diff options
author | Thomas Bluemel <tbluemel@control4.com> | 2014-08-22 15:18:59 -0600 |
---|---|---|
committer | Sebastian Dröge <sebastian@centricular.com> | 2014-08-28 10:34:55 +0300 |
commit | 04ca7234618513d2cea765f66b0f9c9efc725867 (patch) | |
tree | 74dde9eadcce1ed7354dbfdcdbe5678f0c7f6eaa | |
parent | 8d6f745b78e8190cebd9061192975ad88a08efd5 (diff) |
hlsdemux: Support OpenSSL for AES decryption of HLS fragments
https://bugzilla.gnome.org//show_bug.cgi?id=735248
-rw-r--r-- | configure.ac | 8 | ||||
-rw-r--r-- | ext/hls/Makefile.am | 2 | ||||
-rw-r--r-- | ext/hls/gsthlsdemux.c | 39 | ||||
-rw-r--r-- | ext/hls/gsthlsdemux.h | 8 |
4 files changed, 52 insertions, 5 deletions
diff --git a/configure.ac b/configure.ac index 509e2ae7a..796fe1800 100644 --- a/configure.ac +++ b/configure.ac @@ -3002,7 +3002,13 @@ AG_GST_CHECK_FEATURE(HLS, [http live streaming plugin], hls, [ AC_DEFINE(HAVE_LIBGCRYPT, 1, [Define if libgcrypt is available]) HAVE_HLS="yes" ], [ - HAVE_HLS="no" + PKG_CHECK_MODULES(OPENSSL, openssl, + [ + AC_DEFINE(HAVE_OPENSSL, 1, [Define if openssl is available]) + HAVE_HLS="yes" + ], [ + HAVE_HLS="no" + ]) ]) ]) ]) diff --git a/ext/hls/Makefile.am b/ext/hls/Makefile.am index cedf183dd..c32740309 100644 --- a/ext/hls/Makefile.am +++ b/ext/hls/Makefile.am @@ -12,7 +12,7 @@ libgstfragmented_la_CFLAGS = $(GST_PLUGINS_BAD_CFLAGS) $(GST_PLUGINS_BASE_CFLAGS libgstfragmented_la_LIBADD = \ $(top_builddir)/gst-libs/gst/uridownloader/libgsturidownloader-@GST_API_VERSION@.la \ $(GST_PLUGINS_BASE_LIBS) -lgstpbutils-$(GST_API_VERSION) -lgstvideo-$(GST_API_VERSION) \ - $(GST_BASE_LIBS) $(GST_LIBS) $(GIO_LIBS) $(LIBM) $(LIBGCRYPT_LIBS) $(NETTLE_LIBS) + $(GST_BASE_LIBS) $(GST_LIBS) $(GIO_LIBS) $(LIBM) $(LIBGCRYPT_LIBS) $(NETTLE_LIBS) $(OPENSSL_LIBS) libgstfragmented_la_LDFLAGS = $(GST_PLUGIN_LDFLAGS) -no-undefined libgstfragmented_la_LIBTOOLFLAGS = $(GST_PLUGIN_LIBTOOLFLAGS) diff --git a/ext/hls/gsthlsdemux.c b/ext/hls/gsthlsdemux.c index c343fc5d0..bf4a273e0 100644 --- a/ext/hls/gsthlsdemux.c +++ b/ext/hls/gsthlsdemux.c @@ -1779,7 +1779,44 @@ gst_hls_demux_switch_playlist (GstHLSDemux * demux) return gst_hls_demux_change_playlist (demux, bitrate * demux->bitrate_limit); } -#ifdef HAVE_NETTLE +#if defined(HAVE_OPENSSL) +static gboolean +gst_hls_demux_decrypt_start (GstHLSDemux * demux, const guint8 * key_data, + const guint8 * iv_data) +{ + EVP_CIPHER_CTX_init (&demux->aes_ctx); + if (!EVP_DecryptInit_ex (&demux->aes_ctx, EVP_aes_128_cbc (), NULL, key_data, + iv_data)) + return FALSE; + EVP_CIPHER_CTX_set_padding (&demux->aes_ctx, 0); + return TRUE; +} + +static gboolean +decrypt_fragment (GstHLSDemux * demux, gsize length, + const guint8 * encrypted_data, guint8 * decrypted_data) +{ + int len, flen = 0; + + if (G_UNLIKELY (length > G_MAXINT || length % 16 != 0)) + return FALSE; + + len = (int) length; + if (!EVP_DecryptUpdate (&demux->aes_ctx, decrypted_data, &len, encrypted_data, + len)) + return FALSE; + EVP_DecryptFinal_ex (&demux->aes_ctx, decrypted_data + len, &flen); + g_return_val_if_fail (len + flen == length, FALSE); + return TRUE; +} + +static void +gst_hls_demux_decrypt_end (GstHLSDemux * demux) +{ + EVP_CIPHER_CTX_cleanup (&demux->aes_ctx); +} + +#elif defined(HAVE_NETTLE) static gboolean gst_hls_demux_decrypt_start (GstHLSDemux * demux, const guint8 * key_data, const guint8 * iv_data) diff --git a/ext/hls/gsthlsdemux.h b/ext/hls/gsthlsdemux.h index 76f6f84d1..d6f2207cb 100644 --- a/ext/hls/gsthlsdemux.h +++ b/ext/hls/gsthlsdemux.h @@ -29,7 +29,9 @@ #include "m3u8.h" #include "gstfragmented.h" #include <gst/uridownloader/gsturidownloader.h> -#ifdef HAVE_NETTLE +#if defined(HAVE_OPENSSL) +#include <openssl/evp.h> +#elif defined(HAVE_NETTLE) #include <nettle/aes.h> #include <nettle/cbc.h> #else @@ -129,7 +131,9 @@ struct _GstHLSDemux GError *last_error; /* decryption tooling */ -#ifdef HAVE_NETTLE +#if defined(HAVE_OPENSSL) + EVP_CIPHER_CTX aes_ctx; +#elif defined(HAVE_NETTLE) struct CBC_CTX (struct aes_ctx, AES_BLOCK_SIZE) aes_ctx; #else gcry_cipher_hd_t aes_ctx; |