[FFmpeg-devel] Patch which requires a new library

[FFmpeg-devel] Patch which requires a new library

[Sergio Garcia Murillo]

Hi all!

I would like to contribute a patch that adds sig v4 authentication (
https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html)
to the http module.

This would allow for example to play/store an MPEG DASH content stored on
an S3 Bucket which requires authentication.

I have the code ready, but it requires using
https://github.com/aws/SigV4-for-AWS-IoT-embedded-sdk library (which is
MIT, so there should be no license issues) and I am not sure what is the
best way of adding it to the configuration file and adding the conditional
compile flags to enable the feature or not.

Could anyone give me any pointers on what is the best way of doing this?

Best regards
Sergio
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] Patch which requires a new library

[Kieran Kunhya]

On Thu, 7 Mar 2024 at 15:07, Sergio Garcia Murillo <
sergio.garcia.murillo@gmail.com> wrote:

>
> Could anyone give me any pointers on what is the best way of doing this?
>

You should use a well known crypto library to implement this in FFmpeg (e.g
libgcrypt, openssl etc).

Kieran
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] Patch which requires a new library

[Sergio Garcia Murillo]

El jue, 7 mar 2024, 16:30, Kieran Kunhya <kierank@obe.tv> escribió:

> On Thu, 7 Mar 2024 at 15:07, Sergio Garcia Murillo <
> sergio.garcia.murillo@gmail.com> wrote:
>
> >
> > Could anyone give me any pointers on what is the best way of doing this?
> >
>
> You should use a well known crypto library to implement this in FFmpeg (e.g
> libgcrypt, openssl
>

In fact, the sigv library allows to pass the crypto implementation you want
to use:

https://github.com/aws/SigV4-for-AWS-IoT-embedded-sdk/blob/dc530f7a21ec96db62afe73e21e3b7dfad0d648c/source/include/sigv4.h#L235

So the patch is already using whatever crypto library ffmpeg is configured
to use.

Anyway, not sure if i understood your feedback correctly, but my question
was about what is the best way of adding the sigv4 library as an optional
dependency in the configuration file and how to modify the patch so the
sigv4 specific code is only compiled if it is enabled by the configuration.

I have been looking at the contribution docs, but have found no info about
this.

Best regards
Sergio

>
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] Patch which requires a new library

[Kieran Kunhya]

On Thu, 7 Mar 2024, 17:16 Sergio Garcia Murillo, <
sergio.garcia.murillo@gmail.com> wrote:

> El jue, 7 mar 2024, 16:30, Kieran Kunhya <kierank@obe.tv> escribió:
>
> > On Thu, 7 Mar 2024 at 15:07, Sergio Garcia Murillo <
> > sergio.garcia.murillo@gmail.com> wrote:
> >
> > >
> > > Could anyone give me any pointers on what is the best way of doing
> this?
> > >
> >
> > You should use a well known crypto library to implement this in FFmpeg
> (e.g
> > libgcrypt, openssl
> >
>
> In fact, the sigv library allows to pass the crypto implementation you want
> to use:
>
>
> https://github.com/aws/SigV4-for-AWS-IoT-embedded-sdk/blob/dc530f7a21ec96db62afe73e21e3b7dfad0d648c/source/include/sigv4.h#L235
>
> So the patch is already using whatever crypto library ffmpeg is configured
> to use.
>
> Anyway, not sure if i understood your feedback correctly, but my question
> was about what is the best way of adding the sigv4 library as an optional
> dependency in the configuration file and how to modify the patch so the
> sigv4 specific code is only compiled if it is enabled by the configuration.
>

The point is we don't want to use the external lib.

Kieran

>
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] Patch which requires a new library

[Sergio Garcia Murillo]

El jue, 7 mar 2024, 18:21, Kieran Kunhya <kierank@obe.tv> escribió:

> On Thu, 7 Mar 2024, 17:16 Sergio Garcia Murillo, <
> sergio.garcia.murillo@gmail.com> wrote:
>
> > El jue, 7 mar 2024, 16:30, Kieran Kunhya <kierank@obe.tv> escribió:
> >
> > > On Thu, 7 Mar 2024 at 15:07, Sergio Garcia Murillo <
> > > sergio.garcia.murillo@gmail.com> wrote:
> > >
> > > >
> > > > Could anyone give me any pointers on what is the best way of doing
> > this?
> > > >
> > >
> > > You should use a well known crypto library to implement this in FFmpeg
> > (e.g
> > > libgcrypt, openssl
> > >
> >
> > In fact, the sigv library allows to pass the crypto implementation you
> want
> > to use:
> >
> >
> >
> https://github.com/aws/SigV4-for-AWS-IoT-embedded-sdk/blob/dc530f7a21ec96db62afe73e21e3b7dfad0d648c/source/include/sigv4.h#L235
> >
> > So the patch is already using whatever crypto library ffmpeg is
> configured
> > to use.
> >
> > Anyway, not sure if i understood your feedback correctly, but my question
> > was about what is the best way of adding the sigv4 library as an optional
> > dependency in the configuration file and how to modify the patch so the
> > sigv4 specific code is only compiled if it is enabled by the
> configuration.
> >
>
> The point is we don't want to use the external lib.
>

For what? This is aws lib implementing the aws s3 signatures and using
ffmpeg crypto libs.

Best regards
Sergio

>
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] Patch which requires a new library

[Rémi Denis-Courmont]

Le torstaina 7. maaliskuuta 2024, 19.30.46 EET Sergio Garcia Murillo a écrit :
> > The point is we don't want to use the external lib.
> 
> For what? This is aws lib implementing the aws s3 signatures and using
> ffmpeg crypto libs.

For not depending on an external library, especially one so small and so 
specific that it is very unlikely to be shipped by the vast majority of 
FFmpeg's downstreams.

(sigv4 is just three thousand lines of C, and most of that is just 
boilerplate.)

-- 
Rémi Denis-Courmont
http://www.remlab.net/



_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] Patch which requires a new library

[Sergio Garcia Murillo]

On Thu, Mar 7, 2024 at 7:02 PM Rémi Denis-Courmont <remi@remlab.net> wrote:

> Le torstaina 7. maaliskuuta 2024, 19.30.46 EET Sergio Garcia Murillo a
> écrit :
> > > The point is we don't want to use the external lib.
> >
> > For what? This is aws lib implementing the aws s3 signatures and using
> > ffmpeg crypto libs.
>
> For not depending on an external library, especially one so small and so
> specific that it is very unlikely to be shipped by the vast majority of
> FFmpeg's downstreams.
>

That seems fair enough, however the downside is that sigv4 lib is supported
and maintained by aws and it has a proper testing suite.


> (sigv4 is just three thousand lines of C, and most of that is just
> boilerplate.)
>

Would it be then acceptable to just copy/paste the library code (with
ffmpeg coding style formatting) referencing the original library url in the
code?
Also, where should we include the sigv4 code, would libautil be the correct
place?

Best regards
Sergio
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] Patch which requires a new library

[Kieran Kunhya]

On Thu, 7 Mar 2024, 20:16 Sergio Garcia Murillo, <
sergio.garcia.murillo@gmail.com> wrote:

> On Thu, Mar 7, 2024 at 7:02 PM Rémi Denis-Courmont <remi@remlab.net>
> wrote:
>
> > Le torstaina 7. maaliskuuta 2024, 19.30.46 EET Sergio Garcia Murillo a
> > écrit :
> > > > The point is we don't want to use the external lib.
> > >
> > > For what? This is aws lib implementing the aws s3 signatures and using
> > > ffmpeg crypto libs.
> >
> > For not depending on an external library, especially one so small and so
> > specific that it is very unlikely to be shipped by the vast majority of
> > FFmpeg's downstreams.
> >
>
> That seems fair enough, however the downside is that sigv4 lib is supported
> and maintained by aws and it has a proper testing suite.
>

As with all these "SDKs", they are supported until the vendor gets bored
and/or the developers leave or get promoted.

Kieran
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".