FFmpeg
hls_sample_encryption.c
Go to the documentation of this file.
1 /*
2  * Apple HTTP Live Streaming Sample Encryption/Decryption
3  *
4  * Copyright (c) 2021 Nachiket Tarate
5  *
6  * This file is part of FFmpeg.
7  *
8  * FFmpeg is free software; you can redistribute it and/or
9  * modify it under the terms of the GNU Lesser General Public
10  * License as published by the Free Software Foundation; either
11  * version 2.1 of the License, or (at your option) any later version.
12  *
13  * FFmpeg is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16  * Lesser General Public License for more details.
17  *
18  * You should have received a copy of the GNU Lesser General Public
19  * License along with FFmpeg; if not, write to the Free Software
20  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21  */
22 
23 /**
24  * @file
25  * Apple HTTP Live Streaming Sample Encryption
26  * https://developer.apple.com/library/ios/documentation/AudioVideo/Conceptual/HLS_Sample_Encryption
27  */
28 
29 #include "libavutil/aes.h"
31 
32 #include "hls_sample_encryption.h"
33 
34 #include "libavcodec/adts_header.h"
35 #include "libavcodec/adts_parser.h"
36 #include "libavcodec/ac3tab.h"
38 
39 
40 typedef struct NALUnit {
41  uint8_t *data;
42  int type;
43  int length;
45 } NALUnit;
46 
47 typedef struct AudioFrame {
48  uint8_t *data;
49  int length;
51 } AudioFrame;
52 
53 typedef struct CodecParserContext {
54  const uint8_t *buf_ptr;
55  const uint8_t *buf_end;
57 
58 static const int eac3_sample_rate_tab[] = { 48000, 44100, 32000, 0 };
59 
61 {
62  if (size < 8)
63  return;
64 
65  info->codec_tag = AV_RL32(buf);
66 
67  if (info->codec_tag == MKTAG('z','a','a','c'))
68  info->codec_id = AV_CODEC_ID_AAC;
69  else if (info->codec_tag == MKTAG('z','a','c','3'))
70  info->codec_id = AV_CODEC_ID_AC3;
71  else if (info->codec_tag == MKTAG('z','e','c','3'))
72  info->codec_id = AV_CODEC_ID_EAC3;
73  else
74  info->codec_id = AV_CODEC_ID_NONE;
75 
76  buf += 4;
77  info->priming = AV_RL16(buf);
78  buf += 2;
79  info->version = *buf++;
80  info->setup_data_length = *buf++;
81 
82  if (info->setup_data_length > size - 8)
83  info->setup_data_length = size - 8;
84 
85  if (info->setup_data_length > HLS_MAX_AUDIO_SETUP_DATA_LEN)
86  return;
87 
88  memcpy(info->setup_data, buf, info->setup_data_length);
89 }
90 
92 {
93  int ret = 0;
94 
95  st->codecpar->codec_tag = info->codec_tag;
96 
97  if (st->codecpar->codec_id == AV_CODEC_ID_AAC)
98  return 0;
99 
101  return AVERROR_INVALIDDATA;
102 
103  if (st->codecpar->codec_id == AV_CODEC_ID_AC3) {
104  AC3HeaderInfo *ac3hdr = NULL;
105 
106  ret = avpriv_ac3_parse_header(&ac3hdr, info->setup_data, info->setup_data_length);
107  if (ret < 0) {
108  if (ret != AVERROR(ENOMEM))
109  av_free(ac3hdr);
110  return ret;
111  }
112 
113  st->codecpar->sample_rate = ac3hdr->sample_rate;
116  st->codecpar->bit_rate = ac3hdr->bit_rate;
117 
118  av_free(ac3hdr);
119  } else { /* Parse 'dec3' EC3SpecificBox */
120  GetBitContext gb;
121  uint64_t mask;
122  int data_rate, fscod, acmod, lfeon;
123 
124  ret = init_get_bits8(&gb, info->setup_data, info->setup_data_length);
125  if (ret < 0)
126  return AVERROR_INVALIDDATA;
127 
128  data_rate = get_bits(&gb, 13);
129  skip_bits(&gb, 3);
130  fscod = get_bits(&gb, 2);
131  skip_bits(&gb, 10);
132  acmod = get_bits(&gb, 3);
133  lfeon = get_bits(&gb, 1);
134 
136 
138  if (lfeon)
140 
143 
144  st->codecpar->bit_rate = data_rate*1000;
145  }
146 
147  return 0;
148 }
149 
150 /*
151  * Remove start code emulation prevention 0x03 bytes
152  */
153 static void remove_scep_3_bytes(NALUnit *nalu)
154 {
155  int i = 0;
156  int j = 0;
157 
158  uint8_t *data = nalu->data;
159 
160  while (i < nalu->length) {
161  if (nalu->length - i > 3 && AV_RB24(&data[i]) == 0x000003) {
162  data[j++] = data[i++];
163  data[j++] = data[i++];
164  i++;
165  } else {
166  data[j++] = data[i++];
167  }
168  }
169 
170  nalu->length = j;
171 }
172 
174 {
175  const uint8_t *nalu_start = ctx->buf_ptr;
176 
177  if (ctx->buf_end - ctx->buf_ptr >= 4 && AV_RB32(ctx->buf_ptr) == 0x00000001)
178  nalu->start_code_length = 4;
179  else if (ctx->buf_end - ctx->buf_ptr >= 3 && AV_RB24(ctx->buf_ptr) == 0x000001)
180  nalu->start_code_length = 3;
181  else /* No start code at the beginning of the NAL unit */
182  return -1;
183 
184  ctx->buf_ptr += nalu->start_code_length;
185 
186  while (ctx->buf_ptr < ctx->buf_end) {
187  if (ctx->buf_end - ctx->buf_ptr >= 4 && AV_RB32(ctx->buf_ptr) == 0x00000001)
188  break;
189  else if (ctx->buf_end - ctx->buf_ptr >= 3 && AV_RB24(ctx->buf_ptr) == 0x000001)
190  break;
191  ctx->buf_ptr++;
192  }
193 
194  nalu->data = (uint8_t *)nalu_start + nalu->start_code_length;
195  nalu->length = ctx->buf_ptr - nalu->data;
196  nalu->type = *nalu->data & 0x1F;
197 
198  return 0;
199 }
200 
201 static int decrypt_nal_unit(HLSCryptoContext *crypto_ctx, NALUnit *nalu)
202 {
203  int ret = 0;
204  int rem_bytes;
205  uint8_t *data;
206  uint8_t iv[16];
207 
208  ret = av_aes_init(crypto_ctx->aes_ctx, crypto_ctx->key, 16 * 8, 1);
209  if (ret < 0)
210  return ret;
211 
212  /* Remove start code emulation prevention 0x03 bytes */
213  remove_scep_3_bytes(nalu);
214 
215  data = nalu->data + 32;
216  rem_bytes = nalu->length - 32;
217 
218  memcpy(iv, crypto_ctx->iv, 16);
219 
220  while (rem_bytes > 0) {
221  if (rem_bytes > 16) {
222  av_aes_crypt(crypto_ctx->aes_ctx, data, data, 1, iv, 1);
223  data += 16;
224  rem_bytes -= 16;
225  }
226  data += FFMIN(144, rem_bytes);
227  rem_bytes -= FFMIN(144, rem_bytes);
228  }
229 
230  return 0;
231 }
232 
234 {
235  int ret = 0;
237  NALUnit nalu;
238  uint8_t *data_ptr;
239  int move_nalu = 0;
240 
241  memset(&ctx, 0, sizeof(ctx));
242  ctx.buf_ptr = pkt->data;
243  ctx.buf_end = pkt->data + pkt->size;
244 
245  data_ptr = pkt->data;
246 
247  while (ctx.buf_ptr < ctx.buf_end) {
248  memset(&nalu, 0, sizeof(nalu));
249  ret = get_next_nal_unit(&ctx, &nalu);
250  if (ret < 0)
251  return ret;
252  if ((nalu.type == 0x01 || nalu.type == 0x05) && nalu.length > 48) {
253  int encrypted_nalu_length = nalu.length;
254  ret = decrypt_nal_unit(crypto_ctx, &nalu);
255  if (ret < 0)
256  return ret;
257  move_nalu = nalu.length != encrypted_nalu_length;
258  }
259  if (move_nalu)
260  memmove(data_ptr, nalu.data - nalu.start_code_length, nalu.start_code_length + nalu.length);
261  data_ptr += nalu.start_code_length + nalu.length;
262  }
263 
264  av_shrink_packet(pkt, data_ptr - pkt->data);
265 
266  return 0;
267 }
268 
270 {
271  int ret = 0;
272 
273  AACADTSHeaderInfo *adts_hdr = NULL;
274 
275  /* Find next sync word 0xFFF */
276  while (ctx->buf_ptr < ctx->buf_end - 1) {
277  if (*ctx->buf_ptr == 0xFF && (*(ctx->buf_ptr + 1) & 0xF0) == 0xF0)
278  break;
279  ctx->buf_ptr++;
280  }
281 
282  if (ctx->buf_ptr >= ctx->buf_end - 1)
283  return -1;
284 
285  frame->data = (uint8_t*)ctx->buf_ptr;
286 
287  ret = avpriv_adts_header_parse (&adts_hdr, frame->data, ctx->buf_end - frame->data);
288  if (ret < 0)
289  return ret;
290 
291  frame->header_length = adts_hdr->crc_absent ? AV_AAC_ADTS_HEADER_SIZE : AV_AAC_ADTS_HEADER_SIZE + 2;
292  frame->length = adts_hdr->frame_length;
293 
294  av_free(adts_hdr);
295 
296  return 0;
297 }
298 
300 {
301  int ret = 0;
302 
303  AC3HeaderInfo *hdr = NULL;
304 
305  /* Find next sync word 0x0B77 */
306  while (ctx->buf_ptr < ctx->buf_end - 1) {
307  if (*ctx->buf_ptr == 0x0B && *(ctx->buf_ptr + 1) == 0x77)
308  break;
309  ctx->buf_ptr++;
310  }
311 
312  if (ctx->buf_ptr >= ctx->buf_end - 1)
313  return -1;
314 
315  frame->data = (uint8_t*)ctx->buf_ptr;
316  frame->header_length = 0;
317 
318  ret = avpriv_ac3_parse_header(&hdr, frame->data, ctx->buf_end - frame->data);
319  if (ret < 0) {
320  if (ret != AVERROR(ENOMEM))
321  av_free(hdr);
322  return ret;
323  }
324 
325  frame->length = hdr->frame_size;
326 
327  av_free(hdr);
328 
329  return 0;
330 }
331 
333 {
334  if (codec_id == AV_CODEC_ID_AAC)
335  return get_next_adts_frame(ctx, frame);
338  else
339  return AVERROR_INVALIDDATA;
340 }
341 
343 {
344  int ret = 0;
345  uint8_t *data;
346  int num_of_encrypted_blocks;
347 
348  ret = av_aes_init(crypto_ctx->aes_ctx, crypto_ctx->key, 16 * 8, 1);
349  if (ret < 0)
350  return ret;
351 
352  data = frame->data + frame->header_length + 16;
353 
354  num_of_encrypted_blocks = (frame->length - frame->header_length - 16)/16;
355 
356  av_aes_crypt(crypto_ctx->aes_ctx, data, data, num_of_encrypted_blocks, crypto_ctx->iv, 1);
357 
358  return 0;
359 }
360 
362 {
363  int ret = 0;
366 
367  memset(&ctx, 0, sizeof(ctx));
368  ctx.buf_ptr = pkt->data;
369  ctx.buf_end = pkt->data + pkt->size;
370 
371  while (ctx.buf_ptr < ctx.buf_end) {
372  memset(&frame, 0, sizeof(frame));
374  if (ret < 0)
375  return ret;
376  if (frame.length - frame.header_length > 31) {
377  ret = decrypt_sync_frame(codec_id, crypto_ctx, &frame);
378  if (ret < 0)
379  return ret;
380  }
381  ctx.buf_ptr += frame.length;
382  }
383 
384  return 0;
385 }
386 
388 {
389  if (codec_id == AV_CODEC_ID_H264)
390  return decrypt_video_frame(crypto_ctx, pkt);
392  return decrypt_audio_frame(codec_id, crypto_ctx, pkt);
393 
394  return AVERROR_INVALIDDATA;
395 }
AudioFrame::data
uint8_t * data
Definition: hls_sample_encryption.c:48
get_next_adts_frame
static int get_next_adts_frame(CodecParserContext *ctx, AudioFrame *frame)
Definition: hls_sample_encryption.c:269
av_aes_init
int av_aes_init(AVAES *a, const uint8_t *key, int key_bits, int decrypt)
Initialize an AVAES context.
Definition: aes.c:199
AV_CODEC_ID_AC3
@ AV_CODEC_ID_AC3
Definition: codec_id.h:432
ff_ac3_channel_layout_tab
const uint16_t ff_ac3_channel_layout_tab[8]
Map audio coding mode (acmod) to channel layout mask.
Definition: ac3_channel_layout_tab.h:31
decrypt_video_frame
static int decrypt_video_frame(HLSCryptoContext *crypto_ctx, AVPacket *pkt)
Definition: hls_sample_encryption.c:233
AVERROR
Filter the word “frame” indicates either a video frame or a group of audio as stored in an AVFrame structure Format for each input and each output the list of supported formats For video that means pixel format For audio that means channel sample they are references to shared objects When the negotiation mechanism computes the intersection of the formats supported at each end of a all references to both lists are replaced with a reference to the intersection And when a single format is eventually chosen for a link amongst the remaining all references to the list are updated That means that if a filter requires that its input and output have the same format amongst a supported all it has to do is use a reference to the same list of formats query_formats can leave some formats unset and return AVERROR(EAGAIN) to cause the negotiation mechanism toagain later. That can be used by filters with complex requirements to use the format negotiated on one link to set the formats supported on another. Frame references ownership and permissions
CodecParserContext::buf_ptr
const uint8_t * buf_ptr
Definition: hls_sample_encryption.c:54
AV_AAC_ADTS_HEADER_SIZE
#define AV_AAC_ADTS_HEADER_SIZE
Definition: adts_parser.h:25
get_next_sync_frame
static int get_next_sync_frame(enum AVCodecID codec_id, CodecParserContext *ctx, AudioFrame *frame)
Definition: hls_sample_encryption.c:332
NALUnit::start_code_length
int start_code_length
Definition: hls_sample_encryption.c:44
AVPacket::data
uint8_t * data
Definition: packet.h:374
data
const char data[16]
Definition: mxf.c:146
AVCodecParameters::codec_tag
uint32_t codec_tag
Additional information about the codec (corresponds to the AVI FOURCC).
Definition: codec_par.h:65
get_next_ac3_eac3_sync_frame
static int get_next_ac3_eac3_sync_frame(CodecParserContext *ctx, AudioFrame *frame)
Definition: hls_sample_encryption.c:299
CodecParserContext::buf_end
const uint8_t * buf_end
Definition: hls_sample_encryption.c:55
skip_bits
static void skip_bits(GetBitContext *s, int n)
Definition: get_bits.h:467
get_bits
static unsigned int get_bits(GetBitContext *s, int n)
Read 1-25 bits.
Definition: get_bits.h:379
eac3_sample_rate_tab
static const int eac3_sample_rate_tab[]
Definition: hls_sample_encryption.c:58
AC3HeaderInfo::channel_layout
uint64_t channel_layout
Definition: ac3_parser_internal.h:62
av_shrink_packet
void av_shrink_packet(AVPacket *pkt, int size)
Reduce packet size, correctly zeroing padding.
Definition: avpacket.c:112
GetBitContext
Definition: get_bits.h:61
AC3HeaderInfo
Definition: ac3_parser_internal.h:34
CodecParserContext
Definition: hls_sample_encryption.c:53
AC3HeaderInfo::frame_size
uint16_t frame_size
Definition: ac3_parser_internal.h:61
ff_hls_senc_read_audio_setup_info
void ff_hls_senc_read_audio_setup_info(HLSAudioSetupInfo *info, const uint8_t *buf, size_t size)
Definition: hls_sample_encryption.c:60
HLSCryptoContext::iv
uint8_t iv[16]
Definition: hls_sample_encryption.h:46
get_next_nal_unit
static int get_next_nal_unit(CodecParserContext *ctx, NALUnit *nalu)
Definition: hls_sample_encryption.c:173
pkt
AVPacket * pkt
Definition: movenc.c:59
init_get_bits8
static int init_get_bits8(GetBitContext *s, const uint8_t *buffer, int byte_size)
Initialize GetBitContext.
Definition: get_bits.h:667
AV_CH_LOW_FREQUENCY
#define AV_CH_LOW_FREQUENCY
Definition: channel_layout.h:161
mask
static const uint16_t mask[17]
Definition: lzw.c:38
HLSCryptoContext::aes_ctx
struct AVAES * aes_ctx
Definition: hls_sample_encryption.h:44
info
MIPS optimizations info
Definition: mips.txt:2
ctx
AVFormatContext * ctx
Definition: movenc.c:48
AV_RL16
uint64_t_TMPL AV_WL64 unsigned int_TMPL AV_WL32 unsigned int_TMPL AV_WL24 unsigned int_TMPL AV_RL16
Definition: bytestream.h:94
AC3HeaderInfo::sample_rate
uint16_t sample_rate
Definition: ac3_parser_internal.h:58
codec_id
enum AVCodecID codec_id
Definition: vaapi_decode.c:374
AV_CODEC_ID_H264
@ AV_CODEC_ID_H264
Definition: codec_id.h:77
AudioFrame::length
int length
Definition: hls_sample_encryption.c:49
AVStream::codecpar
AVCodecParameters * codecpar
Codec parameters associated with this stream.
Definition: avformat.h:1108
aes.h
NULL
#define NULL
Definition: coverity.c:32
decrypt_audio_frame
static int decrypt_audio_frame(enum AVCodecID codec_id, HLSCryptoContext *crypto_ctx, AVPacket *pkt)
Definition: hls_sample_encryption.c:361
av_aes_crypt
void av_aes_crypt(AVAES *a, uint8_t *dst, const uint8_t *src, int count, uint8_t *iv, int decrypt)
Encrypt or decrypt a buffer using a previously initialized context.
Definition: aes.c:167
AACADTSHeaderInfo::frame_length
uint32_t frame_length
Definition: adts_header.h:37
AVCodecParameters::ch_layout
AVChannelLayout ch_layout
Audio only.
Definition: codec_par.h:212
AVCodecParameters::sample_rate
int sample_rate
Audio only.
Definition: codec_par.h:177
av_channel_layout_uninit
void av_channel_layout_uninit(AVChannelLayout *channel_layout)
Free any allocated data in the channel layout and reset the channel count to 0.
Definition: channel_layout.c:630
AVCodecID
AVCodecID
Identify the syntax and semantics of the bitstream.
Definition: codec_id.h:47
AV_CODEC_ID_EAC3
@ AV_CODEC_ID_EAC3
Definition: codec_id.h:469
AV_CODEC_ID_AAC
@ AV_CODEC_ID_AAC
Definition: codec_id.h:431
avpriv_adts_header_parse
int avpriv_adts_header_parse(AACADTSHeaderInfo **phdr, const uint8_t *buf, size_t size)
Parse the ADTS frame header contained in the buffer, which is the first 54 bits.
Definition: adts_parser.c:46
ac3_parser_internal.h
AVPacket::size
int size
Definition: packet.h:375
HLSCryptoContext
Definition: hls_sample_encryption.h:43
size
int size
Definition: twinvq_data.h:10344
AV_RB32
uint64_t_TMPL AV_WL64 unsigned int_TMPL AV_WL32 unsigned int_TMPL AV_WL24 unsigned int_TMPL AV_WL16 uint64_t_TMPL AV_WB64 unsigned int_TMPL AV_RB32
Definition: bytestream.h:96
NALUnit::length
int length
Definition: hls_sample_encryption.c:43
hls_sample_encryption.h
NALUnit::type
int type
Definition: hls_sample_encryption.c:42
ff_hls_senc_decrypt_frame
int ff_hls_senc_decrypt_frame(enum AVCodecID codec_id, HLSCryptoContext *crypto_ctx, AVPacket *pkt)
Definition: hls_sample_encryption.c:387
NALUnit::data
uint8_t * data
Definition: hls_sample_encryption.c:41
AV_CODEC_ID_NONE
@ AV_CODEC_ID_NONE
Definition: codec_id.h:48
i
#define i(width, name, range_min, range_max)
Definition: cbs_h2645.c:269
HLS_MAX_AUDIO_SETUP_DATA_LEN
#define HLS_MAX_AUDIO_SETUP_DATA_LEN
Definition: hls_sample_encryption.h:41
avpriv_ac3_parse_header
int avpriv_ac3_parse_header(AC3HeaderInfo **phdr, const uint8_t *buf, size_t size)
Definition: ac3_parser.c:259
FFMIN
#define FFMIN(a, b)
Definition: macros.h:49
ff_hls_senc_parse_audio_setup_info
int ff_hls_senc_parse_audio_setup_info(AVStream *st, HLSAudioSetupInfo *info)
Definition: hls_sample_encryption.c:91
av_channel_layout_from_mask
FF_ENABLE_DEPRECATION_WARNINGS int av_channel_layout_from_mask(AVChannelLayout *channel_layout, uint64_t mask)
Initialize a native channel layout from a bitmask indicating which channels are present.
Definition: channel_layout.c:389
ret
ret
Definition: filter_design.txt:187
AVStream
Stream structure.
Definition: avformat.h:948
remove_scep_3_bytes
static void remove_scep_3_bytes(NALUnit *nalu)
Definition: hls_sample_encryption.c:153
frame
these buffered frames must be flushed immediately if a new input produces new the filter must not call request_frame to get more It must just process the frame or queue it The task of requesting more frames is left to the filter s request_frame method or the application If a filter has several the filter must be ready for frames arriving randomly on any input any filter with several inputs will most likely require some kind of queuing mechanism It is perfectly acceptable to have a limited queue and to drop frames when the inputs are too unbalanced request_frame For filters that do not use the this method is called when a frame is wanted on an output For a it should directly call filter_frame on the corresponding output For a if there are queued frames already one of these frames should be pushed If the filter should request a frame on one of its repeatedly until at least one frame has been pushed Return or at least make progress towards producing a frame
Definition: filter_design.txt:264
adts_parser.h
AV_RL32
uint64_t_TMPL AV_WL64 unsigned int_TMPL AV_RL32
Definition: bytestream.h:92
AACADTSHeaderInfo::crc_absent
uint8_t crc_absent
Definition: adts_header.h:32
NALUnit
Definition: hls_sample_encryption.c:40
channel_layout.h
decrypt_sync_frame
static int decrypt_sync_frame(enum AVCodecID codec_id, HLSCryptoContext *crypto_ctx, AudioFrame *frame)
Definition: hls_sample_encryption.c:342
decrypt_nal_unit
static int decrypt_nal_unit(HLSCryptoContext *crypto_ctx, NALUnit *nalu)
Definition: hls_sample_encryption.c:201
adts_header.h
av_free
#define av_free(p)
Definition: tableprint_vlc.h:33
AVCodecParameters::codec_id
enum AVCodecID codec_id
Specific type of the encoded data (the codec used).
Definition: codec_par.h:61
AVPacket
This structure stores compressed data.
Definition: packet.h:351
AudioFrame
Definition: audio_frame_queue.h:27
AudioFrame::header_length
int header_length
Definition: hls_sample_encryption.c:50
AVCodecParameters::bit_rate
int64_t bit_rate
The average bitrate of the encoded data (in bits per second).
Definition: codec_par.h:90
AVERROR_INVALIDDATA
#define AVERROR_INVALIDDATA
Invalid data found when processing input.
Definition: error.h:61
MKTAG
#define MKTAG(a, b, c, d)
Definition: macros.h:55
ac3tab.h
HLSAudioSetupInfo
Definition: hls_sample_encryption.h:49
AV_RB24
uint64_t_TMPL AV_WL64 unsigned int_TMPL AV_WL32 unsigned int_TMPL AV_WL24 unsigned int_TMPL AV_WL16 uint64_t_TMPL AV_WB64 unsigned int_TMPL AV_WB32 unsigned int_TMPL AV_RB24
Definition: bytestream.h:97
AC3HeaderInfo::bit_rate
uint32_t bit_rate
Definition: ac3_parser_internal.h:59
AACADTSHeaderInfo
Definition: adts_header.h:28
HLSCryptoContext::key
uint8_t key[16]
Definition: hls_sample_encryption.h:45