HKG15-407: EME implementation in Chromium: Linaro Clear Key
Transcript of HKG15-407: EME implementation in Chromium: Linaro Clear Key
![Page 1: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/1.jpg)
Presented by
Date
Encrypted Media Extensions
& Platform Content Decryption Modules,
A quick start primer Matt Snoby Cisco Technical Leader
Linaro Home Group
February 2015
![Page 2: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/2.jpg)
Who is this guy? Matt Snoby Cisco Technical Leader Linaro assignee 15 years of STB experience Conditional Access Nagravision, PowerKey, Digital Rights Management Intertrust, Verimatrix, VideoGuard, PlayReady Media, Apple HLS, Gstreamer plugins and pipelines [email protected] [email protected] https://www.linkedin.com/in/mattsnoby
![Page 3: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/3.jpg)
Introduction ● What is EME ● What is a CDM ● Why use the Chromium browser ● CDM & DRM ● PC CDM’s on embedded targets ● Linaro Clear Key CDM ● How to start development on your own CDM ● Creating test encrypted content ● Undocumented “features” ● What’s Next for Linaro Clear Key CDM?
![Page 4: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/4.jpg)
EME Terminology
● EME - Encrypted Media Extensions ● DRM – Digital Rights Management ● Key Systems ● CDM – Content Decryption Module
![Page 5: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/5.jpg)
What is a CDM?
● Provides the functionality on the target
hardware to implement a key system. ● Key Systems can be (but are not limited to) a
commercial DRM system or even a clear key
![Page 6: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/6.jpg)
What is a CDM continued?
● Developed and customized for the platform. ● Does not have to be delivered with the
browser. ● Runs out of the browser process space.
![Page 7: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/7.jpg)
Why Chromium
● Leader in EME development ● Support ● Open Source
![Page 8: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/8.jpg)
How is a CDM different than traditional DRMs? CDM Traditional DRM
Authorization / pairing Done through the user agent (app)
Factory or proprietary out of band methods
Data Communication All traffic goes through the user agent (https)
typically out of band direct from the DRM process to a secure server
API’s Session based API’s proprietary
Pairing reset user can delete and reset pairing data ( like resetting a cookie)
user typically can not do this.
![Page 9: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/9.jpg)
CrossCompiled PC CDM’s
● Why not use existing CDM’s for PC’s? o Embedded CPU power o No SOC accelerated decrypt
§ HW Block Decrypt o No SOC Buffer protection after decrypt
§ TrustZone
![Page 10: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/10.jpg)
Linaro Clear Key CDM
● Why implement a Clear Key CDM ● Future development work
![Page 11: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/11.jpg)
How to Start Development? • Pull tip of chromium
• http://dev.chromium.org/developers/how-tos/get-the-code • Now build chrome
• “ninja –C out/Debug chrome • Next build the external clear key
• Remember to link in the cdmadapter code to your CDM code
• “ninja –C out/Debug clearkeycdmadapter
![Page 12: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/12.jpg)
How to Start Development cont
• Javascript / HTML 5 app is located at: media/test/data/* Specifically eme_player.html and all the files under eme_player_js directory, • cp this whole directory to your webserver • cp media/test/data/* /var/www/chrome
![Page 13: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/13.jpg)
Testing
Start up chrome: out/Debug/chrome -‐-‐enable-‐logging=stderr -‐-‐v=1 -‐-‐register-‐pepper-‐plugins="out/Debug/libclearkeycdmadapter.so#ClearKey CDM#ClearKey CDM0.1.0.0#0.1.0.0;application/x-‐ppapi-‐clearkey-‐cdm" http://localhost/chrome/eme_player.html
![Page 14: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/14.jpg)
1.) URL of encrypted video 2.)Select External Clearkey 3.)Use the Prefixed EME API’s 4.) Play
![Page 15: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/15.jpg)
Creating Content
Convert an MP4 file to a webm file ffmpeg –v infile.mp4 –vcodec libvpx –acodec libvorbis –aq 5 –ac 2 –qmax 1 output.webm
![Page 16: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/16.jpg)
Creating Content – now encryption
Webm_crypt is the prgm to encrypt video stream: https://code.google.com/p/webm/
Now encrypt the video
./webm_crypt -‐i /home/snoby/out_3.webm -‐o /home/snoby/out_enc_3.webm base_secret.key
base_secret.key is a binary 16byte file that holds the key you are encrypting with
![Page 17: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/17.jpg)
Undocumented “features”
• There is Decrypt method and DecryptandDecodeFrame method. • In the videoDecoderInitialize call return “kSessionError” to set
CDM into Decrypt only mode. • When linking your CDM you MUST link in the cdmadapter
code in the gypi files.
![Page 18: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/18.jpg)
What’s next?
● Member board implementation o Hardware Block decryptor o Secure buffers with TrustZone o Send buffers to Gstreamer for decode
![Page 19: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/19.jpg)
Questions?
![Page 20: HKG15-407: EME implementation in Chromium: Linaro Clear Key](https://reader030.fdocuments.us/reader030/viewer/2022020106/55a685421a28ab48498b48ef/html5/thumbnails/20.jpg)