[FFmpeg-devel] [PATCH] avformat/mov h264 cenc entryption file decryption_key failed

[FFmpeg-devel] [PATCH] avformat/mov h264 cenc entryption file decryption_key failed

[lishuangxi]

Fixes ticket #9807.

Signed-off-by: ShuangxiLi <lishuangxi@huawei.com>
---
 libavformat/mov.c | 29 ++---------------------------
 1 file changed, 2 insertions(+), 27 deletions(-)

diff --git a/libavformat/mov.c b/libavformat/mov.c
index 88669faa70..71dce69677 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -6819,9 +6819,6 @@ static int cenc_scheme_decrypt(MOVContext *c, MOVStreamContext *sc, AVEncryption
 {
     int i, ret;
     int bytes_of_protected_data;
-    int partially_encrypted_block_size;
-    uint8_t *partially_encrypted_block;
-    uint8_t block[16];
 
     if (!sc->cenc.aes_ctr) {
         /* initialize the cipher */
@@ -6844,8 +6841,6 @@ static int cenc_scheme_decrypt(MOVContext *c, MOVStreamContext *sc, AVEncryption
         return 0;
     }
 
-    partially_encrypted_block_size = 0;
-
     for (i = 0; i < sample->subsample_count; i++) {
         if (sample->subsamples[i].bytes_of_clear_data + sample->subsamples[i].bytes_of_protected_data > size) {
             av_log(c->fc, AV_LOG_ERROR, "subsample size exceeds the packet size left\n");
@@ -6858,28 +6853,8 @@ static int cenc_scheme_decrypt(MOVContext *c, MOVStreamContext *sc, AVEncryption
 
         /* decrypt the encrypted bytes */
 
-        if (partially_encrypted_block_size) {
-            memcpy(block, partially_encrypted_block, partially_encrypted_block_size);
-            memcpy(block+partially_encrypted_block_size, input, 16-partially_encrypted_block_size);
-            av_aes_ctr_crypt(sc->cenc.aes_ctr, block, block, 16);
-            memcpy(partially_encrypted_block, block, partially_encrypted_block_size);
-            memcpy(input, block+partially_encrypted_block_size, 16-partially_encrypted_block_size);
-            input += 16-partially_encrypted_block_size;
-            size -= 16-partially_encrypted_block_size;
-            bytes_of_protected_data = sample->subsamples[i].bytes_of_protected_data - (16-partially_encrypted_block_size);
-        } else {
-            bytes_of_protected_data = sample->subsamples[i].bytes_of_protected_data;
-        }
-
-        if (i < sample->subsample_count-1) {
-            int num_of_encrypted_blocks = bytes_of_protected_data/16;
-            partially_encrypted_block_size = bytes_of_protected_data%16;
-            if (partially_encrypted_block_size)
-                partially_encrypted_block = input + 16*num_of_encrypted_blocks;
-            av_aes_ctr_crypt(sc->cenc.aes_ctr, input, input, 16*num_of_encrypted_blocks);
-        } else {
-            av_aes_ctr_crypt(sc->cenc.aes_ctr, input, input, bytes_of_protected_data);
-        }
+        bytes_of_protected_data = sample->subsamples[i].bytes_of_protected_data;
+        av_aes_ctr_crypt(sc->cenc.aes_ctr, input, input, bytes_of_protected_data);
 
         input += bytes_of_protected_data;
         size -= bytes_of_protected_data;
-- 
2.24.0

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] [PATCH] avformat/mov: h264 cenc entryption file decryption_key failed

[Marton Balint]

On Sat, 9 Jul 2022, Marton Balint wrote:

>
>
> On Sat, 9 Jul 2022, lishuangxi wrote:
>
>>  Please help review it, thanks.
>
> You should describe why the old logic of encrypting in 16 byte chunks is 
> uneeded in the commit message.

Applied with fixed commit message.

Thanks,
Marton

>
>>   Code  process
>>         		-- Fixes ticket #9807.
>>         -- Fixes ticket #9777.
>
> The file in linked in ticket #9807 is still unplayable for me after your 
> patch. As for the other ticket, the reported did not include a sample, so 
> there is no way to know for sure if your patch fixes it.
>
> Regards,
> Marton
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
>
>
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] [PATCH] avformat/mov: h264 cenc entryption file decryption_key failed

[Marton Balint]

On Sat, 9 Jul 2022, lishuangxi wrote:

> Please help review it, thanks.

You should describe why the old logic of encrypting in 16 byte chunks 
is uneeded in the commit message.

> 	Code  process
> 		-- Fixes ticket #9807.
>        -- Fixes ticket #9777.

The file in linked in ticket #9807 is still unplayable for me after 
your patch. As for the other ticket, the reported did not include a 
sample, so there is no way to know for sure if your patch fixes it.

Regards,
Marton
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

[FFmpeg-devel] [PATCH] avformat/mov: h264 cenc entryption file decryption_key failed

[lishuangxi]

[-- Attachment #1: Type: text/plain, Size: 469 bytes --]

Please help review it, thanks.
	Code  process
		-- Fixes ticket #9807.
        -- Fixes ticket #9777.
	In the funciton cenc_scheme_decrypt,Partially_encrypted_block_size may be a negative value. Therefore, a core dump occurs when memcpy(block, partially_encrypted_block, partially_encrypted_block_size)  is executed.
	For cenc(AES-CTR scheme) , The last Blocks in Sample less than 16 bytes to illustrate that CTR mode allows encryption of partial cipher blocks.	

[-- Attachment #2: 0001-avformat-mov-h264-cenc-entryption-file-decryption_ke.patch --]
[-- Type: application/octet-stream, Size: 3024 bytes --]

[-- Attachment #3: ATT00001.txt --]
[-- Type: text/plain, Size: 258 bytes --]

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

[-- Attachment #4: Type: text/plain, Size: 251 bytes --]

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

[FFmpeg-devel] [PATCH] avformat/mov: h264 cenc entryption file decryption_key failed

[lishuangxi]

Fixes ticket #9807.

Signed-off-by: ShuangxiLi <lishuangxi@huawei.com>
---
 libavformat/mov.c | 29 ++---------------------------
 1 file changed, 2 insertions(+), 27 deletions(-)

diff --git a/libavformat/mov.c b/libavformat/mov.c
index 88669faa70..71dce69677 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -6819,9 +6819,6 @@ static int cenc_scheme_decrypt(MOVContext *c, MOVStreamContext *sc, AVEncryption
 {
     int i, ret;
     int bytes_of_protected_data;
-    int partially_encrypted_block_size;
-    uint8_t *partially_encrypted_block;
-    uint8_t block[16];
 
     if (!sc->cenc.aes_ctr) {
         /* initialize the cipher */
@@ -6844,8 +6841,6 @@ static int cenc_scheme_decrypt(MOVContext *c, MOVStreamContext *sc, AVEncryption
         return 0;
     }
 
-    partially_encrypted_block_size = 0;
-
     for (i = 0; i < sample->subsample_count; i++) {
         if (sample->subsamples[i].bytes_of_clear_data + sample->subsamples[i].bytes_of_protected_data > size) {
             av_log(c->fc, AV_LOG_ERROR, "subsample size exceeds the packet size left\n");
@@ -6858,28 +6853,8 @@ static int cenc_scheme_decrypt(MOVContext *c, MOVStreamContext *sc, AVEncryption
 
         /* decrypt the encrypted bytes */
 
-        if (partially_encrypted_block_size) {
-            memcpy(block, partially_encrypted_block, partially_encrypted_block_size);
-            memcpy(block+partially_encrypted_block_size, input, 16-partially_encrypted_block_size);
-            av_aes_ctr_crypt(sc->cenc.aes_ctr, block, block, 16);
-            memcpy(partially_encrypted_block, block, partially_encrypted_block_size);
-            memcpy(input, block+partially_encrypted_block_size, 16-partially_encrypted_block_size);
-            input += 16-partially_encrypted_block_size;
-            size -= 16-partially_encrypted_block_size;
-            bytes_of_protected_data = sample->subsamples[i].bytes_of_protected_data - (16-partially_encrypted_block_size);
-        } else {
-            bytes_of_protected_data = sample->subsamples[i].bytes_of_protected_data;
-        }
-
-        if (i < sample->subsample_count-1) {
-            int num_of_encrypted_blocks = bytes_of_protected_data/16;
-            partially_encrypted_block_size = bytes_of_protected_data%16;
-            if (partially_encrypted_block_size)
-                partially_encrypted_block = input + 16*num_of_encrypted_blocks;
-            av_aes_ctr_crypt(sc->cenc.aes_ctr, input, input, 16*num_of_encrypted_blocks);
-        } else {
-            av_aes_ctr_crypt(sc->cenc.aes_ctr, input, input, bytes_of_protected_data);
-        }
+        bytes_of_protected_data = sample->subsamples[i].bytes_of_protected_data;
+        av_aes_ctr_crypt(sc->cenc.aes_ctr, input, input, bytes_of_protected_data);
 
         input += bytes_of_protected_data;
         size -= bytes_of_protected_data;
-- 
2.24.0

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".