-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support AES-128 on HLS #850
Comments
@avelad I am under impression that AES-128 on HLS implies FairPlay. (Please correct me if I'm mistaken). If that's not related to FairPlay, let me know, we'll treat this separately! |
It's a very simple mechanism. Each segement is encrypted with a key, for get this key only it's necessary get the response of license request of URI. In the initial sample:
The response of "oceans.key" is "õq¿ìý�¹°\æú��ý�" A interesting article about that: Sample: |
Ok, let us take a look and see if we can make it work! I'm adding this to the backlog since it requires investigation which makes me hesitant about scheduling it for 2.2. @joeyparrish please feel free to override me on this! |
This looks like it could be implemented using clearkey. But there is a problem. AFAIK, all clearkey implementations use AES CTR for decryption, while HLS encryption uses AES CBC. Even if the browser supported CBC, there is no way in EME to pass the encryption scheme or the IV. If you are using Widevine encryption, this info is passed in the init data, but clearkey init data doesn't support these extra fields. See #358 for a similar situation using DASH. |
If the keys are in the clear anyway, we could look into WebCrypto APIs: http://caniuse.com/#feat=cryptography |
Is there any workaround to use AES-128 HLS encrypted? |
I found that videojs uses https://github.com/videojs/aes-decrypter s it possible to use it like mux.js? |
@avelad We probably wouldn't need that since we can just use the WebCrypto APIs to decrypt the content. What we could do is just query that URL and get the key, then use that with WebCrypto to decrypt the data before passing to MediaSource. I think AES-128 encrypts everything, so we might not even have to parse the container data. |
I ran into this problem as well. You can easily generate a test with Bento4:
Safari, VLC, and videojs are all able to play it. Shaka gives me HLS_COULD_NOT_PARSE_SEGMENT_START_TIME (code 4030). If you decide not to add this feature, perhaps at least check for EXT-X-KEY in the manifest and output a more informative error message like "AES not supported"? |
Parsing of segment start times is something we do now, but we could probably avoid in many cases. That is something we're planning for a future release, likely v2.6 or v2.7. Aside from that, though, you're right. We could probably detect and reject AES-128 content with a meaningful error code instead of failing to parse it. |
@joeyparrish @TheModMaker Any updates on when this feature might be implemented? Thank you! |
No, it's not scheduled yet. But we are always willing to accept contributions from the community, so please feel free to discuss design and/or work on a PR if this is important to you. Thanks! |
I ran into this issue and so will need to add support for it, I think. Will keep it posted here if I run into some problem. |
What's the conclusion about this? Does Shaka packager support AES-128 method ? |
Obviously, No! |
@avelad Sure, I created PR #3880 |
There's no estimate available right now, because nobody on the Shaka team is working on this right now. It will become a higher priority for us later this year, as we need this feature in Shaka to fully deprecate another player. In the meantime, community contributions are very welcome! I just exchanged messages with someone on Slack who wants to take over and improve the existing PR. |
Also adds support for key rotation in HLS, but only for AES-128. Based on shaka-project#3880 Issue shaka-project#850
Also adds support for key rotation in HLS, but only for AES-128. Based on shaka-project#3880 Issue shaka-project#850
Also adds support for key rotation in HLS, but only for AES-128. Based on shaka-project#3880 Issue shaka-project#850
Also adds support for key rotation in HLS, but only for AES-128. Based on shaka-project#3880 Issue shaka-project#850
Also adds support for key rotation in HLS, but only for AES-128. Based on shaka-project#3880 Issue shaka-project#850
Also adds support for key rotation in HLS, but only for AES-128. Based on shaka-project#3880 Issue shaka-project#850
Expands on the original PR (shaka-project#3880) by adding support for MP4 and key rotation. Close shaka-project#850 Co-authored-by: wjywbs <wjywbs@users.noreply.github.com>
Expands on the original PR (shaka-project#3880) by adding support for MP4 and key rotation. Close shaka-project#850 Co-authored-by: wjywbs <wjywbs@users.noreply.github.com>
This it's a request feature for support AES-128 on HLS. Is it possible support it?
Sample stream:
https://playertest.longtailvideo.com/adaptive/oceans_aes/oceans_aes.m3u8
Now, I get: HLS_REQUIRED_ATTRIBUTE_MISSING (KEYFORMAT)
The text was updated successfully, but these errors were encountered: