c
Go to the documentation of this file.
1 /*
2  * Apple HTTP Live Streaming Sample Encryption/Decryption
3  *
4  * Copyright (c) 2021 Nachiket Tarate
5  *
6  * This file is part of FFmpeg.
7  *
8  * FFmpeg is free software; you can redistribute it and/or
9  * modify it under the terms of the GNU Lesser General Public
10  * License as published by the Free Software Foundation; either
11  * version 2.1 of the License, or (at your option) any later version.
12  *
13  * FFmpeg is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16  * Lesser General Public License for more details.
17  *
18  * You should have received a copy of the GNU Lesser General Public
19  * License along with FFmpeg; if not, write to the Free Software
20  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21  */
22 
23 /**
24  * @file
25  * Apple HTTP Live Streaming Sample Encryption
26  * https://developer.apple.com/library/ios/documentation/AudioVideo/Conceptual/HLS_Sample_Encryption
27  */
28 
29 #include "libavutil/aes.h"
31 #include "libavutil/mem.h"
32 
33 #include "hls_sample_encryption.h"
34 
35 #include "libavcodec/adts_header.h"
36 #include "libavcodec/adts_parser.h"
37 #include "libavcodec/ac3tab.h"
39 
40 
41 typedef struct NALUnit {
42  uint8_t *data;
43  int type;
44  int length;
46 } NALUnit;
47 
48 typedef struct AudioFrame {
49  uint8_t *data;
50  int length;
52 } AudioFrame;
53 
54 typedef struct CodecParserContext {
55  const uint8_t *buf_ptr;
56  const uint8_t *buf_end;
58 
59 static const int eac3_sample_rate_tab[] = { 48000, 44100, 32000, 0 };
60 
62 {
63  if (size < 8)
64  return;
65 
66  info->codec_tag = AV_RL32(buf);
67 
68  /* Always keep this list in sync with the one from hls_read_header() */
69  if (info->codec_tag == MKTAG('z','a','a','c'))
70  info->codec_id = AV_CODEC_ID_AAC;
71  else if (info->codec_tag == MKTAG('z','a','c','3'))
72  info->codec_id = AV_CODEC_ID_AC3;
73  else if (info->codec_tag == MKTAG('z','e','c','3'))
74  info->codec_id = AV_CODEC_ID_EAC3;
75  else
76  info->codec_id = AV_CODEC_ID_NONE;
77 
78  buf += 4;
79  info->priming = AV_RL16(buf);
80  buf += 2;
81  info->version = *buf++;
82  info->setup_data_length = *buf++;
83 
84  if (info->setup_data_length > size - 8)
85  info->setup_data_length = size - 8;
86 
87  if (info->setup_data_length > HLS_MAX_AUDIO_SETUP_DATA_LEN)
88  return;
89 
90  memcpy(info->setup_data, buf, info->setup_data_length);
91 }
92 
94 {
95  int ret = 0;
96 
97  st->codecpar->codec_tag = info->codec_tag;
98 
99  if (st->codecpar->codec_id == AV_CODEC_ID_AAC)
100  return 0;
101 
103  return AVERROR_INVALIDDATA;
104 
105  if (st->codecpar->codec_id == AV_CODEC_ID_AC3) {
106  AC3HeaderInfo *ac3hdr = NULL;
107 
108  ret = avpriv_ac3_parse_header(&ac3hdr, info->setup_data, info->setup_data_length);
109  if (ret < 0) {
110  av_free(ac3hdr);
111  return ret;
112  }
113 
114  st->codecpar->sample_rate = ac3hdr->sample_rate;
117  st->codecpar->bit_rate = ac3hdr->bit_rate;
118 
119  av_free(ac3hdr);
120  } else { /* Parse 'dec3' EC3SpecificBox */
121  GetBitContext gb;
122  uint64_t mask;
123  int data_rate, fscod, acmod, lfeon;
124 
125  ret = init_get_bits8(&gb, info->setup_data, info->setup_data_length);
126  if (ret < 0)
127  return AVERROR_INVALIDDATA;
128 
129  data_rate = get_bits(&gb, 13);
130  skip_bits(&gb, 3);
131  fscod = get_bits(&gb, 2);
132  skip_bits(&gb, 10);
133  acmod = get_bits(&gb, 3);
134  lfeon = get_bits(&gb, 1);
135 
137 
139  if (lfeon)
141 
144 
145  st->codecpar->bit_rate = data_rate*1000;
146  }
147 
148  return 0;
149 }
150 
151 /*
152  * Remove start code emulation prevention 0x03 bytes
153  */
154 static void remove_scep_3_bytes(NALUnit *nalu)
155 {
156  int i = 0;
157  int j = 0;
158 
159  uint8_t *data = nalu->data;
160 
161  while (i < nalu->length) {
162  if (nalu->length - i > 3 && AV_RB24(&data[i]) == 0x000003) {
163  data[j++] = data[i++];
164  data[j++] = data[i++];
165  i++;
166  } else {
167  data[j++] = data[i++];
168  }
169  }
170 
171  nalu->length = j;
172 }
173 
175 {
176  const uint8_t *nalu_start = ctx->buf_ptr;
177 
178  if (ctx->buf_end - ctx->buf_ptr >= 4 && AV_RB32(ctx->buf_ptr) == 0x00000001)
179  nalu->start_code_length = 4;
180  else if (ctx->buf_end - ctx->buf_ptr >= 3 && AV_RB24(ctx->buf_ptr) == 0x000001)
181  nalu->start_code_length = 3;
182  else /* No start code at the beginning of the NAL unit */
183  return -1;
184 
185  ctx->buf_ptr += nalu->start_code_length;
186 
187  while (ctx->buf_ptr < ctx->buf_end) {
188  if (ctx->buf_end - ctx->buf_ptr >= 4 && AV_RB32(ctx->buf_ptr) == 0x00000001)
189  break;
190  else if (ctx->buf_end - ctx->buf_ptr >= 3 && AV_RB24(ctx->buf_ptr) == 0x000001)
191  break;
192  ctx->buf_ptr++;
193  }
194 
195  nalu->data = (uint8_t *)nalu_start + nalu->start_code_length;
196  nalu->length = ctx->buf_ptr - nalu->data;
197  nalu->type = *nalu->data & 0x1F;
198 
199  return 0;
200 }
201 
202 static int decrypt_nal_unit(HLSCryptoContext *crypto_ctx, NALUnit *nalu)
203 {
204  int ret = 0;
205  int rem_bytes;
206  uint8_t *data;
207  uint8_t iv[16];
208 
209  ret = av_aes_init(crypto_ctx->aes_ctx, crypto_ctx->key, 16 * 8, 1);
210  if (ret < 0)
211  return ret;
212 
213  /* Remove start code emulation prevention 0x03 bytes */
214  remove_scep_3_bytes(nalu);
215 
216  data = nalu->data + 32;
217  rem_bytes = nalu->length - 32;
218 
219  memcpy(iv, crypto_ctx->iv, 16);
220 
221  while (rem_bytes > 0) {
222  if (rem_bytes > 16) {
223  av_aes_crypt(crypto_ctx->aes_ctx, data, data, 1, iv, 1);
224  data += 16;
225  rem_bytes -= 16;
226  }
227  data += FFMIN(144, rem_bytes);
228  rem_bytes -= FFMIN(144, rem_bytes);
229  }
230 
231  return 0;
232 }
233 
235 {
236  int ret = 0;
238  NALUnit nalu;
239  uint8_t *data_ptr;
240  int move_nalu = 0;
241 
242  memset(&ctx, 0, sizeof(ctx));
243  ctx.buf_ptr = pkt->data;
244  ctx.buf_end = pkt->data + pkt->size;
245 
246  data_ptr = pkt->data;
247 
248  while (ctx.buf_ptr < ctx.buf_end) {
249  memset(&nalu, 0, sizeof(nalu));
250  ret = get_next_nal_unit(&ctx, &nalu);
251  if (ret < 0)
252  return ret;
253  if ((nalu.type == 0x01 || nalu.type == 0x05) && nalu.length > 48) {
254  int encrypted_nalu_length = nalu.length;
255  ret = decrypt_nal_unit(crypto_ctx, &nalu);
256  if (ret < 0)
257  return ret;
258  move_nalu = nalu.length != encrypted_nalu_length;
259  }
260  if (move_nalu)
261  memmove(data_ptr, nalu.data - nalu.start_code_length, nalu.start_code_length + nalu.length);
262  data_ptr += nalu.start_code_length + nalu.length;
263  }
264 
265  av_shrink_packet(pkt, data_ptr - pkt->data);
266 
267  return 0;
268 }
269 
271 {
272  int ret = 0;
273 
274  AACADTSHeaderInfo *adts_hdr = NULL;
275 
276  /* Find next sync word 0xFFF */
277  while (ctx->buf_ptr < ctx->buf_end - 1) {
278  if (*ctx->buf_ptr == 0xFF && (*(ctx->buf_ptr + 1) & 0xF0) == 0xF0)
279  break;
280  ctx->buf_ptr++;
281  }
282 
283  if (ctx->buf_ptr >= ctx->buf_end - 1)
284  return -1;
285 
286  frame->data = (uint8_t*)ctx->buf_ptr;
287 
288  ret = avpriv_adts_header_parse (&adts_hdr, frame->data, ctx->buf_end - frame->data);
289  if (ret < 0)
290  return ret;
291 
292  frame->header_length = adts_hdr->crc_absent ? AV_AAC_ADTS_HEADER_SIZE : AV_AAC_ADTS_HEADER_SIZE + 2;
293  frame->length = adts_hdr->frame_length;
294 
295  av_free(adts_hdr);
296 
297  return 0;
298 }
299 
301 {
302  int ret = 0;
303 
304  AC3HeaderInfo *hdr = NULL;
305 
306  /* Find next sync word 0x0B77 */
307  while (ctx->buf_ptr < ctx->buf_end - 1) {
308  if (*ctx->buf_ptr == 0x0B && *(ctx->buf_ptr + 1) == 0x77)
309  break;
310  ctx->buf_ptr++;
311  }
312 
313  if (ctx->buf_ptr >= ctx->buf_end - 1)
314  return -1;
315 
316  frame->data = (uint8_t*)ctx->buf_ptr;
317  frame->header_length = 0;
318 
319  ret = avpriv_ac3_parse_header(&hdr, frame->data, ctx->buf_end - frame->data);
320  if (ret < 0) {
321  av_free(hdr);
322  return ret;
323  }
324 
325  frame->length = hdr->frame_size;
326 
327  av_free(hdr);
328 
329  return 0;
330 }
331 
333 {
334  if (codec_id == AV_CODEC_ID_AAC)
335  return get_next_adts_frame(ctx, frame);
338  else
339  return AVERROR_INVALIDDATA;
340 }
341 
343 {
344  int ret = 0;
345  uint8_t *data;
346  int num_of_encrypted_blocks;
347 
348  ret = av_aes_init(crypto_ctx->aes_ctx, crypto_ctx->key, 16 * 8, 1);
349  if (ret < 0)
350  return ret;
351 
352  data = frame->data + frame->header_length + 16;
353 
354  num_of_encrypted_blocks = (frame->length - frame->header_length - 16)/16;
355 
356  av_aes_crypt(crypto_ctx->aes_ctx, data, data, num_of_encrypted_blocks, crypto_ctx->iv, 1);
357 
358  return 0;
359 }
360 
362 {
363  int ret = 0;
366 
367  memset(&ctx, 0, sizeof(ctx));
368  ctx.buf_ptr = pkt->data;
369  ctx.buf_end = pkt->data + pkt->size;
370 
371  while (ctx.buf_ptr < ctx.buf_end) {
372  memset(&frame, 0, sizeof(frame));
374  if (ret < 0)
375  return ret;
376  if (frame.length - frame.header_length > 31) {
377  ret = decrypt_sync_frame(codec_id, crypto_ctx, &frame);
378  if (ret < 0)
379  return ret;
380  }
381  ctx.buf_ptr += frame.length;
382  }
383 
384  return 0;
385 }
386 
388 {
389  if (codec_id == AV_CODEC_ID_H264)
390  return decrypt_video_frame(crypto_ctx, pkt);
392  return decrypt_audio_frame(codec_id, crypto_ctx, pkt);
393 
394  return AVERROR_INVALIDDATA;
395 }
AudioFrame::data
uint8_t * data
Definition: hls_sample_encryption.c:49
get_next_adts_frame
static int get_next_adts_frame(CodecParserContext *ctx, AudioFrame *frame)
Definition: hls_sample_encryption.c:270
av_aes_init
int av_aes_init(AVAES *a, const uint8_t *key, int key_bits, int decrypt)
Initialize an AVAES context.
Definition: aes.c:201
AV_CODEC_ID_AC3
@ AV_CODEC_ID_AC3
Definition: codec_id.h:449
ff_ac3_channel_layout_tab
const uint16_t ff_ac3_channel_layout_tab[8]
Map audio coding mode (acmod) to channel layout mask.
Definition: ac3_channel_layout_tab.h:31
decrypt_video_frame
static int decrypt_video_frame(HLSCryptoContext *crypto_ctx, AVPacket *pkt)
Definition: hls_sample_encryption.c:234
CodecParserContext::buf_ptr
const uint8_t * buf_ptr
Definition: hls_sample_encryption.c:55
AV_AAC_ADTS_HEADER_SIZE
#define AV_AAC_ADTS_HEADER_SIZE
Definition: adts_parser.h:25
mask
int mask
Definition: mediacodecdec_common.c:154
get_next_sync_frame
static int get_next_sync_frame(enum AVCodecID codec_id, CodecParserContext *ctx, AudioFrame *frame)
Definition: hls_sample_encryption.c:332
NALUnit::start_code_length
int start_code_length
Definition: hls_sample_encryption.c:45
AVPacket::data
uint8_t * data
Definition: packet.h:539
data
const char data[16]
Definition: mxf.c:149
AVCodecParameters::codec_tag
uint32_t codec_tag
Additional information about the codec (corresponds to the AVI FOURCC).
Definition: codec_par.h:59
get_next_ac3_eac3_sync_frame
static int get_next_ac3_eac3_sync_frame(CodecParserContext *ctx, AudioFrame *frame)
Definition: hls_sample_encryption.c:300
CodecParserContext::buf_end
const uint8_t * buf_end
Definition: hls_sample_encryption.c:56
skip_bits
static void skip_bits(GetBitContext *s, int n)
Definition: get_bits.h:381
get_bits
static unsigned int get_bits(GetBitContext *s, int n)
Read 1-25 bits.
Definition: get_bits.h:335
eac3_sample_rate_tab
static const int eac3_sample_rate_tab[]
Definition: hls_sample_encryption.c:59
AC3HeaderInfo::channel_layout
uint64_t channel_layout
Definition: ac3_parser_internal.h:62
av_shrink_packet
void av_shrink_packet(AVPacket *pkt, int size)
Reduce packet size, correctly zeroing padding.
Definition: packet.c:113
GetBitContext
Definition: get_bits.h:108
AC3HeaderInfo
Definition: ac3_parser_internal.h:34
CodecParserContext
Definition: hls_sample_encryption.c:54
AC3HeaderInfo::frame_size
uint16_t frame_size
Definition: ac3_parser_internal.h:61
ff_hls_senc_read_audio_setup_info
void ff_hls_senc_read_audio_setup_info(HLSAudioSetupInfo *info, const uint8_t *buf, size_t size)
Definition: hls_sample_encryption.c:61
HLSCryptoContext::iv
uint8_t iv[16]
Definition: hls_sample_encryption.h:46
get_next_nal_unit
static int get_next_nal_unit(CodecParserContext *ctx, NALUnit *nalu)
Definition: hls_sample_encryption.c:174
pkt
AVPacket * pkt
Definition: movenc.c:60
init_get_bits8
static int init_get_bits8(GetBitContext *s, const uint8_t *buffer, int byte_size)
Initialize GetBitContext.
Definition: get_bits.h:545
AV_CH_LOW_FREQUENCY
#define AV_CH_LOW_FREQUENCY
Definition: channel_layout.h:175
HLSCryptoContext::aes_ctx
struct AVAES * aes_ctx
Definition: hls_sample_encryption.h:44
av_channel_layout_from_mask
int av_channel_layout_from_mask(AVChannelLayout *channel_layout, uint64_t mask)
Initialize a native channel layout from a bitmask indicating which channels are present.
Definition: channel_layout.c:247
info
MIPS optimizations info
Definition: mips.txt:2
ctx
AVFormatContext * ctx
Definition: movenc.c:49
AV_RL16
uint64_t_TMPL AV_WL64 unsigned int_TMPL AV_WL32 unsigned int_TMPL AV_WL24 unsigned int_TMPL AV_RL16
Definition: bytestream.h:94
AC3HeaderInfo::sample_rate
uint16_t sample_rate
Definition: ac3_parser_internal.h:58
codec_id
enum AVCodecID codec_id
Definition: vaapi_decode.c:410
AV_CODEC_ID_H264
@ AV_CODEC_ID_H264
Definition: codec_id.h:79
AudioFrame::length
int length
Definition: hls_sample_encryption.c:50
AVStream::codecpar
AVCodecParameters * codecpar
Codec parameters associated with this stream.
Definition: avformat.h:771
aes.h
NULL
#define NULL
Definition: coverity.c:32
decrypt_audio_frame
static int decrypt_audio_frame(enum AVCodecID codec_id, HLSCryptoContext *crypto_ctx, AVPacket *pkt)
Definition: hls_sample_encryption.c:361
av_aes_crypt
void av_aes_crypt(AVAES *a, uint8_t *dst, const uint8_t *src, int count, uint8_t *iv, int decrypt)
Encrypt or decrypt a buffer using a previously initialized context.
Definition: aes.c:169
AACADTSHeaderInfo::frame_length
uint32_t frame_length
Definition: adts_header.h:44
AVCodecParameters::ch_layout
AVChannelLayout ch_layout
Audio only.
Definition: codec_par.h:180
AVCodecParameters::sample_rate
int sample_rate
Audio only.
Definition: codec_par.h:184
AVCodecID
AVCodecID
Identify the syntax and semantics of the bitstream.
Definition: codec_id.h:49
AV_CODEC_ID_EAC3
@ AV_CODEC_ID_EAC3
Definition: codec_id.h:486
AV_CODEC_ID_AAC
@ AV_CODEC_ID_AAC
Definition: codec_id.h:448
avpriv_adts_header_parse
int avpriv_adts_header_parse(AACADTSHeaderInfo **phdr, const uint8_t *buf, size_t size)
Parse the ADTS frame header contained in the buffer, which is the first 54 bits.
Definition: adts_parser.c:50
ac3_parser_internal.h
AVPacket::size
int size
Definition: packet.h:540
HLSCryptoContext
Definition: hls_sample_encryption.h:43
size
int size
Definition: twinvq_data.h:10344
AV_RB32
uint64_t_TMPL AV_WL64 unsigned int_TMPL AV_WL32 unsigned int_TMPL AV_WL24 unsigned int_TMPL AV_WL16 uint64_t_TMPL AV_WB64 unsigned int_TMPL AV_RB32
Definition: bytestream.h:96
NALUnit::length
int length
Definition: hls_sample_encryption.c:44
hls_sample_encryption.h
NALUnit::type
int type
Definition: hls_sample_encryption.c:43
ff_hls_senc_decrypt_frame
int ff_hls_senc_decrypt_frame(enum AVCodecID codec_id, HLSCryptoContext *crypto_ctx, AVPacket *pkt)
Definition: hls_sample_encryption.c:387
NALUnit::data
uint8_t * data
Definition: hls_sample_encryption.c:42
AV_CODEC_ID_NONE
@ AV_CODEC_ID_NONE
Definition: codec_id.h:50
i
#define i(width, name, range_min, range_max)
Definition: cbs_h2645.c:256
HLS_MAX_AUDIO_SETUP_DATA_LEN
#define HLS_MAX_AUDIO_SETUP_DATA_LEN
Definition: hls_sample_encryption.h:41
avpriv_ac3_parse_header
int avpriv_ac3_parse_header(AC3HeaderInfo **phdr, const uint8_t *buf, size_t size)
Definition: ac3_parser.c:267
FFMIN
#define FFMIN(a, b)
Definition: macros.h:49
ff_hls_senc_parse_audio_setup_info
int ff_hls_senc_parse_audio_setup_info(AVStream *st, HLSAudioSetupInfo *info)
Definition: hls_sample_encryption.c:93
ret
ret
Definition: filter_design.txt:187
AVStream
Stream structure.
Definition: avformat.h:748
remove_scep_3_bytes
static void remove_scep_3_bytes(NALUnit *nalu)
Definition: hls_sample_encryption.c:154
frame
these buffered frames must be flushed immediately if a new input produces new the filter must not call request_frame to get more It must just process the frame or queue it The task of requesting more frames is left to the filter s request_frame method or the application If a filter has several the filter must be ready for frames arriving randomly on any input any filter with several inputs will most likely require some kind of queuing mechanism It is perfectly acceptable to have a limited queue and to drop frames when the inputs are too unbalanced request_frame For filters that do not use the this method is called when a frame is wanted on an output For a it should directly call filter_frame on the corresponding output For a if there are queued frames already one of these frames should be pushed If the filter should request a frame on one of its repeatedly until at least one frame has been pushed Return or at least make progress towards producing a frame
Definition: filter_design.txt:264
adts_parser.h
AV_RL32
uint64_t_TMPL AV_WL64 unsigned int_TMPL AV_RL32
Definition: bytestream.h:92
AACADTSHeaderInfo::crc_absent
uint8_t crc_absent
Definition: adts_header.h:39
NALUnit
Definition: hls_sample_encryption.c:41
channel_layout.h
av_channel_layout_uninit
void av_channel_layout_uninit(AVChannelLayout *channel_layout)
Free any allocated data in the channel layout and reset the channel count to 0.
Definition: channel_layout.c:437
decrypt_sync_frame
static int decrypt_sync_frame(enum AVCodecID codec_id, HLSCryptoContext *crypto_ctx, AudioFrame *frame)
Definition: hls_sample_encryption.c:342
decrypt_nal_unit
static int decrypt_nal_unit(HLSCryptoContext *crypto_ctx, NALUnit *nalu)
Definition: hls_sample_encryption.c:202
mem.h
adts_header.h
av_free
#define av_free(p)
Definition: tableprint_vlc.h:33
AVCodecParameters::codec_id
enum AVCodecID codec_id
Specific type of the encoded data (the codec used).
Definition: codec_par.h:55
AVPacket
This structure stores compressed data.
Definition: packet.h:516
AudioFrame
Definition: audio_frame_queue.h:27
AudioFrame::header_length
int header_length
Definition: hls_sample_encryption.c:51
AVCodecParameters::bit_rate
int64_t bit_rate
The average bitrate of the encoded data (in bits per second).
Definition: codec_par.h:97
AVERROR_INVALIDDATA
#define AVERROR_INVALIDDATA
Invalid data found when processing input.
Definition: error.h:61
MKTAG
#define MKTAG(a, b, c, d)
Definition: macros.h:55
ac3tab.h
HLSAudioSetupInfo
Definition: hls_sample_encryption.h:49
AV_RB24
uint64_t_TMPL AV_WL64 unsigned int_TMPL AV_WL32 unsigned int_TMPL AV_WL24 unsigned int_TMPL AV_WL16 uint64_t_TMPL AV_WB64 unsigned int_TMPL AV_WB32 unsigned int_TMPL AV_RB24
Definition: bytestream.h:97
AC3HeaderInfo::bit_rate
uint32_t bit_rate
Definition: ac3_parser_internal.h:59
AACADTSHeaderInfo
Definition: adts_header.h:35
HLSCryptoContext::key
uint8_t key[16]
Definition: hls_sample_encryption.h:45