Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Question: Generate HLS stream with SAMPLE-AES encryption with identity key format #659

Closed
Romantic-LiXuefeng opened this issue Sep 30, 2019 · 7 comments
Closed

Question: Generate HLS stream with SAMPLE-AES encryption with identity key format #659

Romantic-LiXuefeng opened this issue Sep 30, 2019 · 7 comments
Labels
status: archived Archived and locked; will not be updated

Comments

@Romantic-LiXuefeng
Copy link

Just as the described in the HLS draft document.
https://tools.ietf.org/html/draft-pantos-http-live-streaming-23#section-4.3.2.4
#EXT-X-KEY:

An encryption method of AES-128 signals that Media Segments are
completely encrypted using the Advanced Encryption Standard
[AES_128] with a 128-bit key, Cipher Block Chaining, and PKCS7
padding [RFC5652]. CBC is restarted on each segment boundary,
using either the IV attribute value or the Media Sequence Number
as the IV; see Section 5.2.
@weiyuefei
Copy link

AES-128 is not supported by shaka-packager currently.

@kqyang
Copy link
Contributor

kqyang commented Sep 30, 2019

@weiyuefei is right. We do not support AES-128 right now. I am interested in your use case. What is the reason that you want to use AES-128 instead of SAMPLE-AES?

@Romantic-LiXuefeng
Copy link
Author

Romantic-LiXuefeng commented Sep 30, 2019
edited
Loading

@kqyang Do you think the SAMPLE-AES encryption is more popular than AES-128? What's the benefit of the SAMPLE-AES than AES-128. There is no document about this in the HLS draft. The reason why I'm interested in AES-128 right now, just because of most players have not implements the sample-based SAMPLE-AES decryption. Such as ExoPlayer, it only support AES-128 right now. Our Android team is using it. I'm the beginner of how to encryption.

@kqyang
Copy link
Contributor

kqyang commented Sep 30, 2019

@Romantic-LiXuefeng Yes, SAMPLE-AES is a sample based encryption scheme. It allows the streams to be processed even before it is decrypted. SAMPLE-AES in mp4 is compatible with industry Common Encryption standard.

There is no document about this in the HLS draft.

That is not true. It is specified in HLS specification and also Apple's encryption specification.

Such as ExoPlayer, it only support AES-128 right now

That is not completely true. ExoPlayer supports SAMPLE-AES in mp4, which is basically the same as 'cbcs' encryption scheme in CENC.

@Romantic-LiXuefeng
Copy link
Author

@kqyang How to generate the HLS stream with non-CDM SAMPLE-AES protection? #google/ExoPlayer#6488 . As the reference Exoplayer issue, we want to implement the feature, but we have no test content.

@Romantic-LiXuefeng Romantic-LiXuefeng changed the title Question: How to encrypt the streams with segment-based AES-128 encryption when packager HLS? Question: Generate HLS stream with SAMPLE-AES encryption with identity key format Oct 24, 2019
@kqyang
Copy link
Contributor

kqyang commented Oct 24, 2019

See https://google.github.io/shaka-packager/html/tutorials/raw_key.html. identity key format is generated if neither –pssh nor –protection_systems is specified. Note that you'll still need to specify --hls_key_uri.

@Romantic-LiXuefeng
Copy link
Author

@kqyang Thanks very much for your help.

@shaka-bot shaka-bot added the status: archived Archived and locked; will not be updated label Dec 27, 2019
@shaka-project shaka-project locked and limited conversation to collaborators Dec 27, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
status: archived Archived and locked; will not be updated
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@kqyang @Romantic-LiXuefeng @shaka-bot @weiyuefei