On Tue, Dec 19, 2017 at 3:05 PM, wm4 <nfx...@googlemail.com> wrote:
> On Tue, 19 Dec 2017 14:20:38 -0800
> Jacob Trimble <modmaker-at-google....@ffmpeg.org> wrote:
>
>> > I don't think this is sane. So far, side data could simply be copied
>> > with memcpy, and having pointers to non-static data in side data would
>> > break this completely
>>
>> Then how about storing the data like it is now (the encryption info
>> followed by the subsample array), but not have a pointer? Then there
>> will be several helper methods to get the subsample array from the
>> side-data. For example,
>> av_encryption_info_get_subsamples(AVPacketEncryptionInfo*) or
>> av_encryption_info_get_subsamples(AVPacket*) (since there will only be
>> one instance of it).
>
> I guess that would work? Not particularly fond of the idea anyway. I
> think the functions would probably work on the side data byte array,
> maybe.
I'm not fond of this either, but I can't think of a way to allow a
dynamic number of elements while supporting memcpy and not requiring
the app to "parse" the side-data.
So here is may latest attempt. This has a binary format inside the
side-data that allows memcpy to work, but there is a public struct
that apps will interact with. There are two methods used to convert
between the two so the app doesn't have to. Even though this is a
binary format, it is not actually a wire format since the subsamples
are stored as-is, so they are host byte ordered. Also, as Michael
requested, this uses dynamic sized key ID and IV.
From 38c480a470d7f107945180968a5db237c671f7d0 Mon Sep 17 00:00:00 2001
From: Jacob Trimble <modma...@google.com>
Date: Tue, 5 Dec 2017 14:52:22 -0800
Subject: [PATCH] avcodec/avcodec.h: Add encryption info side data.
This new side-data will contain info on how a packet is encrypted.
This allows the app to handle packet decryption.
Signed-off-by: Jacob Trimble <modma...@google.com>
---
libavcodec/Makefile | 2 +
libavcodec/avcodec.h | 13 ++++++
libavcodec/encryption_info.c | 70 +++++++++++++++++++++++++++++
libavcodec/encryption_info.h | 105 +++++++++++++++++++++++++++++++++++++++++++
4 files changed, 190 insertions(+)
create mode 100644 libavcodec/encryption_info.c
create mode 100644 libavcodec/encryption_info.h
diff --git a/libavcodec/Makefile b/libavcodec/Makefile
index ab7893f560..11ad642c6c 100644
--- a/libavcodec/Makefile
+++ b/libavcodec/Makefile
@@ -10,6 +10,7 @@ HEADERS = ac3_parser.h \
dirac.h \
dv_profile.h \
dxva2.h \
+ encryption_info.h \
jni.h \
mediacodec.h \
qsv.h \
@@ -36,6 +37,7 @@ OBJS = ac3_parser.o \
dirac.o \
dv_profile.o \
encode.o \
+ encryption_info.o \
imgconvert.o \
jni.o \
mathtables.o \
diff --git a/libavcodec/avcodec.h b/libavcodec/avcodec.h
index 5db6a81320..7a5bba2687 100644
--- a/libavcodec/avcodec.h
+++ b/libavcodec/avcodec.h
@@ -1327,6 +1327,19 @@ enum AVPacketSideDataType {
*/
AV_PKT_DATA_A53_CC,
+ /**
+ * This side data is encryption "initialization data".
+ * For MP4 this is the entire 'pssh' box.
+ * For WebM this is the key ID.
+ */
+ AV_PKT_DATA_ENCRYPTION_INIT_DATA,
+
+ /**
+ * This side data contains encryption info for how to decrypt the packet.
+ * Use av_encryption_info_get to get the info out of this side data.
+ */
+ AV_PKT_DATA_ENCRYPTION_INFO,
+
/**
* The number of side data types.
* This is not part of the public API/ABI in the sense that it may
diff --git a/libavcodec/encryption_info.c b/libavcodec/encryption_info.c
new file mode 100644
index 0000000000..a2c11fe213
--- /dev/null
+++ b/libavcodec/encryption_info.c
@@ -0,0 +1,70 @@
+/**
+ * This file is part of FFmpeg.
+ *
+ * FFmpeg is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * FFmpeg is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with FFmpeg; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#include "encryption_info.h"
+#include "libavutil/avassert.h"
+#include "libavutil/intreadwrite.h"
+
+#define FF_ENCRYPTION_INFO_EXTRA 24
+
+int av_encryption_info_get(const AVPacket* packet, AVEncryptionInfo* info) {
+ uint8_t *buffer;
+
+ buffer = av_packet_get_side_data(packet, AV_PKT_DATA_ENCRYPTION_INFO, NULL);
+ if (!buffer)
+ return 0;
+
+ info->scheme = AV_RB32(buffer);
+ info->crypt_byte_block = AV_RB32(buffer + 4);
+ info->skip_byte_block = AV_RB32(buffer + 8);
+ info->key_id_size = AV_RB32(buffer + 12);
+ info->key_id = buffer + 16;
+ info->iv_size = AV_RB32(info->key_id + info->key_id_size);
+ info->iv = info->key_id + info->key_id_size + 4;
+ info->subsample_count = AV_RB32(info->iv + info->iv_size);
+ info->subsamples = (AVSubsampleEncryptionInfo*)(info->iv + info->iv_size + 4);
+ return 1;
+}
+
+int av_encryption_info_add_side_data(AVPacket* packet, const AVEncryptionInfo* info) {
+ uint8_t *buffer;
+ size_t size;
+
+ size = FF_ENCRYPTION_INFO_EXTRA + info->key_id_size + info->iv_size +
+ (sizeof(AVSubsampleEncryptionInfo) * info->subsample_count);
+ buffer = av_packet_new_side_data(packet, AV_PKT_DATA_ENCRYPTION_INFO, size);
+ if (!buffer)
+ return AVERROR(ENOMEM);
+
+ AV_WB32(buffer, info->scheme);
+ AV_WB32(buffer + 4, info->crypt_byte_block);
+ AV_WB32(buffer + 8, info->skip_byte_block);
+ AV_WB32(buffer + 12, info->key_id_size);
+ buffer += 16;
+ memcpy(buffer, info->key_id, info->key_id_size);
+ buffer += info->key_id_size;
+ AV_WB32(buffer, info->iv_size);
+ buffer += 4;
+ memcpy(buffer, info->iv, info->iv_size);
+ buffer += info->iv_size;
+ AV_WB32(buffer, info->subsample_count);
+ buffer += 4;
+ memcpy(buffer, info->subsamples, info->subsample_count * sizeof(AVSubsampleEncryptionInfo));
+
+ return 0;
+}
diff --git a/libavcodec/encryption_info.h b/libavcodec/encryption_info.h
new file mode 100644
index 0000000000..03052bf551
--- /dev/null
+++ b/libavcodec/encryption_info.h
@@ -0,0 +1,105 @@
+/**
+ * This file is part of FFmpeg.
+ *
+ * FFmpeg is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * FFmpeg is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with FFmpeg; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#ifndef AVUTIL_ENCRYPTION_INFO_H
+#define AVUTIL_ENCRYPTION_INFO_H
+
+#include "avcodec.h"
+
+typedef struct AVSubsampleEncryptionInfo {
+ /** The number of bytes that are clear. */
+ unsigned int bytes_of_clear_data;
+
+ /**
+ * The number of bytes that are protected. If using pattern encryption,
+ * the pattern applies to only the protected bytes; if not using pattern
+ * encryption, all these bytes are encrypted.
+ */
+ unsigned int bytes_of_protected_data;
+} AVSubsampleEncryptionInfo;
+
+/**
+ * This describes encryption info for a packet. This contains frame-specific
+ * info for how to decrypt the packet before passing it to the decoder.
+ *
+ * This struct should be allocated on the stack by the app and filled by
+ * av_encryption_info_get(). The side-data contains a binary format of this
+ * struct.
+ */
+typedef struct AVEncryptionInfo {
+ /** The fourcc encryption scheme. */
+ uint32_t scheme;
+
+ /**
+ * Only used for pattern encryption. This is the number of 16-byte blocks
+ * that are encrypted.
+ */
+ uint32_t crypt_byte_block;
+
+ /**
+ * Only used for pattern encryption. This is the number of 16-byte blocks
+ * that are clear.
+ */
+ uint32_t skip_byte_block;
+
+ /**
+ * The ID of the key used to encrypt the packet. This should always be
+ * 16 bytes long, but may be changed in the future.
+ */
+ uint8_t *key_id;
+ uint32_t key_id_size;
+
+ /**
+ * The initialization vector. This may have been zero-filled to be the
+ * correct block size. This should always be 16 bytes long, but may be
+ * changed in the future.
+ */
+ uint8_t *iv;
+ uint32_t iv_size;
+
+ /**
+ * An array of subsample encryption info specifying how parts of the sample
+ * are encrypted. If there are no subsamples, then the whole sample is
+ * encrypted.
+ */
+ AVSubsampleEncryptionInfo* subsamples;
+ uint32_t subsample_count;
+} AVEncryptionInfo;
+
+/**
+ * Gets the encryption info out of the side data of the given packet and fills
+ * the given object with that info. The pointers in this structure point inside
+ * the side data of this packet; this means they should NOT be freed and are
+ * only valid until the side data is freed.
+ *
+ * @param packet The packet to extract the encryption info out of.
+ * @param info The structure to fill with the encryption info.
+ *
+ * @return 1 if the packet is encrypted and the data was extracted; 0 if not.
+ */
+int av_encryption_info_get(const AVPacket* packet, AVEncryptionInfo* info);
+
+/**
+ * Adds a new side data to the given packet that holds a copy of the given
+ * encryption info.
+ *
+ * @return 0 on success, or a negative error code on error.
+ */
+int av_encryption_info_add_side_data(AVPacket* packet, const AVEncryptionInfo* info);
+
+#endif /* AVUTIL_ENCRYPTION_INFO_H */
--
2.15.1.620.gb9897f4670-goog
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
