解密不使用IV的AES-128加密的M3U8播放列表 [英] Decrypt M3U8 Playlist encrypted with AES-128 without IV
问题描述
我目前正在构建一个用于下载M3U8播放列表的应用程序,但是我遇到了一个问题:如果播放列表是使用AES-128加密的,例如有这样的一行:
I'm currently building an Application for downloading M3U8 Playlists, but i've run into an issue: If the Playlist is encrypted with AES-128, e.g. has a line like this:
#EXT-X-KEY:METHOD=AES-128,URI="https://website.com/link.key",IV=0xblablabla
在将段写入输出文件之前,我必须解密这些段,并且如果存在IV,则下面的代码对我有用,但是如果IV属性不存在,则解密会产生错误的结果:
I have to decrypt the segments before writing them to the output file, and if an IV is present the below code does work for me, but if the IV property doesn't exist the decryption produces a wrong result:
var iv = "parsed iv"; // empty if not present
var key_url = "parsed keyurl";
var AES = new AesManaged()
{
Mode = CipherMode.CBC,
Key = await Client.GetByteArrayAsync(key_url)
};
if (!string.IsNullOrEmpty(iv))
AES.IV = Functions.HexToByte(iv.StartsWith("0x") ? iv.Remove(0, 2) : iv);
else
AES.IV = new byte[16];
//...
using (FileStream fs = new FileStream("file.ts", FileMode.Create, FileAccess.Write, FileShare.Read))
{
var data = DownloadSegment(...); // Downloads segment as byte array (encrypted)
byte[] temp = new byte[data.Length];
ICryptoTransform transform = AES.CreateDecryptor();
using (MemoryStream memoryStream = new MemoryStream(data))
{
using (CryptoStream cryptoStream = new CryptoStream(memoryStream, transform, CryptoStreamMode.Read))
{
cryptoStream.Read(temp, 0, data.Length);
}
}
await fs.WriteAsync(temp, 0, temp.Length);
}
(显然,这是一个包含解密部分的代码段,因为所有的解析和下载工作都很好).
(This is obviously just a code snippet, containing the decryption part, since all the parsing and downloading does work fine).
如果没有IV,例如,您是否知道任何人都知道如何解密M3U8播放列表文件中的AES-128加密段.只是
Does anyone of you know how to decrypt an AES-128 encrypted segment in a M3U8 Playlist file if there is no IV present, e.g. just
#EXT-X-KEY:METHOD=AES-128,URI="https://website.com/link.key"?
任何帮助将不胜感激.预先感谢!
Any help is greatly appreciated. Thanks in advance!
推荐答案
HLS规范指出[1]:
The HLS spec states [1]:
媒体段为的AES-128信号的加密方法 使用高级加密标准(AES)完全加密 [AES_128]具有128位密钥,密码块链接(CBC)和 公钥密码标准7号(PKCS7)填充[RFC5652]. 使用以下任一方法在每个细分市场边界处重新启动CBC 初始化向量(IV)属性值或媒体序列 数字作为IV;参见第5.2节.
An encryption method of AES-128 signals that Media Segments are completely encrypted using the Advanced Encryption Standard (AES) [AES_128] with a 128-bit key, Cipher Block Chaining (CBC), and Public-Key Cryptography Standards #7 (PKCS7) padding [RFC5652]. CBC is restarted on each segment boundary, using either the Initialization Vector (IV) attribute value or the Media Sequence Number as the IV; see Section 5.2.
因此,您必须使用变体播放列表中EXT-X-MEDIA-SEQUENCE标记的值.一定要进行推断,即为每个细分市场递增.
So you have to use the value of the EXT-X-MEDIA-SEQUENCE tag in the variant playlist. Be sure to extrapolate, i.e. increment it for each segment.
[1] https://tools.ietf.org/html/rfc8216 #section-4.3.2.4
这篇关于解密不使用IV的AES-128加密的M3U8播放列表的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
