HLS Encryption with AES-128 and PKCS7 padding - Githubissues

ossrs / srs

SRS is a simple, high-efficiency, real-time media server supporting RTMP, WebRTC, HLS, HTTP-FLV, HTTP-TS, SRT, MPEG-DASH, and GB28181.

https://ossrs.io

MIT License

25.83k stars 5.4k forks source link

HLS Encryption with AES-128 and PKCS7 padding #4172

Open afriza opened 2 months ago

afriza commented 2 months ago

Hello, I am wondering if SRS' support for HLS AES-128 encryption uses PKCS7 padding ?

My understanding from quickly checking the code is that it does not use PKCS7 padding?

https://github.com/ossrs/srs/blob/d70e7357cfe5b34eb8e8dd30723d07f4bdd48b24/trunk/src/kernel/srs_kernel_ts.cpp#L2802-L2810

https://github.com/ossrs/srs/blob/d70e7357cfe5b34eb8e8dd30723d07f4bdd48b24/trunk/src/kernel/srs_kernel_ts.cpp#L2775

It seems like old Apple docs mentioned that there is no padding.. But RFC8216 mentions PCKS7 padding..

I am requesting PKCS7 padding to be added for compatibility with ExoPlayer on Android..

suzp1984 commented 2 months ago

https://github.com/ossrs/srs/blob/d70e7357cfe5b34eb8e8dd30723d07f4bdd48b24/trunk/src/kernel/srs_kernel_ts.cpp#L2802-L2810

Above code is PCKS7 (PCKS#7) padding. If the buf is not 16-byte alignment, then fill the remaining bytes with the remaining number of bytes.

It seems like old Apple docs mentioned that there is no padding

No, I don't think the padding mentioned in above apple doc is the padding the AES encryption. For AES, the encrypting buf must be the aligned with the number of bytes of the secrete key, that's why there are PCKS7 method to let the buf aligned with the number of bytes of secrete key.