PDF - Apple Developer
PDF - Apple Developer
PDF - Apple Developer
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
MPEG-2 Stream<br />
Encryption Format for<br />
HTTP Live Streaming
Contents<br />
1.0 Introduction 4<br />
2.0 Encryption 5<br />
2.1 Encryption Overview 5<br />
2.2 H.264 Video Streams 5<br />
2.3 Audio Streams 6<br />
2.3.1 General 6<br />
2.3.2 AAC Audio 6<br />
2.3.3 AC-3 Audio 7<br />
2.3.4 Audio Setup Information 8<br />
2.4 Other Stream Types 9<br />
3.0 Transport Stream Signaling 10<br />
4.0 References 11<br />
ISO/IEC 13818-1 11<br />
HTTP Live Streaming 11<br />
ISO/IEC 14496-10 11<br />
ISO/IEC 14496-3 11<br />
ETSI TS 102 366 v1.2.1 11<br />
ID3 tag version 2.4.0 11<br />
NIST Special Publication 800-38A 12<br />
Document Revision History 13<br />
2012-09-26 | © 2012 <strong>Apple</strong> Inc. All Rights Reserved.<br />
2
Listings<br />
2.0 Encryption 5<br />
Listing 1-1 Encryption of NAL Units 5<br />
Listing 1-2 Encryption of AAC Audio Frames 6<br />
Listing 1-3 Encryption of AC-3 Audio Frames 7<br />
Listing 1-4 Setup Information Format 8<br />
2012-09-26 | © 2012 <strong>Apple</strong> Inc. All Rights Reserved.<br />
3
1.0 Introduction<br />
This document describes a sample-level encryption format for several types of elementary streams that can<br />
be carried in MPEG-2 Transport Streams “ISO/IEC 13818-1” (page 11) and MPEG Elementary Audio streams.<br />
This format is used by the HTTP Live Streaming “HTTP Live Streaming” (page 11) protocol.<br />
This document specifies:<br />
● How the media data of audio and video streams are encrypted.<br />
● How encrypted streams are identified in the transport stream.<br />
● How unencrypted audio setup information is carried.<br />
2012-09-26 | © 2012 <strong>Apple</strong> Inc. All Rights Reserved.<br />
4
2.0 Encryption<br />
2.1 Encryption Overview<br />
For each encrypted stream type a protected block is identified, over which the protection process is performed.<br />
An audio stream protected block is typically a frame of audio; H.264 video protected blocks are the body of<br />
specific types of Network Adaptation Layer (NAL) Units. The encryption method defined by this specification<br />
protects certain contiguous sections of the audio or video stream within the protected blocks.<br />
Each section contains an integer number of 16-byte blocks that are encrypted using AES-128 Cipher Block<br />
Chaining (CBC) mode as specified in “NIST Special Publication 800-38A” (page 12). Cipher block chaining occurs<br />
within each protected block, and the initialization vector must be reset to its original value at the start of each<br />
new protected block.<br />
In video data, the first 16-byte block of the section and every tenth block thereafter must be encrypted.<br />
In audio data, all the 16-byte blocks must be encrypted.<br />
2.2 H.264 Video Streams<br />
H.264 (AVC) video encoding “ISO/IEC 14496-10” (page 11) must be used for video when this specification is<br />
in operation. Stream encryption is performed within each NAL unit, in byte-stream form using start codes, as<br />
detailed in Annex B of “ISO/IEC 14496-10” (page 11).<br />
NAL units of type 1 and type 5 must be encrypted to this specification; other NAL unit types must not be<br />
encrypted. Listing 1-1 shows the format of a NAL unit that contains encrypted data.<br />
Listing 1-1 Encryption of NAL Units<br />
Encrypted_NAL_Unit () {<br />
NAL_unit_type_byte // 1 byte<br />
unencrypted_leader // 31 bytes<br />
while (bytes_remaining() > 16) {<br />
}<br />
protected_block_one_in_ten // 16 bytes<br />
unencrypted_trailer // 1-16 bytes<br />
2012-09-26 | © 2012 <strong>Apple</strong> Inc. All Rights Reserved.<br />
5
2.0 Encryption<br />
2.3 Audio Streams<br />
}<br />
Each NAL unit is formed with start code emulation prevention applied. The preceding start code is not part of<br />
the protected block and is not encrypted.<br />
The byte containing the nal_unit_type value, plus the 31 bytes that follow, are unencrypted. The next<br />
contiguous data section is protected. The size, in bytes, of the protected section must be a multiple of 16 and<br />
may be 0; therefore if a NAL unit has 48 or fewer bytes, that NAL unit is completely unencrypted.<br />
The protected section uses 10% skip encryption. Each 16-byte block of encrypted data is followed by nine<br />
16-byte blocks of unencrypted data. At the end of the NAL unit, there are between 1 and 16 unencrypted<br />
trailing bytes, inclusive. If any block is encrypted (because the NAL Unit’s length is 48 bytes or more), start code<br />
emulation prevention must again be applied over the entire NAL Unit, including the unencrypted sections.<br />
To encrypt an H.264 stream, first start with a byte stream that has had start code emulation prevention applied.<br />
NAL types 1 and 5 that have a length greater than 48 bytes must be protected as defined above, and then for<br />
those NAL Units only, start code emulation prevention must be re-applied over the entire NAL Unit.<br />
To decrypt an H.264 stream, NAL units of type 1 and type 5 must be identified and unprotected. For each NAL<br />
unit of either type, start code emulation prevention must be removed unless the NAL Unit’s length is 48 bytes<br />
or less. Then the NAL Unit’s encrypted section must be located and the data in that section must be decrypted.<br />
(The resulting bitstream can then be processed by a standard H.264 decoder.)<br />
2.3 Audio Streams<br />
2.3.1 General<br />
The encryption technology defined by this specification supports two audio formats: Advanced Audio Coding<br />
(AAC) “ISO/IEC 14496-3” (page 11) and AC-3 audio (formerly Dolby Digital) “ETSI TS 102 366 v1.2.1” (page 11).<br />
2.3.2 AAC Audio<br />
An AAC protected block is an audio frame that includes an Audio Data Transport Stream (ADTS) header, as<br />
shown in Listing 1-2.<br />
Listing 1-2 Encryption of AAC Audio Frames<br />
Encrypted_AAC_Frame () {<br />
2012-09-26 | © 2012 <strong>Apple</strong> Inc. All Rights Reserved.<br />
6
2.0 Encryption<br />
2.3 Audio Streams<br />
}<br />
ADTS_Header // 7 or 9 bytes<br />
unencrypted_leader // 16 bytes<br />
while (bytes_remaining() >= 16) {<br />
}<br />
protected_block // 16 bytes<br />
unencrypted_trailer // 0-15 bytes<br />
The ADTS header, which can be 7 or 9 bytes long, plus the first 16 bytes of the frame after it, are unencrypted.<br />
The contiguous data section that follows is encrypted. The size, in bytes, of the encrypted section must be an<br />
integer multiple of 16 and is possibly zero. The AAC frame ends with 0 to 15 unencrypted bytes. Start code<br />
emulation prevention is not performed on the encrypted frame.<br />
2.3.3 AC-3 Audio<br />
An AC-3 protected block is the full audio frame (a syncframe() as defined in “ETSI TS 102 366 v1.2.1” (page<br />
11)), as shown in Listing 1-3.<br />
Listing 1-3 Encryption of AC-3 Audio Frames<br />
Encrypted_AC3_Frame () {<br />
}<br />
unencrypted_leader // 16 bytes<br />
while (bytes_remaining() >= 16) {<br />
}<br />
protected_block // 16 bytes<br />
unencrypted_trailer // 0-15 bytes<br />
The first 16 bytes, starting with the syncframe() header, are not encrypted. The contiguous data section that<br />
follows is encrypted. The AC-3 frame ends with 0 to 15 unencrypted bytes. Start code emulation prevention<br />
is not performed on the encrypted part of the frame.<br />
2012-09-26 | © 2012 <strong>Apple</strong> Inc. All Rights Reserved.<br />
7
2.0 Encryption<br />
2.3 Audio Streams<br />
2.3.4 Audio Setup Information<br />
2.3.4.1 Introduction<br />
Unencrypted audio setup information must be supplied when a stream is encrypted in conformance with this<br />
specification. The big-endian setup information format is shown in Listing 1-4.<br />
Listing 1-4 Setup Information Format<br />
audio_setup_information() {<br />
}<br />
audio_type // 4 bytes<br />
priming // 2 bytes<br />
version // 1 byte<br />
setup_data_length // 1 byte<br />
setup_data // setup_data_length<br />
The first field is a 32-bit format identifier, followed by a 16-bit priming field and an 8-bit version field. This is<br />
followed by format-specific data: first an 8-bit value containing the length, in bytes, of the format-specific data<br />
and then the format-specific data itself in an array of bytes. The setup information must be packed, with no<br />
alignment padding. The size of the setup information is 8 bytes plus the size of the format-specific data.<br />
The field’s values are:<br />
● audio_type—as defined in the following sections; identifies the type of setup data carried.<br />
● priming—set to 0x0000 for AC-3. For AAC retrieve this value from the encoder, using the <strong>Apple</strong> encoding<br />
API. If a non-<strong>Apple</strong> encoder is used and does not provide a priming value, set to 0x0000. (This may lead<br />
to incorrect audio/video synchronization if the encoder has a different priming value than the value<br />
provided to the AAC decoder when the content is rendered.)<br />
● version—set to 0x01.<br />
● setup_data_length—the number of bytes in the following setup data.<br />
● setup_data—format-specific information, as defined in the following sections.<br />
2.4.3.2 AAC Setup<br />
Format identifiers:<br />
AAC-LC<br />
‘zaac’<br />
2012-09-26 | © 2012 <strong>Apple</strong> Inc. All Rights Reserved.<br />
8
2.0 Encryption<br />
2.4 Other Stream Types<br />
AAC-HEv1<br />
AAC-HEv2<br />
‘zach’<br />
‘zacp’<br />
The AAC format-specific setup information is the AudioSpecificConfig() value, as defined in Section<br />
1.6.2.1 of “ISO/IEC 14496-3” (page 11). (Note that this value is called DecoderSpecificInfo in MPEG-4).<br />
2.4.3.3 AC-3 Setup<br />
Format identifier: ‘zac3’<br />
The AC-3 format-specific setup information is the first 10 bytes of the audio data (the syncframe()). This<br />
comprises the syncinfo() structure and the initial part of the bsi() structure, as defined in 5.3.1 and 5.3.2<br />
of “ETSI TS 102 366 v1.2.1” (page 11).<br />
2.4.3.4 Elementary Stream Setup<br />
Format identifier: ‘PRIV’<br />
In elementary streams the audio setup information is carried inside an ID3 Private Frame, as defined in “ID3<br />
tag version 2.4.0” (page 11). The owner identifier is com.apple.streaming.audioDescription.<br />
2.4.3.5 Transport Stream Setup<br />
Format identifier: ‘apad’<br />
In transport streams, the audio setup information is carried in a registration_descriptor(), as defined<br />
in “ISO/IEC 13818-1” (page 11), sections 2.6.8 and 2.6.9 and Table 2-45.<br />
2.4 Other Stream Types<br />
Stream types other than audio or video are not encrypted.<br />
2012-09-26 | © 2012 <strong>Apple</strong> Inc. All Rights Reserved.<br />
9
3.0 Transport Stream Signaling<br />
Transport stream encryption must be signaled in the stream’s Program Map Table (PMT). The PMT must fit<br />
into a single transport stream packet; it must not be fragmented. The PMT is defined in “ISO/IEC 13818-1” (page<br />
11).<br />
To avoid colliding with existing names, new stream_type values have been defined for each stream type<br />
covered by this specification:<br />
H.264 Video<br />
AAC Audio<br />
AC-3 Audio<br />
The stream_type value in the PMT must be set to 0xdb. In the descriptor loop following<br />
the ES_info_length field, a private data indicator descriptor must be added with its<br />
big-endian private_data_indicator value set to 'zavc'.<br />
The stream_type value in the PMT must be set to 0xcf. In the descriptor loop following<br />
the ES_info_length field, a private data indicator descriptor must be added with its<br />
big-endian private_data_indicator set to 'aacd'. The AAC setup information listed<br />
in “2.3.4 Audio Setup Information” (page 8)) must be supplied in a Registration<br />
Descriptor.<br />
The stream_type value in the PMT must be set to 0xc1. In the descriptor loop following<br />
the ES_info_length field, a private data indicator descriptor must be added with its<br />
big-endian private_data_indicator set to 'ac3d'. The AC-3 setup information listed<br />
in “2.3.4 Audio Setup Information” (page 8)) must be supplied in a Registration<br />
Descriptor.<br />
The private data indicator descriptors listed above must be signaled in the descriptor loop following the<br />
ES_info_length field of the PMT, as defined in “ISO/IEC 13818-1” (page 11), section 2.6.28, table 2-58.<br />
2012-09-26 | © 2012 <strong>Apple</strong> Inc. All Rights Reserved.<br />
10
4.0 References<br />
ISO/IEC 13818-1<br />
ISO/IEC 13818-1:2007 Information technology – Generic coding of moving pictures and associated audio infor-<br />
mation: Systems<br />
HTTP Live Streaming<br />
IETF Internet Draft draft-pantos-http-live-streaming “HTTP Live Streaming”<br />
ISO/IEC 14496-10<br />
ISO/IEC 14496-10:2012, Information technology – Coding of audio-visual objects – Part 10: Advanced Video<br />
Coding<br />
ISO/IEC 14496-3<br />
ISO/IEC 14496-3:2009 Information technology – Coding of audio-visual objects – Part 3: Audio<br />
ETSI TS 102 366 v1.2.1<br />
ETSI TS 102 366 v1.2.1 – Digital Audio Compression (AC-3, Enhanced AC-3) Standard<br />
ID3 tag version 2.4.0<br />
ID3 tag version 2.4.0 — Native Frames<br />
2012-09-26 | © 2012 <strong>Apple</strong> Inc. All Rights Reserved.<br />
11
4.0 References<br />
NIST Special Publication 800-38A<br />
NIST Special Publication 800-38A<br />
Recommendation of Block Cipher Modes of Operation, NIST, NIST Special Publication 800-38A<br />
2012-09-26 | © 2012 <strong>Apple</strong> Inc. All Rights Reserved.<br />
12
Document Revision History<br />
This table describes the changes to MPEG-2 Stream Encryption Format for HTTP Live Streaming .<br />
Date<br />
2012-09-26<br />
Notes<br />
New document describing encryption format into MPEG-2 transport<br />
streams as used in HTTP Live Streaming.<br />
2012-09-26 | © 2012 <strong>Apple</strong> Inc. All Rights Reserved.<br />
13
<strong>Apple</strong> Inc.<br />
© 2012 <strong>Apple</strong> Inc.<br />
All rights reserved.<br />
No part of this publication may be reproduced,<br />
stored in a retrieval system, or transmitted, in any<br />
form or by any means, mechanical, electronic,<br />
photocopying, recording, or otherwise, without<br />
prior written permission of <strong>Apple</strong> Inc., with the<br />
following exceptions: Any person is hereby<br />
authorized to store documentation on a single<br />
computer for personal use only and to print<br />
copies of documentation for personal use<br />
provided that the documentation contains<br />
<strong>Apple</strong>’s copyright notice.<br />
No licenses, express or implied, are granted with<br />
respect to any of the technology described in this<br />
document. <strong>Apple</strong> retains all intellectual property<br />
rights associated with the technology described<br />
in this document. This document is intended to<br />
assist application developers to develop<br />
applications only for <strong>Apple</strong>-labeled computers.<br />
<strong>Apple</strong> Inc.<br />
1 Infinite Loop<br />
Cupertino, CA 95014<br />
408-996-1010<br />
<strong>Apple</strong> and the <strong>Apple</strong> logo are trademarks of<br />
<strong>Apple</strong> Inc., registered in the U.S. and other<br />
countries.<br />
Dolby is a trademark of Dolby Laboratories.<br />
iOS is a trademark or registered trademark of<br />
Cisco in the U.S. and other countries and is used<br />
under license.<br />
Even though <strong>Apple</strong> has reviewed this document,<br />
APPLE MAKES NO WARRANTY OR REPRESENTATION,<br />
EITHER EXPRESS OR IMPLIED, WITH RESPECT TO THIS<br />
DOCUMENT, ITS QUALITY, ACCURACY,<br />
MERCHANTABILITY, OR FITNESS FOR A PARTICULAR<br />
PURPOSE. AS A RESULT, THIS DOCUMENT IS PROVIDED<br />
“AS IS,” AND YOU, THE READER, ARE ASSUMING THE<br />
ENTIRE RISK AS TO ITS QUALITY AND ACCURACY.<br />
IN NO EVENT WILL APPLE BE LIABLE FOR DIRECT,<br />
INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL<br />
DAMAGES RESULTING FROM ANY DEFECT OR<br />
INACCURACY IN THIS DOCUMENT, even if advised of<br />
the possibility of such damages.<br />
THE WARRANTY AND REMEDIES SET FORTH ABOVE<br />
ARE EXCLUSIVE AND IN LIEU OF ALL OTHERS, ORAL<br />
OR WRITTEN, EXPRESS OR IMPLIED. No <strong>Apple</strong> dealer,<br />
agent, or employee is authorized to make any<br />
modification, extension, or addition to this warranty.<br />
Some states do not allow the exclusion or limitation<br />
of implied warranties or liability for incidental or<br />
consequential damages, so the above limitation or<br />
exclusion may not apply to you. This warranty gives<br />
you specific legal rights, and you may also have other<br />
rights which vary from state to state.