Commit e66563ae authored by Clément Bœsch's avatar Clément Bœsch

Merge commit 'd860a3cc'

* commit 'd860a3cc':
  crypto: Add encryption support

See 00d4013dMerged-by: 's avatarClément Bœsch <u@pkh.me>
parents c7173e50 d860a3cc
...@@ -54,10 +54,10 @@ typedef struct CryptoContext { ...@@ -54,10 +54,10 @@ typedef struct CryptoContext {
int encrypt_ivlen; int encrypt_ivlen;
struct AVAES *aes_decrypt; struct AVAES *aes_decrypt;
struct AVAES *aes_encrypt; struct AVAES *aes_encrypt;
uint8_t *write_buf;
unsigned int write_buf_size;
uint8_t pad[BLOCKSIZE]; uint8_t pad[BLOCKSIZE];
int pad_len; int pad_len;
} CryptoContext; } CryptoContext;
#define OFFSET(x) offsetof(CryptoContext, x) #define OFFSET(x) offsetof(CryptoContext, x)
...@@ -80,16 +80,16 @@ static const AVClass crypto_class = { ...@@ -80,16 +80,16 @@ static const AVClass crypto_class = {
.version = LIBAVUTIL_VERSION_INT, .version = LIBAVUTIL_VERSION_INT,
}; };
static int set_aes_arg(CryptoContext *c, uint8_t **buf, int *buf_len, static int set_aes_arg(URLContext *h, uint8_t **buf, int *buf_len,
uint8_t *default_buf, int default_buf_len, uint8_t *default_buf, int default_buf_len,
const char *desc) const char *desc)
{ {
if (!*buf_len) { if (!*buf_len) {
if (!default_buf_len) { if (!default_buf_len) {
av_log(c, AV_LOG_ERROR, "%s not set\n", desc); av_log(h, AV_LOG_ERROR, "%s not set\n", desc);
return AVERROR(EINVAL); return AVERROR(EINVAL);
} else if (default_buf_len != BLOCKSIZE) { } else if (default_buf_len != BLOCKSIZE) {
av_log(c, AV_LOG_ERROR, av_log(h, AV_LOG_ERROR,
"invalid %s size (%d bytes, block size is %d)\n", "invalid %s size (%d bytes, block size is %d)\n",
desc, default_buf_len, BLOCKSIZE); desc, default_buf_len, BLOCKSIZE);
return AVERROR(EINVAL); return AVERROR(EINVAL);
...@@ -99,7 +99,7 @@ static int set_aes_arg(CryptoContext *c, uint8_t **buf, int *buf_len, ...@@ -99,7 +99,7 @@ static int set_aes_arg(CryptoContext *c, uint8_t **buf, int *buf_len,
return AVERROR(ENOMEM); return AVERROR(ENOMEM);
*buf_len = default_buf_len; *buf_len = default_buf_len;
} else if (*buf_len != BLOCKSIZE) { } else if (*buf_len != BLOCKSIZE) {
av_log(c, AV_LOG_ERROR, av_log(h, AV_LOG_ERROR,
"invalid %s size (%d bytes, block size is %d)\n", "invalid %s size (%d bytes, block size is %d)\n",
desc, *buf_len, BLOCKSIZE); desc, *buf_len, BLOCKSIZE);
return AVERROR(EINVAL); return AVERROR(EINVAL);
...@@ -121,23 +121,21 @@ static int crypto_open2(URLContext *h, const char *uri, int flags, AVDictionary ...@@ -121,23 +121,21 @@ static int crypto_open2(URLContext *h, const char *uri, int flags, AVDictionary
goto err; goto err;
} }
c->position = 0;
if (flags & AVIO_FLAG_READ) { if (flags & AVIO_FLAG_READ) {
if ((ret = set_aes_arg(c, &c->decrypt_key, &c->decrypt_keylen, if ((ret = set_aes_arg(h, &c->decrypt_key, &c->decrypt_keylen,
c->key, c->keylen, "decryption key")) < 0) c->key, c->keylen, "decryption key")) < 0)
goto err; goto err;
if ((ret = set_aes_arg(c, &c->decrypt_iv, &c->decrypt_ivlen, if ((ret = set_aes_arg(h, &c->decrypt_iv, &c->decrypt_ivlen,
c->iv, c->ivlen, "decryption IV")) < 0) c->iv, c->ivlen, "decryption IV")) < 0)
goto err; goto err;
} }
if (flags & AVIO_FLAG_WRITE) { if (flags & AVIO_FLAG_WRITE) {
if ((ret = set_aes_arg(c, &c->encrypt_key, &c->encrypt_keylen, if ((ret = set_aes_arg(h, &c->encrypt_key, &c->encrypt_keylen,
c->key, c->keylen, "encryption key")) < 0) c->key, c->keylen, "encryption key")) < 0)
if (ret < 0) if (ret < 0)
goto err; goto err;
if ((ret = set_aes_arg(c, &c->encrypt_iv, &c->encrypt_ivlen, if ((ret = set_aes_arg(h, &c->encrypt_iv, &c->encrypt_ivlen,
c->iv, c->ivlen, "encryption IV")) < 0) c->iv, c->ivlen, "encryption IV")) < 0)
goto err; goto err;
} }
...@@ -155,7 +153,7 @@ static int crypto_open2(URLContext *h, const char *uri, int flags, AVDictionary ...@@ -155,7 +153,7 @@ static int crypto_open2(URLContext *h, const char *uri, int flags, AVDictionary
ret = AVERROR(ENOMEM); ret = AVERROR(ENOMEM);
goto err; goto err;
} }
ret = av_aes_init(c->aes_decrypt, c->decrypt_key, BLOCKSIZE*8, 1); ret = av_aes_init(c->aes_decrypt, c->decrypt_key, BLOCKSIZE * 8, 1);
if (ret < 0) if (ret < 0)
goto err; goto err;
...@@ -170,7 +168,7 @@ static int crypto_open2(URLContext *h, const char *uri, int flags, AVDictionary ...@@ -170,7 +168,7 @@ static int crypto_open2(URLContext *h, const char *uri, int flags, AVDictionary
ret = AVERROR(ENOMEM); ret = AVERROR(ENOMEM);
goto err; goto err;
} }
ret = av_aes_init(c->aes_encrypt, c->encrypt_key, BLOCKSIZE*8, 0); ret = av_aes_init(c->aes_encrypt, c->encrypt_key, BLOCKSIZE * 8, 0);
if (ret < 0) if (ret < 0)
goto err; goto err;
// for write, we must be streamed // for write, we must be streamed
...@@ -178,8 +176,6 @@ static int crypto_open2(URLContext *h, const char *uri, int flags, AVDictionary ...@@ -178,8 +176,6 @@ static int crypto_open2(URLContext *h, const char *uri, int flags, AVDictionary
h->is_streamed = 1; h->is_streamed = 1;
} }
c->pad_len = 0;
err: err:
return ret; return ret;
} }
...@@ -338,7 +334,6 @@ static int crypto_write(URLContext *h, const unsigned char *buf, int size) ...@@ -338,7 +334,6 @@ static int crypto_write(URLContext *h, const unsigned char *buf, int size)
{ {
CryptoContext *c = h->priv_data; CryptoContext *c = h->priv_data;
int total_size, blocks, pad_len, out_size; int total_size, blocks, pad_len, out_size;
uint8_t *out_buf;
int ret = 0; int ret = 0;
total_size = size + c->pad_len; total_size = size + c->pad_len;
...@@ -347,22 +342,23 @@ static int crypto_write(URLContext *h, const unsigned char *buf, int size) ...@@ -347,22 +342,23 @@ static int crypto_write(URLContext *h, const unsigned char *buf, int size)
blocks = out_size / BLOCKSIZE; blocks = out_size / BLOCKSIZE;
if (out_size) { if (out_size) {
out_buf = av_malloc(out_size); av_fast_malloc(&c->write_buf, &c->write_buf_size, out_size);
if (!out_buf)
if (!c->write_buf)
return AVERROR(ENOMEM); return AVERROR(ENOMEM);
if (c->pad_len) { if (c->pad_len) {
memcpy(&c->pad[c->pad_len], buf, BLOCKSIZE - c->pad_len); memcpy(&c->pad[c->pad_len], buf, BLOCKSIZE - c->pad_len);
av_aes_crypt(c->aes_encrypt, out_buf, c->pad, 1, c->encrypt_iv, 0); av_aes_crypt(c->aes_encrypt, c->write_buf, c->pad, 1, c->encrypt_iv, 0);
blocks--; blocks--;
} }
av_aes_crypt(c->aes_encrypt, &out_buf[c->pad_len ? BLOCKSIZE : 0], av_aes_crypt(c->aes_encrypt,
&buf[c->pad_len ? BLOCKSIZE - c->pad_len: 0], &c->write_buf[c->pad_len ? BLOCKSIZE : 0],
&buf[c->pad_len ? BLOCKSIZE - c->pad_len : 0],
blocks, c->encrypt_iv, 0); blocks, c->encrypt_iv, 0);
ret = ffurl_write(c->hd, out_buf, out_size); ret = ffurl_write(c->hd, c->write_buf, out_size);
av_free(out_buf);
if (ret < 0) if (ret < 0)
return ret; return ret;
...@@ -378,22 +374,23 @@ static int crypto_write(URLContext *h, const unsigned char *buf, int size) ...@@ -378,22 +374,23 @@ static int crypto_write(URLContext *h, const unsigned char *buf, int size)
static int crypto_close(URLContext *h) static int crypto_close(URLContext *h)
{ {
CryptoContext *c = h->priv_data; CryptoContext *c = h->priv_data;
uint8_t out_buf[BLOCKSIZE]; int ret = 0;
int ret, pad;
if (c->aes_encrypt) { if (c->aes_encrypt) {
pad = BLOCKSIZE - c->pad_len; uint8_t out_buf[BLOCKSIZE];
int pad = BLOCKSIZE - c->pad_len;
memset(&c->pad[c->pad_len], pad, pad); memset(&c->pad[c->pad_len], pad, pad);
av_aes_crypt(c->aes_encrypt, out_buf, c->pad, 1, c->encrypt_iv, 0); av_aes_crypt(c->aes_encrypt, out_buf, c->pad, 1, c->encrypt_iv, 0);
if ((ret = ffurl_write(c->hd, out_buf, BLOCKSIZE)) < 0) ret = ffurl_write(c->hd, out_buf, BLOCKSIZE);
return ret;
} }
if (c->hd) if (c->hd)
ffurl_close(c->hd); ffurl_close(c->hd);
av_freep(&c->aes_decrypt); av_freep(&c->aes_decrypt);
av_freep(&c->aes_encrypt); av_freep(&c->aes_encrypt);
return 0; av_freep(&c->write_buf);
return ret;
} }
const URLProtocol ff_crypto_protocol = { const URLProtocol ff_crypto_protocol = {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment