Open dcxmurphy opened 5 years ago
Yes, it’s possible to use this on macOS. Do you know how to compile programs in general?
No. As I said I'm not an expert lol. But as long as it is possible, I will do some research and try figure it out. Unless you can assist me?
Open Terminal and enter:
git clone https://github.com/selsta/hlsdl
cd hlsdl
make
./hlsdl [url]
Am I supposed to type something after "make" because when I do that it says:
xcrun: error: invalid active developer path (/Applications/Xcode.app/Contents/Developer), missing xcrun at: /Applications/Xcode.app/Contents/Developer/usr/bin/xcrun
Try xcode-select --install
first
Terminal says:
xcode-select: error: command line tools are already installed, use "Software Update" to install updates
Thanks! Working now.
@selsta Tried your instruction to compile it on the mac, I get this error :
`src/aes_openssl.c:1:10: fatal error: 'openssl/conf.h' file not found
^~~~~~~~~~~~~~~~`
@pducharme Install brew.sh then brew install openssl
@selsta thanks, it worked.
Now, my issue/questions :
This is the details on how work SAMPLE-AES :
SAMPLE-AES It encrypts each individual media sample (e.g., video, audio, etc.) by its own with AES. The specific encryption and packaging depends on the media format, e.g., H.264, AAC, etc. SAMPLE-AES allows fine grained encryption modes, e.g., just encrypt I frames, just encrypt 1 out of 10 samples, etc. This could decrease the complexity of the decryption process. Several advantages result out of this approach as fewer CPU cycles are needed and for example mobile devices need less power consumption, higher resolutions can be effectively decrypted, etc.
SAMPLE AES + DRM isn’t supported with hlsdl and software that decrypts that doesn’t exist publicly.
If it can be played by a browser, there should be a way to pass the decryption Key to hlsdl ?
No, it’s not that simple :/
I thought there were some patches to improve this, a few days ago. Am I mistaken?
Do you mean this? https://github.com/selsta/hlsdl/pull/44/commits/d1fb34f99c090f12bad17aa40f10750de95e0a9e
This forcefully ignores the DRM detection, the resulting file will be broken. I don’t know how @ngaullier is using this.
The fact is, when YOU are the one who builds the files/cipher, you got the clear aes key, no matter the tools you use to do that (bento4, usp, an encoder embedding a packager...). To qualify such a workflow, a tool to decipher the files you just have ciphered, is very useful. The "force DRM detection option" does not make sense in a public loop where files are delivered on a CDN. You have to use DRM/protected software modules that check you have the right to view the content and the clear key will anyway never be exposed, even if you indeed do have the rights to watch the content : you will never have access to the deciphered content, that would allow you to share it etc., it is the role of a DRM to prevent it.
@selsta yes, I mean #44. I thought it had to do with sample-aes support but probably I read the notes wrong, then.
@ngaullier
You have to use DRM/protected software modules that check you have the right to view the content and the clear key will anyway never be exposed
OK but if Firefox is able to play a M3U8 flow and the only input it gets is the M3U8 URL, it means that the browser is able to read and decrypt the data. So there must be some process with which the browser gets authenticated.
It's DRM, nasty, bad, ugly, but not magic. There has to be a way to record a stream which is publicly available on a website.
Firefox ships with a DRM binary blob (Widevine Content Decryption Module
), it allows you to watch it but not download it. That's the point of DRM.
Then effectively the Widevine binary blob is decrypting the content. It seems we would need to reverse the binary and figure out what it does and how, probably starting from where it retrieves the key from.
Quite hard but technically not impossible.
Quite hard is an understatement. See https://en.wikipedia.org/wiki/Trusted_execution_environment, which is required for L1 (HD) content. One security researcher managed to crack L3, but that’s not released publicly.
https://www.zdnet.com/article/security-researcher-cracks-googles-widevine-drm-l3-only/
Yeah, I read the news at the time. What I don't get is why the module cannot be used as a black box.
At one point the video stream is going to be sent to the display and the audio is going to be sent at the sound card.
There has to be a way to perform automatic instrumentation, maybe on a dedicated X display, asking the Widevine binary module to play a stream and then record the video and audio in this "virtual" X session.
@3o33emalle you either have to be in the same directory as the hlsdl binary or you have to install it in a directory that is inside your PATH.
What exactly did you do?
What you posted only compiles the program, but it does not install it.
If you do make install
after make
it will install it into /usr/local/bin
.
Hiya,
Not an expert so really don't understand how to install this. Is it possible to use this on MacOS? I tried using my windows computer but i couldn't figure out how to install as the instructions were not clear for a noob like me.