Add support for parsing mp4 media encrypted with the cbcs encryption scheme

RESOLVED FIXED in Firefox 66

Status

()

enhancement
P2
normal
RESOLVED FIXED
10 months ago
Last month

People

(Reporter: bryce, Assigned: bryce)

Tracking

(Blocks 2 bugs)

unspecified
mozilla66
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox66 fixed)

Details

(Whiteboard: [qa-66b-p2])

Attachments

(6 attachments)

Assignee

Description

10 months ago
New versions of the Widevine CDM (Interface 10+) add support for media encrypted with cypher block chaining (CBC). Historically the Widevine CDM has supported only counter mode (CTR).

Widevine will continue to support CTR mode, but we should update our parses as to handle and plumb CBC data too. We should look to update the Mp4 path at minimum, and should also consider the Webm path.
Assignee

Comment 1

10 months ago
We'll want to expose `cbcs` as supported to the web by making changes here[0] once we have the lower levels worked out.

[0]: https://searchfox.org/mozilla-central/rev/05d91d3e02a0780f44599371005591d7988e2809/dom/media/eme/MediaKeySystemAccess.cpp#308
Assignee

Comment 2

9 months ago
Having looked into this more:
- This is mp4 specific as the WebM encryption spec[0] only covers a `cenc` style scheme which we already implement.
- We specifically need to handle the `cbcs` scheme. This makes use of cypher block chaining, but is not the only scheme to do so.
- These schemes for mp4 are covered in ISO/IEC 23001-7

[0]: https://www.webmproject.org/docs/webm-encryption/
Summary: Add support for parsing CBC encrypted media → Add support for parsing mp4 media encrypted with the cbcs encryption scheme
Blocks: cbcs
When will you be able to start on this? I can take it otherwise..

thanks
Flags: needinfo?(bvandyk)
Assignee

Comment 4

9 months ago
I'm looking into this now. Taking me a bit to get familiar with some of the mp4 components that I haven't much used before, but now that the CDM is rolling out, I should have more time to focus on this.
Flags: needinfo?(bvandyk)
Assignee

Updated

9 months ago
No longer blocks: 1486482
Assignee

Updated

7 months ago
Depends on: 1513042
Assignee

Updated

6 months ago
Depends on: 1515471
Assignee

Updated

6 months ago
Blocks: 1516660
Assignee

Comment 8

6 months ago
Explicitly store the crypto scheme being used on our crypto structs to let us
differentiate between cenc and cbcs data. In doing so remove mMode and replace
mValid with IsEncrypted() for the following reasons:
- Different modes within the existing schemes are not currently utilized by the
  spec of implementation. Having a mode and a scheme could lead to confusion
  between the two. We can return mMode if ever needed by the spec.
- mValid was typically used to check if these structs contained valid crypto
  data or not. With only one scheme this was often shorthand for 'IsEncrypted',
  but with multiple schemes what is considered valid data for one may not be for
  another. Do away with this and just explicitly have an 'IsEncrypted'.

Depends on D15873
Assignee

Comment 11

6 months ago
Rework our mp4 sample iterator to handle cbcs crypto data.

To support this we populate the following new data for samples:
- Crypto pattern information, this is split into a count of encrypted blocks
  and a count of clear blocks.
- A constant IV.

This information is available at a track level and a sample group level. The
sample group level supersedes track level information if both a present.

Prior to this patch, some crypto information was written to samples in
the SampleIterator in Index.cpp, and some in the MP4Demuxer (based on if the
SampleIterator had not populated the data). This patch moves all these
operations into the SampleIterator -- the idea being that the sample iterator
should be the component responsible for setting up sample meta data.

Depends on D15876
Assignee

Comment 12

6 months ago
Handle mp4parse-rust providing cbcs data in the track metadata. Explicitly check
the crypto scheme we get in the metadata and error if we encounter something
outside of cenc and cbcs -- catch unexpected data early.

Depends on D15877
Assignee

Comment 13

6 months ago

Acking that try run has orange that needs to be fixed. Currently wrangling some other issues, but will be back to fix this up.

Assignee

Comment 17

6 months ago

Tests are greened up. After this, bug 1516660 should be the last thing for Widevine cbcs MVP.

Comment 18

6 months ago
Pushed by bvandyk@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/233aedc8b42e
Read pattern information in Sinf parser. r=jya
https://hg.mozilla.org/integration/autoland/rev/f7c201b7f9bc
Replace mValid and mMode with mCryptoScheme for track and sample crypto structs. r=jya
https://hg.mozilla.org/integration/autoland/rev/d25449127f8f
Parse pattern encryption information from the seig box. r=jya
https://hg.mozilla.org/integration/autoland/rev/ee55b284223e
Support different encryption schemes in mp4 parser's GetAuxInfo. r=jya
https://hg.mozilla.org/integration/autoland/rev/b99936efbbc9
Index.cpp's SampleIterator populates cbcs data. r=jya
https://hg.mozilla.org/integration/autoland/rev/05bcc598e9fb
Handle cbcs data from mp4parse-rust. r=jya

Comment 19

6 months ago
Backout by csabou@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/b27229f70e01
Backed out 6 changesets for causing Android build bustages on RemoteDataDecoder.cpp. CLOSED TREE
Assignee

Updated

6 months ago
Blocks: 1519236
Assignee

Comment 22

6 months ago

This iteration, this one is going to be the charm!

I'd missed some Android paths as I'd overlooked their not being indexed in searchfox. I've modified them to work with these patches, as well as failing earlier and more explicitly if we encounter non-cenc scheme data (like a lot of our code before now, there are assumptions that all crypto uses the cenc scheme), but there's more follow up to be done. Bug 1519236 tracks this.

Comment 23

6 months ago
Pushed by bvandyk@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/9edd4ab36641
Read pattern information in Sinf parser. r=jya
https://hg.mozilla.org/integration/autoland/rev/9922ca87970e
Replace mValid and mMode with mCryptoScheme for track and sample crypto structs. r=jya
https://hg.mozilla.org/integration/autoland/rev/b5be14338408
Parse pattern encryption information from the seig box. r=jya
https://hg.mozilla.org/integration/autoland/rev/306cd39838d6
Support different encryption schemes in mp4 parser's GetAuxInfo. r=jya
https://hg.mozilla.org/integration/autoland/rev/9851d4b03b56
Index.cpp's SampleIterator populates cbcs data. r=jya
https://hg.mozilla.org/integration/autoland/rev/5686d29392e8
Handle cbcs data from mp4parse-rust. r=jya

Updated

6 months ago
Depends on: 1519617
Depends on: 1523898
Whiteboard: [qa-66b-p2]
Assignee

Updated

2 months ago
Regressions: 1549544
Assignee

Updated

Last month
Regressions: 1552717
You need to log in before you can comment on or make changes to this bug.