subject:"\[FFmpeg\-devel\] \[PATCH\] libaf\/hlsenc\: allow dynamic encryption key rotation"

Re: [FFmpeg-devel] [PATCH] libaf/hlsenc: allow dynamic encryption key rotation

2017-08-04 Thread DeHackEd

On 08/04/2017 10:36 PM, Steven Liu wrote:
> 2017-08-05 8:17 GMT+08:00 DeHackEd :
>> Signed-off-by: DHE 
>> ---
>>  doc/muxers.texi  | 7 ++-
>>  libavformat/hlsenc.c | 4 +++-
>>  2 files changed, 9 insertions(+), 2 deletions(-)
>>
>> diff --git a/doc/muxers.texi b/doc/muxers.texi
>> index 94472ce..a7324a4 100644
>> --- a/doc/muxers.texi
>> +++ b/doc/muxers.texi
>> @@ -551,7 +551,7 @@ format. The optional third line specifies the 
>> initialization vector (IV) as a
>>  hexadecimal string to be used instead of the segment sequence number 
>> (default)
>>  for encryption. Changes to @var{key_info_file} will result in segment
>>  encryption with the new key/IV and an entry in the playlist for the new key
>> -URI/IV.
>> +URI/IV if @code{hls_flags periodic_rekey} is enabled.
>>
>>  Key info file format:
>>  @example
>> @@ -665,6 +665,11 @@ first segment's information.
>>  @item omit_endlist
>>  Do not append the @code{EXT-X-ENDLIST} tag at the end of the playlist.
>>
>> +@item periodic_rekey
>> +The file specified by @code{hls_key_info} will be checked periodically and
>> +detect updates to the encryption info. Be sure to replace this file 
>> atomically,
>> +including the file containing the AES encryption key.
>> +
>>  @item split_by_time
>>  Allow segments to start on frames other than keyframes. This improves
>>  behavior on some players when the time between keyframes is inconsistent,
>> diff --git a/libavformat/hlsenc.c b/libavformat/hlsenc.c
>> index 5cf8c89..4d2e7fb 100644
>> --- a/libavformat/hlsenc.c
>> +++ b/libavformat/hlsenc.c
>> @@ -85,6 +85,7 @@ typedef enum HLSFlags {
>>  HLS_SECOND_LEVEL_SEGMENT_DURATION = (1 << 9), // include segment 
>> duration (microsec) in segment filenames when use_localtime  e.g.: %%09t
>>  HLS_SECOND_LEVEL_SEGMENT_SIZE = (1 << 10), // include segment size 
>> (bytes) in segment filenames when use_localtime  e.g.: %%014s
>>  HLS_TEMP_FILE = (1 << 11),
>> +HLS_PERIODIC_REKEY = (1 << 12),
>>  } HLSFlags;
>>
>>  typedef enum {
>> @@ -1236,7 +1237,7 @@ static int hls_start(AVFormatContext *s)
>>" will use -hls_key_info_file priority\n");
>>  }
>>
>> -if (c->number <= 1) {
>> +if (c->number <= 1 && !(c->flags & HLS_PERIODIC_REKEY)) {
> it will always false when use HLS_PERIODIC_REKEY, then will not enable
> hls encryption.

Oops. Yeah I screwed that up pretty bad. I'll redo it.

>>  if (c->key_info_file) {
>>  if ((err = hls_encryption_start(s)) < 0)
>>  goto fail;
>> @@ -1804,6 +1805,7 @@ static const AVOption options[] = {
>>  {"second_level_segment_index", "include segment index in segment 
>> filenames when use_localtime", 0, AV_OPT_TYPE_CONST, {.i64 = 
>> HLS_SECOND_LEVEL_SEGMENT_INDEX }, 0, UINT_MAX,   E, "flags"},
>>  {"second_level_segment_duration", "include segment duration in segment 
>> filenames when use_localtime", 0, AV_OPT_TYPE_CONST, {.i64 = 
>> HLS_SECOND_LEVEL_SEGMENT_DURATION }, 0, UINT_MAX,   E, "flags"},
>>  {"second_level_segment_size", "include segment size in segment 
>> filenames when use_localtime", 0, AV_OPT_TYPE_CONST, {.i64 = 
>> HLS_SECOND_LEVEL_SEGMENT_SIZE }, 0, UINT_MAX,   E, "flags"},
>> +{"periodic_rekey", "reload keyinfo file periodically for re-keying", 0, 
>> AV_OPT_TYPE_CONST, {.i64 = HLS_PERIODIC_REKEY }, 0, UINT_MAX,   E, "flags"},
>>  {"use_localtime", "set filename expansion with strftime at segment 
>> creation", OFFSET(use_localtime), AV_OPT_TYPE_BOOL, {.i64 = 0 }, 0, 1, E },
>>  {"use_localtime_mkdir", "create last directory component in 
>> strftime-generated filename", OFFSET(use_localtime_mkdir), AV_OPT_TYPE_BOOL, 
>> {.i64 = 0 }, 0, 1, E },
>>  {"hls_playlist_type", "set the HLS playlist type", OFFSET(pl_type), 
>> AV_OPT_TYPE_INT, {.i64 = PLAYLIST_TYPE_NONE }, 0, PLAYLIST_TYPE_NB-1, E, 
>> "pl_type" },
>> --
>> 1.8.4.1
>> ___
>> ffmpeg-devel mailing list
>> ffmpeg-devel@ffmpeg.org
>> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
> ___
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
> 

___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH] libaf/hlsenc: allow dynamic encryption key rotation

2017-08-04 Thread Steven Liu

2017-08-05 8:17 GMT+08:00 DeHackEd :
> Signed-off-by: DHE 
> ---
>  doc/muxers.texi  | 7 ++-
>  libavformat/hlsenc.c | 4 +++-
>  2 files changed, 9 insertions(+), 2 deletions(-)
>
> diff --git a/doc/muxers.texi b/doc/muxers.texi
> index 94472ce..a7324a4 100644
> --- a/doc/muxers.texi
> +++ b/doc/muxers.texi
> @@ -551,7 +551,7 @@ format. The optional third line specifies the 
> initialization vector (IV) as a
>  hexadecimal string to be used instead of the segment sequence number 
> (default)
>  for encryption. Changes to @var{key_info_file} will result in segment
>  encryption with the new key/IV and an entry in the playlist for the new key
> -URI/IV.
> +URI/IV if @code{hls_flags periodic_rekey} is enabled.
>
>  Key info file format:
>  @example
> @@ -665,6 +665,11 @@ first segment's information.
>  @item omit_endlist
>  Do not append the @code{EXT-X-ENDLIST} tag at the end of the playlist.
>
> +@item periodic_rekey
> +The file specified by @code{hls_key_info} will be checked periodically and
> +detect updates to the encryption info. Be sure to replace this file 
> atomically,
> +including the file containing the AES encryption key.
> +
>  @item split_by_time
>  Allow segments to start on frames other than keyframes. This improves
>  behavior on some players when the time between keyframes is inconsistent,
> diff --git a/libavformat/hlsenc.c b/libavformat/hlsenc.c
> index 5cf8c89..4d2e7fb 100644
> --- a/libavformat/hlsenc.c
> +++ b/libavformat/hlsenc.c
> @@ -85,6 +85,7 @@ typedef enum HLSFlags {
>  HLS_SECOND_LEVEL_SEGMENT_DURATION = (1 << 9), // include segment 
> duration (microsec) in segment filenames when use_localtime  e.g.: %%09t
>  HLS_SECOND_LEVEL_SEGMENT_SIZE = (1 << 10), // include segment size 
> (bytes) in segment filenames when use_localtime  e.g.: %%014s
>  HLS_TEMP_FILE = (1 << 11),
> +HLS_PERIODIC_REKEY = (1 << 12),
>  } HLSFlags;
>
>  typedef enum {
> @@ -1236,7 +1237,7 @@ static int hls_start(AVFormatContext *s)
>" will use -hls_key_info_file priority\n");
>  }
>
> -if (c->number <= 1) {
> +if (c->number <= 1 && !(c->flags & HLS_PERIODIC_REKEY)) {
it will always false when use HLS_PERIODIC_REKEY, then will not enable
hls encryption.
>  if (c->key_info_file) {
>  if ((err = hls_encryption_start(s)) < 0)
>  goto fail;
> @@ -1804,6 +1805,7 @@ static const AVOption options[] = {
>  {"second_level_segment_index", "include segment index in segment 
> filenames when use_localtime", 0, AV_OPT_TYPE_CONST, {.i64 = 
> HLS_SECOND_LEVEL_SEGMENT_INDEX }, 0, UINT_MAX,   E, "flags"},
>  {"second_level_segment_duration", "include segment duration in segment 
> filenames when use_localtime", 0, AV_OPT_TYPE_CONST, {.i64 = 
> HLS_SECOND_LEVEL_SEGMENT_DURATION }, 0, UINT_MAX,   E, "flags"},
>  {"second_level_segment_size", "include segment size in segment filenames 
> when use_localtime", 0, AV_OPT_TYPE_CONST, {.i64 = 
> HLS_SECOND_LEVEL_SEGMENT_SIZE }, 0, UINT_MAX,   E, "flags"},
> +{"periodic_rekey", "reload keyinfo file periodically for re-keying", 0, 
> AV_OPT_TYPE_CONST, {.i64 = HLS_PERIODIC_REKEY }, 0, UINT_MAX,   E, "flags"},
>  {"use_localtime", "set filename expansion with strftime at segment 
> creation", OFFSET(use_localtime), AV_OPT_TYPE_BOOL, {.i64 = 0 }, 0, 1, E },
>  {"use_localtime_mkdir", "create last directory component in 
> strftime-generated filename", OFFSET(use_localtime_mkdir), AV_OPT_TYPE_BOOL, 
> {.i64 = 0 }, 0, 1, E },
>  {"hls_playlist_type", "set the HLS playlist type", OFFSET(pl_type), 
> AV_OPT_TYPE_INT, {.i64 = PLAYLIST_TYPE_NONE }, 0, PLAYLIST_TYPE_NB-1, E, 
> "pl_type" },
> --
> 1.8.4.1
> ___
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

[FFmpeg-devel] [PATCH] libaf/hlsenc: allow dynamic encryption key rotation

2017-08-04 Thread DeHackEd

Signed-off-by: DHE 
---
 doc/muxers.texi  | 7 ++-
 libavformat/hlsenc.c | 4 +++-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/doc/muxers.texi b/doc/muxers.texi
index 94472ce..a7324a4 100644
--- a/doc/muxers.texi
+++ b/doc/muxers.texi
@@ -551,7 +551,7 @@ format. The optional third line specifies the 
initialization vector (IV) as a
 hexadecimal string to be used instead of the segment sequence number (default)
 for encryption. Changes to @var{key_info_file} will result in segment
 encryption with the new key/IV and an entry in the playlist for the new key
-URI/IV.
+URI/IV if @code{hls_flags periodic_rekey} is enabled.

 Key info file format:
 @example
@@ -665,6 +665,11 @@ first segment's information.
 @item omit_endlist
 Do not append the @code{EXT-X-ENDLIST} tag at the end of the playlist.

+@item periodic_rekey
+The file specified by @code{hls_key_info} will be checked periodically and
+detect updates to the encryption info. Be sure to replace this file atomically,
+including the file containing the AES encryption key.
+
 @item split_by_time
 Allow segments to start on frames other than keyframes. This improves
 behavior on some players when the time between keyframes is inconsistent,
diff --git a/libavformat/hlsenc.c b/libavformat/hlsenc.c
index 5cf8c89..4d2e7fb 100644
--- a/libavformat/hlsenc.c
+++ b/libavformat/hlsenc.c
@@ -85,6 +85,7 @@ typedef enum HLSFlags {
 HLS_SECOND_LEVEL_SEGMENT_DURATION = (1 << 9), // include segment duration 
(microsec) in segment filenames when use_localtime  e.g.: %%09t
 HLS_SECOND_LEVEL_SEGMENT_SIZE = (1 << 10), // include segment size (bytes) 
in segment filenames when use_localtime  e.g.: %%014s
 HLS_TEMP_FILE = (1 << 11),
+HLS_PERIODIC_REKEY = (1 << 12),
 } HLSFlags;

 typedef enum {
@@ -1236,7 +1237,7 @@ static int hls_start(AVFormatContext *s)
   " will use -hls_key_info_file priority\n");
 }

-if (c->number <= 1) {
+if (c->number <= 1 && !(c->flags & HLS_PERIODIC_REKEY)) {
 if (c->key_info_file) {
 if ((err = hls_encryption_start(s)) < 0)
 goto fail;
@@ -1804,6 +1805,7 @@ static const AVOption options[] = {
 {"second_level_segment_index", "include segment index in segment filenames 
when use_localtime", 0, AV_OPT_TYPE_CONST, {.i64 = 
HLS_SECOND_LEVEL_SEGMENT_INDEX }, 0, UINT_MAX,   E, "flags"},
 {"second_level_segment_duration", "include segment duration in segment 
filenames when use_localtime", 0, AV_OPT_TYPE_CONST, {.i64 = 
HLS_SECOND_LEVEL_SEGMENT_DURATION }, 0, UINT_MAX,   E, "flags"},
 {"second_level_segment_size", "include segment size in segment filenames 
when use_localtime", 0, AV_OPT_TYPE_CONST, {.i64 = 
HLS_SECOND_LEVEL_SEGMENT_SIZE }, 0, UINT_MAX,   E, "flags"},
+{"periodic_rekey", "reload keyinfo file periodically for re-keying", 0, 
AV_OPT_TYPE_CONST, {.i64 = HLS_PERIODIC_REKEY }, 0, UINT_MAX,   E, "flags"},
 {"use_localtime", "set filename expansion with strftime at segment 
creation", OFFSET(use_localtime), AV_OPT_TYPE_BOOL, {.i64 = 0 }, 0, 1, E },
 {"use_localtime_mkdir", "create last directory component in 
strftime-generated filename", OFFSET(use_localtime_mkdir), AV_OPT_TYPE_BOOL, 
{.i64 = 0 }, 0, 1, E },
 {"hls_playlist_type", "set the HLS playlist type", OFFSET(pl_type), 
AV_OPT_TYPE_INT, {.i64 = PLAYLIST_TYPE_NONE }, 0, PLAYLIST_TYPE_NB-1, E, 
"pl_type" },
-- 
1.8.4.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH] libaf/hlsenc: allow dynamic encryption key rotation

Re: [FFmpeg-devel] [PATCH] libaf/hlsenc: allow dynamic encryption key rotation

[FFmpeg-devel] [PATCH] libaf/hlsenc: allow dynamic encryption key rotation

3 matches

Site Navigation

Mail list logo

Footer information