omadec.c
Go to the documentation of this file.
1 /*
2  * Sony OpenMG (OMA) demuxer
3  *
4  * Copyright (c) 2008 Maxim Poliakovski
5  * 2008 Benjamin Larsson
6  * 2011 David Goldwich
7  *
8  * This file is part of Libav.
9  *
10  * Libav is free software; you can redistribute it and/or
11  * modify it under the terms of the GNU Lesser General Public
12  * License as published by the Free Software Foundation; either
13  * version 2.1 of the License, or (at your option) any later version.
14  *
15  * Libav is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18  * Lesser General Public License for more details.
19  *
20  * You should have received a copy of the GNU Lesser General Public
21  * License along with Libav; if not, write to the Free Software
22  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
23  */
24 
43 #include "avformat.h"
44 #include "internal.h"
45 #include "libavutil/intreadwrite.h"
46 #include "libavutil/des.h"
47 #include "oma.h"
48 #include "pcm.h"
49 #include "riff.h"
50 #include "id3v2.h"
51 
52 
53 static const uint64_t leaf_table[] = {
54  0xd79e8283acea4620, 0x7a9762f445afd0d8,
55  0x354d60a60b8c79f1, 0x584e1cde00b07aee,
56  0x1573cd93da7df623, 0x47f98d79620dd535
57 };
58 
59 typedef struct OMAContext {
60  uint64_t content_start;
61  int encrypted;
62  uint16_t k_size;
63  uint16_t e_size;
64  uint16_t i_size;
65  uint16_t s_size;
66  uint32_t rid;
67  uint8_t r_val[24];
68  uint8_t n_val[24];
69  uint8_t m_val[8];
70  uint8_t s_val[8];
71  uint8_t sm_val[8];
72  uint8_t e_val[8];
73  uint8_t iv[8];
74  struct AVDES av_des;
75 } OMAContext;
76 
77 static void hex_log(AVFormatContext *s, int level, const char *name, const uint8_t *value, int len)
78 {
79  char buf[33];
80  len = FFMIN(len, 16);
81  if (av_log_get_level() < level)
82  return;
83  ff_data_to_hex(buf, value, len, 1);
84  buf[len<<1] = '\0';
85  av_log(s, level, "%s: %s\n", name, buf);
86 }
87 
88 static int kset(AVFormatContext *s, const uint8_t *r_val, const uint8_t *n_val, int len)
89 {
90  OMAContext *oc = s->priv_data;
91 
92  if (!r_val && !n_val)
93  return -1;
94 
95  len = FFMIN(len, 16);
96 
97  /* use first 64 bits in the third round again */
98  if (r_val) {
99  if (r_val != oc->r_val) {
100  memset(oc->r_val, 0, 24);
101  memcpy(oc->r_val, r_val, len);
102  }
103  memcpy(&oc->r_val[16], r_val, 8);
104  }
105  if (n_val) {
106  if (n_val != oc->n_val) {
107  memset(oc->n_val, 0, 24);
108  memcpy(oc->n_val, n_val, len);
109  }
110  memcpy(&oc->n_val[16], n_val, 8);
111  }
112 
113  return 0;
114 }
115 
116 #define OMA_RPROBE_M_VAL 48 + 1
117 
118 static int rprobe(AVFormatContext *s, uint8_t *enc_header, unsigned size,
119  const uint8_t *r_val)
120 {
121  OMAContext *oc = s->priv_data;
122  unsigned int pos;
123  struct AVDES av_des;
124 
125  if (!enc_header || !r_val ||
126  size < OMA_ENC_HEADER_SIZE + oc->k_size + oc->e_size + oc->i_size ||
127  size < OMA_RPROBE_M_VAL)
128  return -1;
129 
130  /* m_val */
131  av_des_init(&av_des, r_val, 192, 1);
132  av_des_crypt(&av_des, oc->m_val, &enc_header[48], 1, NULL, 1);
133 
134  /* s_val */
135  av_des_init(&av_des, oc->m_val, 64, 0);
136  av_des_crypt(&av_des, oc->s_val, NULL, 1, NULL, 0);
137 
138  /* sm_val */
139  pos = OMA_ENC_HEADER_SIZE + oc->k_size + oc->e_size;
140  av_des_init(&av_des, oc->s_val, 64, 0);
141  av_des_mac(&av_des, oc->sm_val, &enc_header[pos], (oc->i_size >> 3));
142 
143  pos += oc->i_size;
144 
145  return memcmp(&enc_header[pos], oc->sm_val, 8) ? -1 : 0;
146 }
147 
148 static int nprobe(AVFormatContext *s, uint8_t *enc_header, unsigned size,
149  const uint8_t *n_val)
150 {
151  OMAContext *oc = s->priv_data;
152  uint64_t pos;
153  uint32_t taglen, datalen;
154  struct AVDES av_des;
155 
156  if (!enc_header || !n_val ||
157  size < OMA_ENC_HEADER_SIZE + oc->k_size + 4)
158  return -1;
159 
160  pos = OMA_ENC_HEADER_SIZE + oc->k_size;
161  if (!memcmp(&enc_header[pos], "EKB ", 4))
162  pos += 32;
163 
164  if (size < pos + 44)
165  return -1;
166 
167  if (AV_RB32(&enc_header[pos]) != oc->rid)
168  av_log(s, AV_LOG_DEBUG, "Mismatching RID\n");
169 
170  taglen = AV_RB32(&enc_header[pos+32]);
171  datalen = AV_RB32(&enc_header[pos+36]) >> 4;
172 
173  pos += 44;
174  if (size - pos < taglen)
175  return -1;
176 
177  pos += taglen;
178 
179  if (datalen << 4 > size - pos)
180  return -1;
181 
182  av_des_init(&av_des, n_val, 192, 1);
183  while (datalen-- > 0) {
184  av_des_crypt(&av_des, oc->r_val, &enc_header[pos], 2, NULL, 1);
185  kset(s, oc->r_val, NULL, 16);
186  if (!rprobe(s, enc_header, size, oc->r_val))
187  return 0;
188  pos += 16;
189  }
190 
191  return -1;
192 }
193 
194 static int decrypt_init(AVFormatContext *s, ID3v2ExtraMeta *em, uint8_t *header)
195 {
196  OMAContext *oc = s->priv_data;
197  ID3v2ExtraMetaGEOB *geob = NULL;
198  uint8_t *gdata;
199 
200  oc->encrypted = 1;
201  av_log(s, AV_LOG_INFO, "File is encrypted\n");
202 
203  /* find GEOB metadata */
204  while (em) {
205  if (!strcmp(em->tag, "GEOB") &&
206  (geob = em->data) &&
207  (!strcmp(geob->description, "OMG_LSI") ||
208  !strcmp(geob->description, "OMG_BKLSI"))) {
209  break;
210  }
211  em = em->next;
212  }
213  if (!em) {
214  av_log(s, AV_LOG_ERROR, "No encryption header found\n");
215  return -1;
216  }
217 
218  if (geob->datasize < 64) {
219  av_log(s, AV_LOG_ERROR, "Invalid GEOB data size: %u\n", geob->datasize);
220  return -1;
221  }
222 
223  gdata = geob->data;
224 
225  if (AV_RB16(gdata) != 1)
226  av_log(s, AV_LOG_WARNING, "Unknown version in encryption header\n");
227 
228  oc->k_size = AV_RB16(&gdata[2]);
229  oc->e_size = AV_RB16(&gdata[4]);
230  oc->i_size = AV_RB16(&gdata[6]);
231  oc->s_size = AV_RB16(&gdata[8]);
232 
233  if (memcmp(&gdata[OMA_ENC_HEADER_SIZE], "KEYRING ", 12)) {
234  av_log(s, AV_LOG_ERROR, "Invalid encryption header\n");
235  return -1;
236  }
237  oc->rid = AV_RB32(&gdata[OMA_ENC_HEADER_SIZE + 28]);
238  av_log(s, AV_LOG_DEBUG, "RID: %.8x\n", oc->rid);
239 
240  memcpy(oc->iv, &header[0x58], 8);
241  hex_log(s, AV_LOG_DEBUG, "IV", oc->iv, 8);
242 
243  hex_log(s, AV_LOG_DEBUG, "CBC-MAC", &gdata[OMA_ENC_HEADER_SIZE+oc->k_size+oc->e_size+oc->i_size], 8);
244 
245  if (s->keylen > 0) {
246  kset(s, s->key, s->key, s->keylen);
247  }
248  if (!memcmp(oc->r_val, (const uint8_t[8]){0}, 8) ||
249  rprobe(s, gdata, geob->datasize, oc->r_val) < 0 &&
250  nprobe(s, gdata, geob->datasize, oc->n_val) < 0) {
251  int i;
252  for (i = 0; i < FF_ARRAY_ELEMS(leaf_table); i += 2) {
253  uint8_t buf[16];
254  AV_WL64(buf, leaf_table[i]);
255  AV_WL64(&buf[8], leaf_table[i+1]);
256  kset(s, buf, buf, 16);
257  if (!rprobe(s, gdata, geob->datasize, oc->r_val) ||
258  !nprobe(s, gdata, geob->datasize, oc->n_val))
259  break;
260  }
261  if (i >= sizeof(leaf_table)) {
262  av_log(s, AV_LOG_ERROR, "Invalid key\n");
263  return -1;
264  }
265  }
266 
267  /* e_val */
268  av_des_init(&oc->av_des, oc->m_val, 64, 0);
269  av_des_crypt(&oc->av_des, oc->e_val, &gdata[OMA_ENC_HEADER_SIZE + 40], 1, NULL, 0);
270  hex_log(s, AV_LOG_DEBUG, "EK", oc->e_val, 8);
271 
272  /* init e_val */
273  av_des_init(&oc->av_des, oc->e_val, 64, 1);
274 
275  return 0;
276 }
277 
279  AVFormatParameters *ap)
280 {
281  int ret, framesize, jsflag, samplerate;
282  uint32_t codec_params;
283  int16_t eid;
284  uint8_t buf[EA3_HEADER_SIZE];
285  uint8_t *edata;
286  AVStream *st;
287  ID3v2ExtraMeta *extra_meta = NULL;
288  OMAContext *oc = s->priv_data;
289 
290  ff_id3v2_read_all(s, ID3v2_EA3_MAGIC, &extra_meta);
291  ret = avio_read(s->pb, buf, EA3_HEADER_SIZE);
292  if (ret < EA3_HEADER_SIZE)
293  return -1;
294 
295  if (memcmp(buf, ((const uint8_t[]){'E', 'A', '3'}),3) || buf[4] != 0 || buf[5] != EA3_HEADER_SIZE) {
296  av_log(s, AV_LOG_ERROR, "Couldn't find the EA3 header !\n");
297  return -1;
298  }
299 
300  oc->content_start = avio_tell(s->pb);
301 
302  /* encrypted file */
303  eid = AV_RB16(&buf[6]);
304  if (eid != -1 && eid != -128 && decrypt_init(s, extra_meta, buf) < 0) {
305  ff_id3v2_free_extra_meta(&extra_meta);
306  return -1;
307  }
308 
309  ff_id3v2_free_extra_meta(&extra_meta);
310 
311  codec_params = AV_RB24(&buf[33]);
312 
313  st = avformat_new_stream(s, NULL);
314  if (!st)
315  return AVERROR(ENOMEM);
316 
317  st->start_time = 0;
319  st->codec->codec_tag = buf[32];
321 
322  switch (buf[32]) {
323  case OMA_CODECID_ATRAC3:
324  samplerate = ff_oma_srate_tab[(codec_params >> 13) & 7] * 100;
325  if (!samplerate) {
326  av_log(s, AV_LOG_ERROR, "Unsupported sample rate\n");
327  return AVERROR_INVALIDDATA;
328  }
329  if (samplerate != 44100)
330  av_log_ask_for_sample(s, "Unsupported sample rate: %d\n",
331  samplerate);
332 
333  framesize = (codec_params & 0x3FF) * 8;
334  jsflag = (codec_params >> 17) & 1; /* get stereo coding mode, 1 for joint-stereo */
335  st->codec->channels = 2;
336  st->codec->sample_rate = samplerate;
337  st->codec->bit_rate = st->codec->sample_rate * framesize * 8 / 1024;
338 
339  /* fake the atrac3 extradata (wav format, makes stream copy to wav work) */
340  st->codec->extradata_size = 14;
342  if (!edata)
343  return AVERROR(ENOMEM);
344 
345  st->codec->extradata = edata;
346  AV_WL16(&edata[0], 1); // always 1
347  AV_WL32(&edata[2], samplerate); // samples rate
348  AV_WL16(&edata[6], jsflag); // coding mode
349  AV_WL16(&edata[8], jsflag); // coding mode
350  AV_WL16(&edata[10], 1); // always 1
351  // AV_WL16(&edata[12], 0); // always 0
352 
353  avpriv_set_pts_info(st, 64, 1, st->codec->sample_rate);
354  break;
355  case OMA_CODECID_ATRAC3P:
356  st->codec->channels = (codec_params >> 10) & 7;
357  framesize = ((codec_params & 0x3FF) * 8) + 8;
358  samplerate = ff_oma_srate_tab[(codec_params >> 13) & 7] * 100;
359  if (!samplerate) {
360  av_log(s, AV_LOG_ERROR, "Unsupported sample rate\n");
361  return AVERROR_INVALIDDATA;
362  }
363  st->codec->sample_rate = samplerate;
364  st->codec->bit_rate = samplerate * framesize * 8 / 1024;
365  avpriv_set_pts_info(st, 64, 1, samplerate);
366  av_log(s, AV_LOG_ERROR, "Unsupported codec ATRAC3+!\n");
367  break;
368  case OMA_CODECID_MP3:
370  framesize = 1024;
371  break;
372  case OMA_CODECID_LPCM:
373  /* PCM 44.1 kHz 16 bit stereo big-endian */
374  st->codec->channels = 2;
375  st->codec->sample_rate = 44100;
376  framesize = 1024;
377  /* bit rate = sample rate x PCM block align (= 4) x 8 */
378  st->codec->bit_rate = st->codec->sample_rate * 32;
380  avpriv_set_pts_info(st, 64, 1, st->codec->sample_rate);
381  break;
382  default:
383  av_log(s, AV_LOG_ERROR, "Unsupported codec %d!\n",buf[32]);
384  return -1;
385  }
386 
387  st->codec->block_align = framesize;
388 
389  return 0;
390 }
391 
392 
394 {
395  OMAContext *oc = s->priv_data;
396  int packet_size = s->streams[0]->codec->block_align;
397  int ret = av_get_packet(s->pb, pkt, packet_size);
398 
399  if (ret < packet_size)
400  pkt->flags |= AV_PKT_FLAG_CORRUPT;
401 
402  if (ret <= 0)
403  return AVERROR(EIO);
404 
405  pkt->stream_index = 0;
406 
407  if (oc->encrypted) {
408  /* previous unencrypted block saved in IV for
409  * the next packet (CBC mode) */
410  if (ret == packet_size)
411  av_des_crypt(&oc->av_des, pkt->data, pkt->data,
412  (packet_size >> 3), oc->iv, 1);
413  else
414  memset(oc->iv, 0, 8);
415  }
416 
417  return ret;
418 }
419 
421 {
422  const uint8_t *buf;
423  unsigned tag_len = 0;
424 
425  buf = p->buf;
426 
427  if (p->buf_size < ID3v2_HEADER_SIZE ||
429  buf[3] != 3 || // version must be 3
430  buf[4]) // flags byte zero
431  return 0;
432 
433  tag_len = ff_id3v2_tag_len(buf);
434 
435  /* This check cannot overflow as tag_len has at most 28 bits */
436  if (p->buf_size < tag_len + 5)
437  /* EA3 header comes late, might be outside of the probe buffer */
438  return AVPROBE_SCORE_MAX / 2;
439 
440  buf += tag_len;
441 
442  if (!memcmp(buf, "EA3", 3) && !buf[4] && buf[5] == EA3_HEADER_SIZE)
443  return AVPROBE_SCORE_MAX;
444  else
445  return 0;
446 }
447 
448 static int oma_read_seek(struct AVFormatContext *s, int stream_index, int64_t timestamp, int flags)
449 {
450  OMAContext *oc = s->priv_data;
451 
452  int err = pcm_read_seek(s, stream_index, timestamp, flags);
453 
454  if (!oc->encrypted)
455  return err;
456 
457  /* readjust IV for CBC */
458  if (err || avio_tell(s->pb) < oc->content_start)
459  goto wipe;
460  if ((err = avio_seek(s->pb, -8, SEEK_CUR)) < 0)
461  goto wipe;
462  if ((err = avio_read(s->pb, oc->iv, 8)) < 8) {
463  if (err >= 0)
464  err = AVERROR_EOF;
465  goto wipe;
466  }
467 
468  return 0;
469 wipe:
470  memset(oc->iv, 0, 8);
471  return err;
472 }
473 
475  .name = "oma",
476  .long_name = NULL_IF_CONFIG_SMALL("Sony OpenMG audio"),
477  .priv_data_size = sizeof(OMAContext),
483  .extensions = "oma,omg,aa3",
484  .codec_tag = (const AVCodecTag* const []){ff_oma_codec_tags, 0},
485 };
486