Home Explore Help
Register Sign In
public
/
node-hls-tools
Watch 2
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 7f781ce92e
Branches Tags
node-hls-tools
/
lib
/
segment-decrypt.js

segment-decrypt.js 3.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145 
  1. 'use strict';
    2. 

  2. 

  3. const Url = require('url');
    4. 

  4. const Crypto = require('crypto');
    5. 

  5. 

  6. const Oncemore = require('oncemore');
    7. 

  7. const UriStream = require('uristream');
    8. 

  8. 

  9. 

  10. const internals = {
    11. 

  11.   allowedProtocols: ['http', 'https', 'data'],
    12. 

  12.   fetchTimeout: 10 * 1000,
    13. 

  13. 

  14.   keyCache: {},
    15. 

  15. };
    16. 

  16. 

  17. 

  18. internals.KeyFetcher = function (uri, cookie) {
    19. 

  19. 

  20.   this.uri = uri;
    21. 

  21.   this.cookie = cookie;
    22. 

  22.   this.key = null;
    23. 

  23. 

  24.   this._gets = [];
    25. 

  25. };
    26. 

  26. 

  27. internals.KeyFetcher.prototype.fetch = function (next) {
    28. 

  28. 

  29.   let key = new Buffer(0);
    30. 

  30.   let headers = {};
    31. 

  31.   if (this.cookie) {
    32. 

  32.     headers.Cookie = this.cookie;
    33. 

  33.   }
    34. 

  34. 

  35.   Oncemore(UriStream(this.uri, { headers: headers, whitelist: internals.allowedProtocols, timeout: internals.fetchTimeout }))
    36. 

  36. 

  37.     .on('data', (chunk) => {
    38. 

  38. 

  39.       key = Buffer.concat([key, chunk]);
    40. 

  40.     })
    41. 

  41.     .once('error', 'end', (err) => {
    42. 

  42. 

  43.       return next(err, key);
    44. 

  44.     });
    45. 

  45. };
    46. 

  46. 

  47. internals.KeyFetcher.prototype.get = function (next) {
    48. 

  48. 

  49.   if (this.key && this.key.length) {
    50. 

  50.     return next(null, this.key);
    51. 

  51.   }
    52. 

  52. 

  53.   const complete = (err, key) => {
    54. 

  54. 

  55.     if (!err) {
    56. 

  56.       this.key = key;
    57. 

  57.     }
    58. 

  58. 

  59.     let gets = this._gets;
    60. 

  60.     this._gets = [];
    61. 

  61. 

  62.     for (let idx = 0; idx < gets.length; idx++) {
    63. 

  63.       process.nextTick(gets[idx], err, key);
    64. 

  64.     }
    65. 

  65.   };
    66. 

  66. 

  67.   if (this._gets.length === 0) {
    68. 

  68.     this.fetch(complete);
    69. 

  69.   }
    70. 

  70. 

  71.   return this._gets.push(next);
    72. 

  72. };
    73. 

  73. 

  74. 

  75. internals.fetchKey = function (keyUri, options, next) {
    76. 

  76. 

  77.   if (options.key) return next(null, options.key);
    78. 

  78. 

  79.   let uri = Url.resolve(options.base, keyUri);
    80. 

  80.   let fetcher = internals.keyCache[uri];
    81. 

  81.   if (!fetcher) {
    82. 

  82.     fetcher = internals.keyCache[uri] = new internals.KeyFetcher(uri, options.cookie);
    83. 

  83.   }
    84. 

  84.   return fetcher.get(next);
    85. 

  85. };
    86. 

  86. 

  87. 

  88. internals.getIdentityKey = function (keyAttrs) {
    89. 

  89. 

  90.   for (let idx = 0; idx < keyAttrs.length; idx++) {
    91. 

  91.     let key = keyAttrs[idx];
    92. 

  92.     let keyformat = key.quotedString('keyformat');
    93. 

  93.     if (!keyformat || keyformat === 'identity') {
    94. 

  94.       return {
    95. 

  95.         method: key.enumeratedString('method'),
    96. 

  96.         uri: key.quotedString('uri'),
    97. 

  97.         iv: key.hexadecimalInteger('iv')
    98. 

  98.       };
    99. 

  99.     }
    100. 

  100.   }
    101. 

  101. 

  102.   return null;
    103. 

  103. };
    104. 

  104. 

  105. 

  106. exports.decrypt = function (stream, keyAttrs, options, next) {
    107. 

  107. 

  108.   if (!keyAttrs || !options) {
    109. 

  109.     return next(null, stream, false);
    110. 

  110.   }
    111. 

  111. 

  112.   let key = internals.getIdentityKey(keyAttrs);
    113. 

  113.   if (!key || key.method === 'NONE') {
    114. 

  114.     return next(null, stream, false);
    115. 

  115.   }
    116. 

  116. 

  117.   if (key.method !== 'AES-128' || !key.uri || !key.iv) {
    118. 

  118. 

  119.     // TODO: hard error when key is not recognized?
    120. 

  120.     return next(new Error('unknown encryption parameters'), stream);
    121. 

  121.   }
    122. 

  122. 

  123.   return internals.fetchKey(key.uri, options, (err, keyData) => {
    124. 

  124. 

  125.     if (err) {
    126. 

  126.       return next(new Error('key fetch failed: ' + (err.stack || err)));
    127. 

  127.     }
    128. 

  128. 

  129.     let decrypt;
    130. 

  130.     try {
    131. 

  131.       decrypt = Crypto.createDecipheriv('aes-128-cbc', keyData, key.iv);
    132. 

  132.     } catch (ex) {
    133. 

  133.       return next(new Error('crypto setup failed: ' + (ex.stack || ex)));
    134. 

  134.     }
    135. 

  135. 

  136.     // forward stream errors
    137. 

  137.     stream.on('error', (err) => {
    138. 

  138. 

  139.       decrypt.emit('error', err);
    140. 

  140.     });
    141. 

  141. 

  142.     return next(null, stream.pipe(decrypt), true);
    143. 

  143.   });
    144. 

  144. };
    145. 

  145.