FFmpeg
hls_sample_encryption.c
Go to the documentation of this file.
1 /*
2  * Apple HTTP Live Streaming Sample Encryption/Decryption
3  *
4  * Copyright (c) 2021 Nachiket Tarate
5  *
6  * This file is part of FFmpeg.
7  *
8  * FFmpeg is free software; you can redistribute it and/or
9  * modify it under the terms of the GNU Lesser General Public
10  * License as published by the Free Software Foundation; either
11  * version 2.1 of the License, or (at your option) any later version.
12  *
13  * FFmpeg is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16  * Lesser General Public License for more details.
17  *
18  * You should have received a copy of the GNU Lesser General Public
19  * License along with FFmpeg; if not, write to the Free Software
20  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21  */
22 
23 /**
24  * @file
25  * Apple HTTP Live Streaming Sample Encryption
26  * https://developer.apple.com/library/ios/documentation/AudioVideo/Conceptual/HLS_Sample_Encryption
27  */
28 
29 #include "hls_sample_encryption.h"
30 
31 #include "libavcodec/adts_header.h"
32 #include "libavcodec/adts_parser.h"
34 
35 
36 typedef struct NALUnit {
37  uint8_t *data;
38  int type;
39  int length;
41 } NALUnit;
42 
43 typedef struct AudioFrame {
44  uint8_t *data;
45  int length;
47 } AudioFrame;
48 
49 typedef struct CodecParserContext {
50  const uint8_t *buf_ptr;
51  const uint8_t *buf_end;
53 
54 static const int eac3_sample_rate_tab[] = { 48000, 44100, 32000, 0 };
55 
57 {
58  if (size < 8)
59  return;
60 
61  info->codec_tag = AV_RL32(buf);
62 
63  if (info->codec_tag == MKTAG('z','a','a','c'))
64  info->codec_id = AV_CODEC_ID_AAC;
65  else if (info->codec_tag == MKTAG('z','a','c','3'))
66  info->codec_id = AV_CODEC_ID_AC3;
67  else if (info->codec_tag == MKTAG('z','e','c','3'))
68  info->codec_id = AV_CODEC_ID_EAC3;
69  else
70  info->codec_id = AV_CODEC_ID_NONE;
71 
72  buf += 4;
73  info->priming = AV_RL16(buf);
74  buf += 2;
75  info->version = *buf++;
76  info->setup_data_length = *buf++;
77 
78  if (info->setup_data_length > size - 8)
79  info->setup_data_length = size - 8;
80 
81  if (info->setup_data_length > HLS_MAX_AUDIO_SETUP_DATA_LEN)
82  return;
83 
84  memcpy(info->setup_data, buf, info->setup_data_length);
85 }
86 
88 {
89  int ret = 0;
90 
91  st->codecpar->codec_tag = info->codec_tag;
92 
93  if (st->codecpar->codec_id == AV_CODEC_ID_AAC)
94  return 0;
95 
97  return AVERROR_INVALIDDATA;
98 
99  if (st->codecpar->codec_id == AV_CODEC_ID_AC3) {
100  AC3HeaderInfo *ac3hdr = NULL;
101 
102  ret = avpriv_ac3_parse_header(&ac3hdr, info->setup_data, info->setup_data_length);
103  if (ret < 0) {
104  if (ret != AVERROR(ENOMEM))
105  av_free(ac3hdr);
106  return ret;
107  }
108 
109  st->codecpar->sample_rate = ac3hdr->sample_rate;
110  st->codecpar->channels = ac3hdr->channels;
111  st->codecpar->channel_layout = ac3hdr->channel_layout;
112  st->codecpar->bit_rate = ac3hdr->bit_rate;
113 
114  av_free(ac3hdr);
115  } else { /* Parse 'dec3' EC3SpecificBox */
116  GetBitContext gb;
117  int data_rate, fscod, acmod, lfeon;
118 
119  ret = init_get_bits8(&gb, info->setup_data, info->setup_data_length);
120  if (ret < 0)
121  return AVERROR_INVALIDDATA;
122 
123  data_rate = get_bits(&gb, 13);
124  skip_bits(&gb, 3);
125  fscod = get_bits(&gb, 2);
126  skip_bits(&gb, 10);
127  acmod = get_bits(&gb, 3);
128  lfeon = get_bits(&gb, 1);
129 
131 
133  if (lfeon)
135 
137 
138  st->codecpar->bit_rate = data_rate*1000;
139  }
140 
141  return 0;
142 }
143 
144 /*
145  * Remove start code emulation prevention 0x03 bytes
146  */
147 static void remove_scep_3_bytes(NALUnit *nalu)
148 {
149  int i = 0;
150  int j = 0;
151 
152  uint8_t *data = nalu->data;
153 
154  while (i < nalu->length) {
155  if (nalu->length - i > 3 && AV_RB24(&data[i]) == 0x000003) {
156  data[j++] = data[i++];
157  data[j++] = data[i++];
158  i++;
159  } else {
160  data[j++] = data[i++];
161  }
162  }
163 
164  nalu->length = j;
165 }
166 
168 {
169  const uint8_t *nalu_start = ctx->buf_ptr;
170 
171  if (ctx->buf_end - ctx->buf_ptr >= 4 && AV_RB32(ctx->buf_ptr) == 0x00000001)
172  nalu->start_code_length = 4;
173  else if (ctx->buf_end - ctx->buf_ptr >= 3 && AV_RB24(ctx->buf_ptr) == 0x000001)
174  nalu->start_code_length = 3;
175  else /* No start code at the beginning of the NAL unit */
176  return -1;
177 
178  ctx->buf_ptr += nalu->start_code_length;
179 
180  while (ctx->buf_ptr < ctx->buf_end) {
181  if (ctx->buf_end - ctx->buf_ptr >= 4 && AV_RB32(ctx->buf_ptr) == 0x00000001)
182  break;
183  else if (ctx->buf_end - ctx->buf_ptr >= 3 && AV_RB24(ctx->buf_ptr) == 0x000001)
184  break;
185  ctx->buf_ptr++;
186  }
187 
188  nalu->data = (uint8_t *)nalu_start + nalu->start_code_length;
189  nalu->length = ctx->buf_ptr - nalu->data;
190  nalu->type = *nalu->data & 0x1F;
191 
192  return 0;
193 }
194 
195 static int decrypt_nal_unit(HLSCryptoContext *crypto_ctx, NALUnit *nalu)
196 {
197  int ret = 0;
198  int rem_bytes;
199  uint8_t *data;
200  uint8_t iv[16];
201 
202  ret = av_aes_init(crypto_ctx->aes_ctx, crypto_ctx->key, 16 * 8, 1);
203  if (ret < 0)
204  return ret;
205 
206  /* Remove start code emulation prevention 0x03 bytes */
207  remove_scep_3_bytes(nalu);
208 
209  data = nalu->data + 32;
210  rem_bytes = nalu->length - 32;
211 
212  memcpy(iv, crypto_ctx->iv, 16);
213 
214  while (rem_bytes > 0) {
215  if (rem_bytes > 16) {
216  av_aes_crypt(crypto_ctx->aes_ctx, data, data, 1, iv, 1);
217  data += 16;
218  rem_bytes -= 16;
219  }
220  data += FFMIN(144, rem_bytes);
221  rem_bytes -= FFMIN(144, rem_bytes);
222  }
223 
224  return 0;
225 }
226 
228 {
229  int ret = 0;
231  NALUnit nalu;
232  uint8_t *data_ptr;
233  int move_nalu = 0;
234 
235  memset(&ctx, 0, sizeof(ctx));
236  ctx.buf_ptr = pkt->data;
237  ctx.buf_end = pkt->data + pkt->size;
238 
239  data_ptr = pkt->data;
240 
241  while (ctx.buf_ptr < ctx.buf_end) {
242  memset(&nalu, 0, sizeof(nalu));
243  ret = get_next_nal_unit(&ctx, &nalu);
244  if (ret < 0)
245  return ret;
246  if ((nalu.type == 0x01 || nalu.type == 0x05) && nalu.length > 48) {
247  int encrypted_nalu_length = nalu.length;
248  ret = decrypt_nal_unit(crypto_ctx, &nalu);
249  if (ret < 0)
250  return ret;
251  move_nalu = nalu.length != encrypted_nalu_length;
252  }
253  if (move_nalu)
254  memmove(data_ptr, nalu.data - nalu.start_code_length, nalu.start_code_length + nalu.length);
255  data_ptr += nalu.start_code_length + nalu.length;
256  }
257 
258  av_shrink_packet(pkt, data_ptr - pkt->data);
259 
260  return 0;
261 }
262 
264 {
265  int ret = 0;
266 
267  AACADTSHeaderInfo *adts_hdr = NULL;
268 
269  /* Find next sync word 0xFFF */
270  while (ctx->buf_ptr < ctx->buf_end - 1) {
271  if (*ctx->buf_ptr == 0xFF && (*(ctx->buf_ptr + 1) & 0xF0) == 0xF0)
272  break;
273  ctx->buf_ptr++;
274  }
275 
276  if (ctx->buf_ptr >= ctx->buf_end - 1)
277  return -1;
278 
279  frame->data = (uint8_t*)ctx->buf_ptr;
280 
281  ret = avpriv_adts_header_parse (&adts_hdr, frame->data, ctx->buf_end - frame->data);
282  if (ret < 0)
283  return ret;
284 
285  frame->header_length = adts_hdr->crc_absent ? AV_AAC_ADTS_HEADER_SIZE : AV_AAC_ADTS_HEADER_SIZE + 2;
286  frame->length = adts_hdr->frame_length;
287 
288  av_free(adts_hdr);
289 
290  return 0;
291 }
292 
294 {
295  int ret = 0;
296 
297  AC3HeaderInfo *hdr = NULL;
298 
299  /* Find next sync word 0x0B77 */
300  while (ctx->buf_ptr < ctx->buf_end - 1) {
301  if (*ctx->buf_ptr == 0x0B && *(ctx->buf_ptr + 1) == 0x77)
302  break;
303  ctx->buf_ptr++;
304  }
305 
306  if (ctx->buf_ptr >= ctx->buf_end - 1)
307  return -1;
308 
309  frame->data = (uint8_t*)ctx->buf_ptr;
310  frame->header_length = 0;
311 
312  ret = avpriv_ac3_parse_header(&hdr, frame->data, ctx->buf_end - frame->data);
313  if (ret < 0) {
314  if (ret != AVERROR(ENOMEM))
315  av_free(hdr);
316  return ret;
317  }
318 
319  frame->length = hdr->frame_size;
320 
321  av_free(hdr);
322 
323  return 0;
324 }
325 
327 {
328  if (codec_id == AV_CODEC_ID_AAC)
329  return get_next_adts_frame(ctx, frame);
332  else
333  return AVERROR_INVALIDDATA;
334 }
335 
337 {
338  int ret = 0;
339  uint8_t *data;
340  int num_of_encrypted_blocks;
341 
342  ret = av_aes_init(crypto_ctx->aes_ctx, crypto_ctx->key, 16 * 8, 1);
343  if (ret < 0)
344  return ret;
345 
346  data = frame->data + frame->header_length + 16;
347 
348  num_of_encrypted_blocks = (frame->length - frame->header_length - 16)/16;
349 
350  av_aes_crypt(crypto_ctx->aes_ctx, data, data, num_of_encrypted_blocks, crypto_ctx->iv, 1);
351 
352  return 0;
353 }
354 
356 {
357  int ret = 0;
360 
361  memset(&ctx, 0, sizeof(ctx));
362  ctx.buf_ptr = pkt->data;
363  ctx.buf_end = pkt->data + pkt->size;
364 
365  while (ctx.buf_ptr < ctx.buf_end) {
366  memset(&frame, 0, sizeof(frame));
368  if (ret < 0)
369  return ret;
370  if (frame.length - frame.header_length > 31) {
371  ret = decrypt_sync_frame(codec_id, crypto_ctx, &frame);
372  if (ret < 0)
373  return ret;
374  }
375  ctx.buf_ptr += frame.length;
376  }
377 
378  return 0;
379 }
380 
382 {
383  if (codec_id == AV_CODEC_ID_H264)
384  return decrypt_video_frame(crypto_ctx, pkt);
386  return decrypt_audio_frame(codec_id, crypto_ctx, pkt);
387 
388  return AVERROR_INVALIDDATA;
389 }
AudioFrame::data
uint8_t * data
Definition: hls_sample_encryption.c:44
get_next_adts_frame
static int get_next_adts_frame(CodecParserContext *ctx, AudioFrame *frame)
Definition: hls_sample_encryption.c:263
av_aes_init
int av_aes_init(AVAES *a, const uint8_t *key, int key_bits, int decrypt)
Initialize an AVAES context.
Definition: aes.c:195
AV_CODEC_ID_AC3
@ AV_CODEC_ID_AC3
Definition: codec_id.h:426
decrypt_video_frame
static int decrypt_video_frame(HLSCryptoContext *crypto_ctx, AVPacket *pkt)
Definition: hls_sample_encryption.c:227
AVERROR
Filter the word “frame” indicates either a video frame or a group of audio as stored in an AVFrame structure Format for each input and each output the list of supported formats For video that means pixel format For audio that means channel sample they are references to shared objects When the negotiation mechanism computes the intersection of the formats supported at each end of a all references to both lists are replaced with a reference to the intersection And when a single format is eventually chosen for a link amongst the remaining all references to the list are updated That means that if a filter requires that its input and output have the same format amongst a supported all it has to do is use a reference to the same list of formats query_formats can leave some formats unset and return AVERROR(EAGAIN) to cause the negotiation mechanism toagain later. That can be used by filters with complex requirements to use the format negotiated on one link to set the formats supported on another. Frame references ownership and permissions
CodecParserContext::buf_ptr
const uint8_t * buf_ptr
Definition: hls_sample_encryption.c:50
AV_AAC_ADTS_HEADER_SIZE
#define AV_AAC_ADTS_HEADER_SIZE
Definition: adts_parser.h:25
get_next_sync_frame
static int get_next_sync_frame(enum AVCodecID codec_id, CodecParserContext *ctx, AudioFrame *frame)
Definition: hls_sample_encryption.c:326
NALUnit::start_code_length
int start_code_length
Definition: hls_sample_encryption.c:40
AVPacket::data
uint8_t * data
Definition: packet.h:373
data
const char data[16]
Definition: mxf.c:143
AVCodecParameters::codec_tag
uint32_t codec_tag
Additional information about the codec (corresponds to the AVI FOURCC).
Definition: codec_par.h:64
get_next_ac3_eac3_sync_frame
static int get_next_ac3_eac3_sync_frame(CodecParserContext *ctx, AudioFrame *frame)
Definition: hls_sample_encryption.c:293
CodecParserContext::buf_end
const uint8_t * buf_end
Definition: hls_sample_encryption.c:51
skip_bits
static void skip_bits(GetBitContext *s, int n)
Definition: get_bits.h:468
get_bits
static unsigned int get_bits(GetBitContext *s, int n)
Read 1-25 bits.
Definition: get_bits.h:380
AVCodecParameters::channels
int channels
Audio only.
Definition: codec_par.h:166
eac3_sample_rate_tab
static const int eac3_sample_rate_tab[]
Definition: hls_sample_encryption.c:54
AC3HeaderInfo::channel_layout
uint64_t channel_layout
Definition: ac3.h:205
av_shrink_packet
void av_shrink_packet(AVPacket *pkt, int size)
Reduce packet size, correctly zeroing padding.
Definition: avpacket.c:114
GetBitContext
Definition: get_bits.h:62
AC3HeaderInfo
Definition: ac3.h:177
CodecParserContext
Definition: hls_sample_encryption.c:49
AC3HeaderInfo::frame_size
uint16_t frame_size
Definition: ac3.h:204
ff_hls_senc_read_audio_setup_info
void ff_hls_senc_read_audio_setup_info(HLSAudioSetupInfo *info, const uint8_t *buf, size_t size)
Definition: hls_sample_encryption.c:56
HLSCryptoContext::iv
uint8_t iv[16]
Definition: hls_sample_encryption.h:45
get_next_nal_unit
static int get_next_nal_unit(CodecParserContext *ctx, NALUnit *nalu)
Definition: hls_sample_encryption.c:167
pkt
AVPacket * pkt
Definition: movenc.c:59
init_get_bits8
static int init_get_bits8(GetBitContext *s, const uint8_t *buffer, int byte_size)
Initialize GetBitContext.
Definition: get_bits.h:678
AV_CH_LOW_FREQUENCY
#define AV_CH_LOW_FREQUENCY
Definition: channel_layout.h:52
HLSCryptoContext::aes_ctx
struct AVAES * aes_ctx
Definition: hls_sample_encryption.h:43
info
MIPS optimizations info
Definition: mips.txt:2
ctx
AVFormatContext * ctx
Definition: movenc.c:48
AV_RL16
uint64_t_TMPL AV_WL64 unsigned int_TMPL AV_WL32 unsigned int_TMPL AV_WL24 unsigned int_TMPL AV_RL16
Definition: bytestream.h:94
AC3HeaderInfo::sample_rate
uint16_t sample_rate
Definition: ac3.h:201
codec_id
enum AVCodecID codec_id
Definition: vaapi_decode.c:369
AV_CODEC_ID_H264
@ AV_CODEC_ID_H264
Definition: codec_id.h:77
AudioFrame::length
int length
Definition: hls_sample_encryption.c:45
AVStream::codecpar
AVCodecParameters * codecpar
Codec parameters associated with this stream.
Definition: avformat.h:1088
NULL
#define NULL
Definition: coverity.c:32
decrypt_audio_frame
static int decrypt_audio_frame(enum AVCodecID codec_id, HLSCryptoContext *crypto_ctx, AVPacket *pkt)
Definition: hls_sample_encryption.c:355
av_aes_crypt
void av_aes_crypt(AVAES *a, uint8_t *dst, const uint8_t *src, int count, uint8_t *iv, int decrypt)
Encrypt or decrypt a buffer using a previously initialized context.
Definition: aes.c:163
AACADTSHeaderInfo::frame_length
uint32_t frame_length
Definition: adts_header.h:37
AVCodecParameters::sample_rate
int sample_rate
Audio only.
Definition: codec_par.h:170
av_get_channel_layout_nb_channels
int av_get_channel_layout_nb_channels(uint64_t channel_layout)
Return the number of channels in the channel layout.
Definition: channel_layout.c:226
AVCodecID
AVCodecID
Identify the syntax and semantics of the bitstream.
Definition: codec_id.h:47
AV_CODEC_ID_EAC3
@ AV_CODEC_ID_EAC3
Definition: codec_id.h:463
AV_CODEC_ID_AAC
@ AV_CODEC_ID_AAC
Definition: codec_id.h:425
avpriv_adts_header_parse
int avpriv_adts_header_parse(AACADTSHeaderInfo **phdr, const uint8_t *buf, size_t size)
Parse the ADTS frame header contained in the buffer, which is the first 54 bits.
Definition: adts_parser.c:46
AC3HeaderInfo::channels
uint8_t channels
Definition: ac3.h:203
ac3_parser_internal.h
AVPacket::size
int size
Definition: packet.h:374
HLSCryptoContext
Definition: hls_sample_encryption.h:42
size
int size
Definition: twinvq_data.h:10344
AV_RB32
uint64_t_TMPL AV_WL64 unsigned int_TMPL AV_WL32 unsigned int_TMPL AV_WL24 unsigned int_TMPL AV_WL16 uint64_t_TMPL AV_WB64 unsigned int_TMPL AV_RB32
Definition: bytestream.h:96
NALUnit::length
int length
Definition: hls_sample_encryption.c:39
hls_sample_encryption.h
NALUnit::type
int type
Definition: hls_sample_encryption.c:38
ff_hls_senc_decrypt_frame
int ff_hls_senc_decrypt_frame(enum AVCodecID codec_id, HLSCryptoContext *crypto_ctx, AVPacket *pkt)
Definition: hls_sample_encryption.c:381
NALUnit::data
uint8_t * data
Definition: hls_sample_encryption.c:37
AV_CODEC_ID_NONE
@ AV_CODEC_ID_NONE
Definition: codec_id.h:48
i
#define i(width, name, range_min, range_max)
Definition: cbs_h2645.c:271
HLS_MAX_AUDIO_SETUP_DATA_LEN
#define HLS_MAX_AUDIO_SETUP_DATA_LEN
Definition: hls_sample_encryption.h:40
avpriv_ac3_channel_layout_tab
const uint16_t avpriv_ac3_channel_layout_tab[8]
Map audio coding mode (acmod) to channel layout mask.
Definition: ac3tab.c:88
avpriv_ac3_parse_header
int avpriv_ac3_parse_header(AC3HeaderInfo **phdr, const uint8_t *buf, size_t size)
Definition: ac3_parser.c:253
FFMIN
#define FFMIN(a, b)
Definition: macros.h:49
ff_hls_senc_parse_audio_setup_info
int ff_hls_senc_parse_audio_setup_info(AVStream *st, HLSAudioSetupInfo *info)
Definition: hls_sample_encryption.c:87
ret
ret
Definition: filter_design.txt:187
AVStream
Stream structure.
Definition: avformat.h:928
remove_scep_3_bytes
static void remove_scep_3_bytes(NALUnit *nalu)
Definition: hls_sample_encryption.c:147
frame
these buffered frames must be flushed immediately if a new input produces new the filter must not call request_frame to get more It must just process the frame or queue it The task of requesting more frames is left to the filter s request_frame method or the application If a filter has several the filter must be ready for frames arriving randomly on any input any filter with several inputs will most likely require some kind of queuing mechanism It is perfectly acceptable to have a limited queue and to drop frames when the inputs are too unbalanced request_frame For filters that do not use the this method is called when a frame is wanted on an output For a it should directly call filter_frame on the corresponding output For a if there are queued frames already one of these frames should be pushed If the filter should request a frame on one of its repeatedly until at least one frame has been pushed Return or at least make progress towards producing a frame
Definition: filter_design.txt:264
adts_parser.h
AV_RL32
uint64_t_TMPL AV_WL64 unsigned int_TMPL AV_RL32
Definition: bytestream.h:92
AACADTSHeaderInfo::crc_absent
uint8_t crc_absent
Definition: adts_header.h:32
NALUnit
Definition: hls_sample_encryption.c:36
decrypt_sync_frame
static int decrypt_sync_frame(enum AVCodecID codec_id, HLSCryptoContext *crypto_ctx, AudioFrame *frame)
Definition: hls_sample_encryption.c:336
decrypt_nal_unit
static int decrypt_nal_unit(HLSCryptoContext *crypto_ctx, NALUnit *nalu)
Definition: hls_sample_encryption.c:195
adts_header.h
av_free
#define av_free(p)
Definition: tableprint_vlc.h:34
AVCodecParameters::codec_id
enum AVCodecID codec_id
Specific type of the encoded data (the codec used).
Definition: codec_par.h:60
AVPacket
This structure stores compressed data.
Definition: packet.h:350
AudioFrame
Definition: audio_frame_queue.h:27
AudioFrame::header_length
int header_length
Definition: hls_sample_encryption.c:46
AVCodecParameters::channel_layout
uint64_t channel_layout
Audio only.
Definition: codec_par.h:162
AVCodecParameters::bit_rate
int64_t bit_rate
The average bitrate of the encoded data (in bits per second).
Definition: codec_par.h:89
AVERROR_INVALIDDATA
#define AVERROR_INVALIDDATA
Invalid data found when processing input.
Definition: error.h:61
MKTAG
#define MKTAG(a, b, c, d)
Definition: macros.h:55
HLSAudioSetupInfo
Definition: hls_sample_encryption.h:48
AV_RB24
uint64_t_TMPL AV_WL64 unsigned int_TMPL AV_WL32 unsigned int_TMPL AV_WL24 unsigned int_TMPL AV_WL16 uint64_t_TMPL AV_WB64 unsigned int_TMPL AV_WB32 unsigned int_TMPL AV_RB24
Definition: bytestream.h:97
AC3HeaderInfo::bit_rate
uint32_t bit_rate
Definition: ac3.h:202
AACADTSHeaderInfo
Definition: adts_header.h:28
HLSCryptoContext::key
uint8_t key[16]
Definition: hls_sample_encryption.h:44