This is an automated email from the git hooks/post-receive script.
Git pushed a commit to branch master
in repository ffmpeg.
The following commit(s) were added to refs/heads/master by this push:
new da9a6d51f5 avformat/mov: add support for multiple decryption keys
da9a6d51f5 is described below
commit da9a6d51f5ba33b7c04f34b7e645ebb591642460
Author: Adrien Guinet <[email protected]>
AuthorDate: Mon Nov 13 09:40:19 2023 +0100
Commit: Kacper Michajłow <[email protected]>
CommitDate: Sat Feb 28 04:01:08 2026 +0100
avformat/mov: add support for multiple decryption keys
This commit introduces new options to support more than one decryption
keys:
* add a decryption_keys option to MOV, that supports a dictionary of
KID=>key (in hex), using AV_OPT_TYPE_DICT
* add the corresponding cenc_decryption_keys option to DASH
Signed-off-by: Kacper Michajłow <[email protected]>
---
doc/demuxers.texi | 12 +++-
libavformat/dashdec.c | 6 +-
libavformat/isom.h | 5 +-
libavformat/mov.c | 80 ++++++++++++++++++----
tests/fate/mov.mak | 12 ++++
.../fate/{mov-3elist => mov-3elist-encrypted-kid} | 0
.../{mov-frag-encrypted => mov-frag-encrypted-kid} | 0
...-only-encrypted => mov-tenc-only-encrypted-kid} | 0
8 files changed, 98 insertions(+), 17 deletions(-)
diff --git a/doc/demuxers.texi b/doc/demuxers.texi
index c1dda7f1eb..a49d3406f6 100644
--- a/doc/demuxers.texi
+++ b/doc/demuxers.texi
@@ -281,7 +281,11 @@ This demuxer accepts the following option:
@table @option
@item cenc_decryption_key
-16-byte key, in hex, to decrypt files encrypted using ISO Common Encryption
(CENC/AES-128 CTR; ISO/IEC 23001-7).
+Default 16-byte key, in hex, to decrypt files encrypted using ISO Common
Encryption (CENC/AES-128 CTR; ISO/IEC 23001-7).
+
+@item cenc_decryption_keys
+Dictionary of 16-byte key ID => 16-byte key, both in hex, to decrypt files
encrypted using ISO Common Encryption
+(CENC/AES-128 CTR; ISO/IEC 23001-7).
@end table
@@ -940,7 +944,11 @@ Fixed key used for handling Audible AAX/AAX+ files. It has
been pre-set so shoul
specify.
@item decryption_key
-16-byte key, in hex, to decrypt files encrypted using ISO Common Encryption
(CENC/AES-128 CTR; ISO/IEC 23001-7).
+Default 16-byte key, in hex, to decrypt files encrypted using ISO Common
Encryption (CENC/AES-128 CTR; ISO/IEC 23001-7).
+
+@item decryption_keys
+Dictionary of 16-byte key ID => 16-byte key, both in hex, to decrypt files
encrypted using ISO Common Encryption
+(CENC/AES-128 CTR; ISO/IEC 23001-7).
@item max_stts_delta
Very high sample deltas written in a trak's stts box may occasionally be
intended but usually they are written in
diff --git a/libavformat/dashdec.c b/libavformat/dashdec.c
index 01957d2b0e..9a2ea78149 100644
--- a/libavformat/dashdec.c
+++ b/libavformat/dashdec.c
@@ -154,6 +154,7 @@ typedef struct DASHContext {
AVDictionary *avio_opts;
int max_url_size;
char *cenc_decryption_key;
+ char *cenc_decryption_keys;
/* Flags for init section*/
int is_init_section_common_video;
@@ -1933,6 +1934,8 @@ static int reopen_demux_for_component(AVFormatContext *s,
struct representation
if (c->cenc_decryption_key)
av_dict_set(&in_fmt_opts, "decryption_key", c->cenc_decryption_key, 0);
+ if (c->cenc_decryption_keys)
+ av_dict_set(&in_fmt_opts, "decryption_keys", c->cenc_decryption_keys,
0);
// provide additional information from mpd if available
ret = avformat_open_input(&pls->ctx, "", in_fmt, &in_fmt_opts);
//pls->init_section->url
@@ -2374,7 +2377,8 @@ static const AVOption dash_options[] = {
OFFSET(allowed_extensions), AV_OPT_TYPE_STRING,
{.str = "aac,m4a,m4s,m4v,mov,mp4,webm,ts"},
INT_MIN, INT_MAX, FLAGS},
- { "cenc_decryption_key", "Media decryption key (hex)",
OFFSET(cenc_decryption_key), AV_OPT_TYPE_STRING, {.str = NULL}, INT_MIN,
INT_MAX, .flags = FLAGS },
+ { "cenc_decryption_key", "Media default decryption key (hex)",
OFFSET(cenc_decryption_key), AV_OPT_TYPE_STRING, {.str = NULL}, INT_MIN,
INT_MAX, .flags = FLAGS },
+ { "cenc_decryption_keys", "Media decryption keys by KID (hex)",
OFFSET(cenc_decryption_keys), AV_OPT_TYPE_STRING, {.str = NULL}, INT_MIN,
INT_MAX, .flags = FLAGS },
{NULL}
};
diff --git a/libavformat/isom.h b/libavformat/isom.h
index 55bc2827b4..d7e138585a 100644
--- a/libavformat/isom.h
+++ b/libavformat/isom.h
@@ -370,8 +370,8 @@ typedef struct MOVContext {
void *audible_iv;
int audible_iv_size;
struct AVAES *aes_decrypt;
- uint8_t *decryption_key;
- int decryption_key_len;
+ uint8_t *decryption_default_key;
+ int decryption_default_key_len;
int enable_drefs;
int32_t movie_display_matrix[3][3]; ///< display matrix from mvhd
int have_read_mfra_size;
@@ -385,6 +385,7 @@ typedef struct MOVContext {
int nb_heif_grid;
int64_t idat_offset;
int interleaved_read;
+ AVDictionary* decryption_keys;
} MOVContext;
int ff_mp4_read_descr_len(AVIOContext *pb);
diff --git a/libavformat/mov.c b/libavformat/mov.c
index bc91102c4d..311aff7d14 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -8131,19 +8131,62 @@ static int mov_read_dfla(MOVContext *c, AVIOContext
*pb, MOVAtom atom)
return 0;
}
+static int get_key_from_kid(uint8_t* out, int len, MOVContext *c,
AVEncryptionInfo *sample) {
+ AVDictionaryEntry *key_entry_hex;
+ char kid_hex[16*2+1];
+
+ if (c->decryption_default_key && c->decryption_default_key_len != len) {
+ av_log(c->fc, AV_LOG_ERROR, "invalid default decryption key length:
got %d, expected %d\n", c->decryption_default_key_len, len);
+ return -1;
+ }
+
+ if (!c->decryption_keys) {
+ av_assert0(c->decryption_default_key);
+ memcpy(out, c->decryption_default_key, len);
+ return 0;
+ }
+
+ if (sample->key_id_size != 16) {
+ av_log(c->fc, AV_LOG_ERROR, "invalid key ID size: got %u, expected
16\n", sample->key_id_size);
+ return -1;
+ }
+
+ ff_data_to_hex(kid_hex, sample->key_id, 16, 1);
+ key_entry_hex = av_dict_get(c->decryption_keys, kid_hex, NULL,
AV_DICT_DONT_STRDUP_KEY|AV_DICT_DONT_STRDUP_VAL);
+ if (!key_entry_hex) {
+ if (!c->decryption_default_key) {
+ av_log(c->fc, AV_LOG_ERROR, "unable to find KID %s\n", kid_hex);
+ return -1;
+ }
+ memcpy(out, c->decryption_default_key, len);
+ return 0;
+ }
+ if (strlen(key_entry_hex->value) != len*2) {
+ return -1;
+ }
+ ff_hex_to_data(out, key_entry_hex->value);
+ return 0;
+}
+
static int cenc_scheme_decrypt(MOVContext *c, MOVStreamContext *sc,
AVEncryptionInfo *sample, uint8_t *input, int size)
{
int i, ret;
int bytes_of_protected_data;
+ uint8_t decryption_key[AES_CTR_KEY_SIZE];
if (!sc->cenc.aes_ctr) {
+ ret = get_key_from_kid(decryption_key, sizeof(decryption_key), c,
sample);
+ if (ret < 0) {
+ return ret;
+ }
+
/* initialize the cipher */
sc->cenc.aes_ctr = av_aes_ctr_alloc();
if (!sc->cenc.aes_ctr) {
return AVERROR(ENOMEM);
}
- ret = av_aes_ctr_init(sc->cenc.aes_ctr, c->decryption_key);
+ ret = av_aes_ctr_init(sc->cenc.aes_ctr, decryption_key);
if (ret < 0) {
return ret;
}
@@ -8189,15 +8232,21 @@ static int cbc1_scheme_decrypt(MOVContext *c,
MOVStreamContext *sc, AVEncryption
int i, ret;
int num_of_encrypted_blocks;
uint8_t iv[16];
+ uint8_t decryption_key[16];
if (!sc->cenc.aes_ctx) {
+ ret = get_key_from_kid(decryption_key, sizeof(decryption_key), c,
sample);
+ if (ret < 0) {
+ return ret;
+ }
+
/* initialize the cipher */
sc->cenc.aes_ctx = av_aes_alloc();
if (!sc->cenc.aes_ctx) {
return AVERROR(ENOMEM);
}
- ret = av_aes_init(sc->cenc.aes_ctx, c->decryption_key, 16 * 8, 1);
+ ret = av_aes_init(sc->cenc.aes_ctx, decryption_key, 16 * 8, 1);
if (ret < 0) {
return ret;
}
@@ -8248,15 +8297,21 @@ static int cens_scheme_decrypt(MOVContext *c,
MOVStreamContext *sc, AVEncryption
{
int i, ret, rem_bytes;
uint8_t *data;
+ uint8_t decryption_key[AES_CTR_KEY_SIZE];
if (!sc->cenc.aes_ctr) {
+ ret = get_key_from_kid(decryption_key, sizeof(decryption_key), c,
sample);
+ if (ret < 0) {
+ return ret;
+ }
+
/* initialize the cipher */
sc->cenc.aes_ctr = av_aes_ctr_alloc();
if (!sc->cenc.aes_ctr) {
return AVERROR(ENOMEM);
}
- ret = av_aes_ctr_init(sc->cenc.aes_ctr, c->decryption_key);
+ ret = av_aes_ctr_init(sc->cenc.aes_ctr, decryption_key);
if (ret < 0) {
return ret;
}
@@ -8314,15 +8369,21 @@ static int cbcs_scheme_decrypt(MOVContext *c,
MOVStreamContext *sc, AVEncryption
int i, ret, rem_bytes;
uint8_t iv[16];
uint8_t *data;
+ uint8_t decryption_key[16];
if (!sc->cenc.aes_ctx) {
+ ret = get_key_from_kid(decryption_key, sizeof(decryption_key), c,
sample);
+ if (ret < 0) {
+ return ret;
+ }
+
/* initialize the cipher */
sc->cenc.aes_ctx = av_aes_alloc();
if (!sc->cenc.aes_ctx) {
return AVERROR(ENOMEM);
}
- ret = av_aes_init(sc->cenc.aes_ctx, c->decryption_key, 16 * 8, 1);
+ ret = av_aes_init(sc->cenc.aes_ctx, decryption_key, 16 * 8, 1);
if (ret < 0) {
return ret;
}
@@ -8469,7 +8530,7 @@ static int cenc_filter(MOVContext *mov, AVStream* st,
MOVStreamContext *sc, AVPa
return AVERROR_INVALIDDATA;
}
- if (mov->decryption_key) {
+ if (mov->decryption_keys || mov->decryption_default_key) {
return cenc_decrypt(mov, sc, encrypted_sample, pkt->data,
pkt->size);
} else {
size_t size;
@@ -10803,12 +10864,6 @@ static int mov_read_header(AVFormatContext *s)
MOVAtom atom = { AV_RL32("root") };
int i;
- if (mov->decryption_key_len != 0 && mov->decryption_key_len !=
AES_CTR_KEY_SIZE) {
- av_log(s, AV_LOG_ERROR, "Invalid decryption key len %d expected %d\n",
- mov->decryption_key_len, AES_CTR_KEY_SIZE);
- return AVERROR(EINVAL);
- }
-
mov->fc = s;
mov->trak_index = -1;
mov->primary_item_id = -1;
@@ -11700,7 +11755,8 @@ static const AVOption mov_options[] = {
"Fixed key used for handling Audible AAX files",
OFFSET(audible_fixed_key),
AV_OPT_TYPE_BINARY, {.str="77214d4b196a87cd520045fd20a51d67"},
.flags = AV_OPT_FLAG_DECODING_PARAM },
- { "decryption_key", "The media decryption key (hex)",
OFFSET(decryption_key), AV_OPT_TYPE_BINARY, .flags = AV_OPT_FLAG_DECODING_PARAM
},
+ { "decryption_key", "The default media decryption key (hex)",
OFFSET(decryption_default_key), AV_OPT_TYPE_BINARY, .flags =
AV_OPT_FLAG_DECODING_PARAM },
+ { "decryption_keys", "The media decryption keys by KID (hex)",
OFFSET(decryption_keys), AV_OPT_TYPE_DICT, .flags = AV_OPT_FLAG_DECODING_PARAM
},
{ "enable_drefs", "Enable external track support.", OFFSET(enable_drefs),
AV_OPT_TYPE_BOOL,
{.i64 = 0}, 0, 1, FLAGS },
{ "max_stts_delta", "treat offsets above this value as invalid",
OFFSET(max_stts_delta), AV_OPT_TYPE_INT, {.i64 = UINT_MAX-48000*10 }, 0,
UINT_MAX, .flags = AV_OPT_FLAG_DECODING_PARAM },
diff --git a/tests/fate/mov.mak b/tests/fate/mov.mak
index c227a46d78..f0253537a5 100644
--- a/tests/fate/mov.mak
+++ b/tests/fate/mov.mak
@@ -8,6 +8,9 @@ FATE_MOV-$(call FRAMEMD5, MOV, H264) += fate-mov-3elist \
fate-mov-3elist-encrypted \
fate-mov-frag-encrypted \
fate-mov-tenc-only-encrypted \
+ fate-mov-3elist-encrypted-kid \
+ fate-mov-frag-encrypted-kid \
+ fate-mov-tenc-only-encrypted-kid \
fate-mov-frag-overlap \
fate-mov-neg-firstpts-discard-frames \
@@ -59,6 +62,15 @@ fate-mov-frag-encrypted: CMD = framemd5 -decryption_key
123456789012345678901234
# Full-sample encryption and constant IV using only tenc atom (no
senc/saio/saiz).
fate-mov-tenc-only-encrypted: CMD = framemd5 -decryption_key
12345678901234567890123456789012 -i
$(TARGET_SAMPLES)/mov/mov-tenc-only-encrypted.mp4
+# Edit list with encryption, using the decryption_keys option.
+fate-mov-3elist-encrypted-kid: CMD = framemd5 -decryption_keys
12345678901234567890123456789012=12345678901234567890123456789012 -i
$(TARGET_SAMPLES)/mov/mov-3elist-encrypted.mov
+
+# Fragmented encryption with senc boxes in movie fragments, using the
decryption_keys option.
+fate-mov-frag-encrypted-kid: CMD = framemd5 -decryption_keys
abba271e8bcf552bbd2e86a434a9a5d9=12345678901234567890123456789012 -i
$(TARGET_SAMPLES)/mov/mov-frag-encrypted.mp4
+
+# Full-sample encryption and constant IV using only tenc atom (no
senc/saio/saiz), using the decryption_keys option.
+fate-mov-tenc-only-encrypted-kid: CMD = framemd5 -decryption_keys
abba271e8bcf552bbd2e86a434a9a5d9=12345678901234567890123456789012 -i
$(TARGET_SAMPLES)/mov/mov-tenc-only-encrypted.mp4
+
# Makes sure that the CTTS is also modified when we fix avindex in mov.c while
parsing edit lists.
fate-mov-elist-starts-ctts-2ndsample: CMD = framemd5 -i
$(TARGET_SAMPLES)/mov/mov-elist-starts-ctts-2ndsample.mov
diff --git a/tests/ref/fate/mov-3elist b/tests/ref/fate/mov-3elist-encrypted-kid
similarity index 100%
copy from tests/ref/fate/mov-3elist
copy to tests/ref/fate/mov-3elist-encrypted-kid
diff --git a/tests/ref/fate/mov-frag-encrypted
b/tests/ref/fate/mov-frag-encrypted-kid
similarity index 100%
copy from tests/ref/fate/mov-frag-encrypted
copy to tests/ref/fate/mov-frag-encrypted-kid
diff --git a/tests/ref/fate/mov-tenc-only-encrypted
b/tests/ref/fate/mov-tenc-only-encrypted-kid
similarity index 100%
copy from tests/ref/fate/mov-tenc-only-encrypted
copy to tests/ref/fate/mov-tenc-only-encrypted-kid
_______________________________________________
ffmpeg-cvslog mailing list -- [email protected]
To unsubscribe send an email to [email protected]
