Shaka Packager SDK
raw_key_source.cc
1 // Copyright 2016 Google Inc. All rights reserved.
2 //
3 // Use of this source code is governed by a BSD-style
4 // license that can be found in the LICENSE file or at
5 // https://developers.google.com/open-source/licenses/bsd
6 
7 #include "packager/media/base/raw_key_source.h"
8 
9 #include <algorithm>
10 #include "packager/base/logging.h"
11 #include "packager/base/strings/string_number_conversions.h"
12 #include "packager/media/base/key_source.h"
13 #include "packager/status_macros.h"
14 
15 namespace {
16 const char kEmptyDrmLabel[] = "";
17 } // namespace
18 
19 namespace shaka {
20 namespace media {
21 
22 RawKeySource::~RawKeySource() {}
23 
24 Status RawKeySource::FetchKeys(EmeInitDataType init_data_type,
25  const std::vector<uint8_t>& init_data) {
26  // Do nothing for raw key encryption/decryption.
27  return Status::OK;
28 }
29 
30 Status RawKeySource::GetKey(const std::string& stream_label,
31  EncryptionKey* key) {
32  DCHECK(key);
33  // Try to find the key with label |stream_label|. If it is not available,
34  // fall back to the default empty label if it is available.
35  auto iter = encryption_key_map_.find(stream_label);
36  if (iter == encryption_key_map_.end()) {
37  iter = encryption_key_map_.find(kEmptyDrmLabel);
38  if (iter == encryption_key_map_.end()) {
39  return Status(error::NOT_FOUND,
40  "Key for '" + stream_label + "' was not found.");
41  }
42  }
43  *key = *iter->second;
44  return Status::OK;
45 }
46 
47 Status RawKeySource::GetKey(const std::vector<uint8_t>& key_id,
48  EncryptionKey* key) {
49  DCHECK(key);
50  for (const auto& pair : encryption_key_map_) {
51  if (pair.second->key_id == key_id) {
52  *key = *pair.second;
53  return Status::OK;
54  }
55  }
56  return Status(error::INTERNAL_ERROR,
57  "Key for key_id=" + base::HexEncode(&key_id[0], key_id.size()) +
58  " was not found.");
59 }
60 
61 Status RawKeySource::GetCryptoPeriodKey(uint32_t crypto_period_index,
62  uint32_t crypto_period_duration_in_seconds,
63  const std::string& stream_label,
64  EncryptionKey* key) {
65  RETURN_IF_ERROR(GetKey(stream_label, key));
66 
67  // A naive key rotation algorithm is implemented here by left rotating the
68  // key, key_id and pssh. Note that this implementation is only intended for
69  // testing purpose. The actual key rotation algorithm can be much more
70  // complicated.
71  LOG(WARNING)
72  << "This naive key rotation algorithm should not be used in production.";
73  std::rotate(key->key_id.begin(),
74  key->key_id.begin() + (crypto_period_index % key->key_id.size()),
75  key->key_id.end());
76  std::rotate(key->key.begin(),
77  key->key.begin() + (crypto_period_index % key->key.size()),
78  key->key.end());
79  key->key_ids.clear();
80  key->key_ids.emplace_back(key->key_id);
81 
82  return Status::OK;
83 }
84 
85 std::unique_ptr<RawKeySource> RawKeySource::Create(
86  const RawKeyParams& raw_key) {
87  std::vector<ProtectionSystemSpecificInfo> key_system_info;
88  if (!raw_key.pssh.empty()) {
90  raw_key.pssh.data(), raw_key.pssh.size(), &key_system_info)) {
91  LOG(ERROR) << "--pssh argument should be full PSSH boxes.";
92  return std::unique_ptr<RawKeySource>();
93  }
94  }
95 
96  std::vector<std::vector<uint8_t>> key_ids;
97  for (const auto& entry : raw_key.key_map)
98  key_ids.emplace_back(entry.second.key_id);
99 
100  EncryptionKeyMap encryption_key_map;
101  for (const auto& entry : raw_key.key_map) {
102  const std::string& drm_label = entry.first;
103  const RawKeyParams::KeyInfo& key_pair = entry.second;
104 
105  if (key_pair.key_id.size() != 16) {
106  LOG(ERROR) << "Invalid key ID size '" << key_pair.key_id.size()
107  << "', must be 16 bytes.";
108  return std::unique_ptr<RawKeySource>();
109  }
110  if (key_pair.key.size() != 16) {
111  // CENC only supports AES-128, i.e. 16 bytes.
112  LOG(ERROR) << "Invalid key size '" << key_pair.key.size()
113  << "', must be 16 bytes.";
114  return std::unique_ptr<RawKeySource>();
115  }
116  if (!key_pair.iv.empty() && key_pair.iv.size() != 8 && key_pair.iv.size() != 16) {
117  LOG(ERROR) << "Invalid IV '" << key_pair.iv.size()
118  << "', must be 8 or 16 bytes.";
119  return std::unique_ptr<RawKeySource>();
120  }
121 
122  std::unique_ptr<EncryptionKey> encryption_key(new EncryptionKey);
123  encryption_key->key_id = key_pair.key_id;
124  encryption_key->key_ids = key_ids;
125  encryption_key->key = key_pair.key;
126  encryption_key->iv = (key_pair.iv.empty()) ? raw_key.iv : key_pair.iv;
127  encryption_key->key_system_info = key_system_info;
128  encryption_key_map[drm_label] = std::move(encryption_key);
129  }
130 
131  return std::unique_ptr<RawKeySource>(
132  new RawKeySource(std::move(encryption_key_map)));
133 }
134 
135 RawKeySource::RawKeySource() {}
136 
137 RawKeySource::RawKeySource(EncryptionKeyMap&& encryption_key_map)
138  : encryption_key_map_(std::move(encryption_key_map)) {}
139 
140 } // namespace media
141 } // namespace shaka
A key source that uses raw keys for encryption.
Status FetchKeys(EmeInitDataType init_data_type, const std::vector< uint8_t > &init_data) override
Status GetKey(const std::string &stream_label, EncryptionKey *key) override
Status GetCryptoPeriodKey(uint32_t crypto_period_index, uint32_t crypto_period_duration_in_seconds, const std::string &stream_label, EncryptionKey *key) override
static std::unique_ptr< RawKeySource > Create(const RawKeyParams &raw_key)
All the methods that are virtual are virtual for mocking.
Raw key encryption/decryption parameters, i.e. with key parameters provided.
std::map< StreamLabel, KeyInfo > key_map
std::vector< uint8_t > pssh
std::vector< uint8_t > iv
std::vector< std::vector< uint8_t > > key_ids
The IDs of the other keys to include in PSSH info.
Definition: key_source.h:43
std::vector< uint8_t > key_id
The ID of this key.
Definition: key_source.h:41
static bool ParseBoxes(const uint8_t *data, size_t data_size, std::vector< ProtectionSystemSpecificInfo > *pssh_boxes)