如何解决如何使用 Bento4 sdk 或 FFmpeg 解密加密的 MPEG CENC OMA DCF
我相信我有一个在 CENC 中加密的文件,并且我现在尝试使用来自 Bento4 mp4decrypt 工具的 mp4decrypt 对其进行解密超过几个月,但相信我,我只是不知道如何。这是 mp4info --verbose
的输出MP4INFO 详细
C:\Users\Vector\Desktop\Bento4\Bento4-SDK-1-6-0-637.x86_64-microsoft-win32\bin>mp4info --verbose C:\Users\Vector\Desktop\Bento4\IrokoBeautyandTheBeast\Movies\fmp4_480p_450000.mp4
File:
major brand: iso6
minor version: 1
compatible brand: mp42
compatible brand: dash
compatible brand: msdh
compatible brand: msix
compatible brand: iso6
compatible brand: avc1
compatible brand: isom
fast start: yes
Movie:
duration: 0 ms
time scale: 12800
fragments: yes
Found 1 Tracks
Track 1:
flags: 7 ENABLED IN-MOVIE IN-PREVIEW
id: 1
type: Video
duration: 0 ms
language: eng
media:
sample count: 0
timescale: 12800
duration: 0 (media timescale units)
duration: 0 (ms)
bitrate (computed): 449.893 Kbps
sample count with fragments: 191503
duration with fragments: 98049536
duration with fragments: 7660120 (ms)
display width: 854.000000
display height: 480.000000
Sample Description 0
[ENCRYPTED]
Coding: encv
Scheme Type: cenc
Scheme Version: 65536
Scheme URI:
Protection System Details:
[schi] size=8+32
[tenc] size=12+20
default_isProtected = 1
default_Per_Sample_IV_Size = 8
default_KID = [71 95 60 47 eb fe 4c ed 9d 7c 29 7c 26 da a9 d7]
Bytes: 000000000000000100000000000000000000000000000000035601e000480000004800000000000000010a41564320436f64696e670000000000000000000000000000000000000000000018ffff00000031617663430142c01effe100196742c01ed900d83de6f011000003000100000300320f162e4801000568cb852c800000005073696e660000000c66726d6161766331000000147363686d0000000063656e630001000000000028736368690000002074656e63000000000000010871956047ebfe4ced9d7c297c26daa9d7
Coding: avc1 (H.264)
Width: 854
Height: 480
Depth: 24
AVC Profile: 66 (Baseline)
AVC Profile Compat: c0
AVC Level: 30
AVC NALU Length Size: 4
AVC SPS: [6742c01ed900d83de6f011000003000100000300320f162e48]
AVC PPS: [68cb852c80]
Codecs String: avc1.42C01E
C:\Users\Vector\Desktop\Bento4\Bento4-SDK-1-6-0-637.x86_64-microsoft-win32\bin>
我可以访问的内容:
(1) AUdio AND VIDEO FILES .mp4 which contains the encrypted content for the Apk data files
(2) MANIFEST.mpd also from the apk data files
(3) oma folder
这是受保护文件的 gd 链接 https://drive.google.com/drive/folders/1nQOnOs6oxU-KKZe67ePfkj_adGJhyj9A?usp=sharing 我相信该文件是 OMA DCF/PDCF 文件
ProtectedROS.xml 文件
<roap:protectedRO xmlns:roap="urn:oma:bac:dldrm:roap-1.0">
<roap:ro id="a7b226f223a7b22757365724964223a2232313532333738222c226d65726368616e74223a2269726f6b6f222c2273657373696f6e4964223a2265794a68624763694f694a49557a49314e694973496e523563434936496b705856434a392e65794a6c654841694f6a45324d546b784d4455794d7a5173496d6c68644349364d5459784d7a6b794d54497a4e43776961584e7a496a6f6961584a76613239306469356a623230694c434a7164476b694f694a68543168686156525354575a5a54557030513056364d6b3077634856735448644c647a4e6c6356425465694973496e4e6a6233426c496a6f69625739696157786c4969776963335669496a6f794d5455794d7a633466512e2d574e335a554d4a58666f592d446977384e316e716c5865526b756e3976712d4f49557973665564384251227d2c226964223a7b2274223a2261222c22614964223a2269726f6b6f74763a636f6e74656e743a3135343733227d7d" stateful="true" version="1.1">
<riID>
<keyIdentifier xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xsi:type="roap:X509SPKIHash">
<hash>od6D5p9bah7N0kyo9JrscpOdK2I=</hash>
</keyIdentifier>
</riID>
<rights xmlns:o-ex="http://odrl.net/1.1/ODRL-EX" o-ex:id="REL0">
<o-ex:context>
<o-dd:version xmlns:o-dd="http://odrl.net/1.1/ODRL-DD">2.1</o-dd:version>
<o-dd:uid xmlns:o-dd="http://odrl.net/1.1/ODRL-DD">a7b226f223a7b22757365724964223a2232313532333738222c226d65726368616e74223a2269726f6b6f222c2273657373696f6e4964223a2265794a68624763694f694a49557a49314e694973496e523563434936496b705856434a392e65794a6c654841694f6a45324d546b784d4455794d7a5173496d6c68644349364d5459784d7a6b794d54497a4e43776961584e7a496a6f6961584a76613239306469356a623230694c434a7164476b694f694a68543168686156525354575a5a54557030513056364d6b3077634856735448644c647a4e6c6356425465694973496e4e6a6233426c496a6f69625739696157786c4969776963335669496a6f794d5455794d7a633466512e2d574e335a554d4a58666f592d446977384e316e716c5865526b756e3976712d4f49557973665564384251227d2c226964223a7b2274223a2261222c22614964223a2269726f6b6f74763a636f6e74656e743a3135343733227d7d</o-dd:uid>
</o-ex:context>
<o-ex:agreement>
<o-ex:asset o-ex:id="Audio-Video Key 71956047ebfe4ced9d7c297c26daa9d7">
<o-ex:context>
<o-dd:uid xmlns:o-dd="http://odrl.net/1.1/ODRL-DD">irokotv:content:15473</o-dd:uid>
</o-ex:context>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes128"></xenc:EncryptionMethod>
<ds:KeyInfo>
<ds:RetrievalMethod URI="#K_MAC_and_K_REK0"></ds:RetrievalMethod>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>bcua8iKZzPKucfcfUwJFf1+Ha9qOTh+k</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedKey>
</ds:KeyInfo>
</o-ex:asset>
<o-ex:permission>
<o-dd:play xmlns:o-dd="http://odrl.net/1.1/ODRL-DD">
<o-ex:constraint>
<o-dd:datetime>
<o-dd:end>2021-03-25T18:46:16Z</o-dd:end>
</o-dd:datetime>
<o-dd:interval>P30D</o-dd:interval>
<oma-dd:system xmlns:oma-dd="http://www.openmobilealliance.com/oma-dd">
<o-ex:context>
<o-dd:uid>urn:oma:drms:org-cmla:std-def-analog-outputs</o-dd:uid>
</o-ex:context>
<o-ex:context>
<o-dd:uid>urn:oma:drms:org-cmla:dtcp-ip</o-dd:uid>
</o-ex:context>
<o-ex:context>
<o-dd:uid>urn:oma:drms:org-cmla:hdcp</o-dd:uid>
</o-ex:context>
</oma-dd:system>
</o-ex:constraint>
</o-dd:play>
</o-ex:permission>
</o-ex:agreement>
</rights>
<timeStamp>2021-02-23T18:46:15Z</timeStamp>
<encKey Id="K_MAC_and_K_REK0">
<xenc:EncryptionMethod xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Algorithm="http://www.rsasecurity.com/rsalabs/pkcs/schemas/pkcs-1#rSAEs-kem-kdf2-kw-aes128"></xenc:EncryptionMethod>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<roap:X509SPKIHash algorithm="http://www.w3.org/2000/09/xmldsig#sha1">
<hash>jgQbmMVpFoZpu7X9CElrymPvO5U=</hash>
</roap:X509SPKIHash>
</ds:KeyInfo>
<xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:CipherValue>TNz5JLn7BXfL+DMC7nZD9vM5Jo70tZrbAcZC4a1d6QuKnOITwNOS+A/oEaiqofJFqDajzv9c1klw8HIW4gw5167RHF7krXD14OtbJQdP7eA0Xi8TwQtrxATVd7G0QQBcvUfdrqRmgmgW8fhaTv6NQsHYPkQsv8yswhKKaboa6MQ4agTBTswc94y7OFEFweI1EFBZGAnmvs8jrilx6U4t6bOFFh9Q25NGMHmv15EuzKHvhjUbLaVG1sdvwkA4IVAXsrTPmxhhCRgHtnG7q7SRtF2WpB5tAOHtP1bXaqktfWXrI8QLm7etsJ0V0bQkzyfY6F9PTmUtR8CJueKa07TnOEmSBKf/y6qguZQm2yC5qQLwWTpNxA7rm4qO72xw1mnYn4zaRrAsYdA=</xenc:CipherValue>
</xenc:CipherData>
</encKey>
</roap:ro>
<mac>
<ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"></ds:SignatureMethod>
<ds:Reference URI="#a7b226f223a7b22757365724964223a2232313532333738222c226d65726368616e74223a2269726f6b6f222c2273657373696f6e4964223a2265794a68624763694f694a49557a49314e694973496e523563434936496b705856434a392e65794a6c654841694f6a45324d546b784d4455794d7a5173496d6c68644349364d5459784d7a6b794d54497a4e43776961584e7a496a6f6961584a76613239306469356a623230694c434a7164476b694f694a68543168686156525354575a5a54557030513056364d6b3077634856735448644c647a4e6c6356425465694973496e4e6a6233426c496a6f69625739696157786c4969776963335669496a6f794d5455794d7a633466512e2d574e335a554d4a58666f592d446977384e316e716c5865526b756e3976712d4f49557973665564384251227d2c226964223a7b2274223a2261222c22614964223a2269726f6b6f74763a636f6e74656e743a3135343733227d7d">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>6eq2dQs3WK/LddLVkgij2t3kX+I=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">ckMnemCWwJaoi+aqgwln9/TWIuE=</ds:SignatureValue>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:RetrievalMethod URI="#K_MAC_and_K_REK0"></ds:RetrievalMethod>
</ds:KeyInfo>
</mac>
</roap:protectedRO>
</storedRightsObjects>
是否可以将音频和视频都解密为可播放的非加密文件?从在线信息来看,我相信使用上面提供的 xml 我可以获得 CEK,如果不是缺少什么?
解决方法
有两个不同的问题在起作用:
- CENC(通用加密)
- DRM(数字版权管理)
CENC 独立于供应商。所以加密一次完成,它是一个标准。 密钥是秘密的,通常不会以明文形式存储或传输。
DRM 是特定于供应商的,指定了密钥的交换方式。
CENC 和 DRM 都不容易破解。
有关如何获取密钥 (DRM) 的说明存储在 pssh 盒中,并传递给您计算机的安全计算硬件,然后进行安全密钥交换。
在您的情况下,安全计算硬件将联系 https://lic.drmtoday.com/license-proxy-headerauth/drmtoday/RightsManager.asmx 并使用您登录后获得的令牌索取 ID 为 f01b6f9535f93e48b82138ae52633f4c 的密钥。
您可以使用多个 DRM 系统。例如 Widevine (Google) 或 PlayReady (Microsoft)
如果您拥有最初用于加密内容的密钥,则您只能解密流。 查看您捕获的许可请求 - 我正在收集使用 Google 的 Widevine DRM 系统。
您可以假设 Google 使用的是“最先进的”密钥交换方法,您无法通过右键单击浏览器窗口或浏览器开发工具来破解该方法。
我对 Widevine 的内部运作一无所知,但我猜他们会这样做:https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
GPAC 会解密,但您必须提供密钥及其密钥 ID https://github.com/gpac/gpac/wiki/Common-Encryption
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
