[prev in list] [next in list] [prev in thread] [next in thread]
List: helix-server-cvs
Subject: [Server-cvs] admin/web/build/mserver toc.js,1.13,1.13.8.1
From: packard () helixcommunity ! org
Date: 2012-04-28 20:45:01
[Download RAW message or body]
Update of /cvsroot/server/admin/web/build/mserver
In directory cvs01.internal.helixcommunity.org:/tmp/cvs-serv23190
Modified Files:
Tag: SERVER_14_3_VERIMETRIX_HLS_LR
toc.js
Log Message:
Synopsis
========
DRM HLS LR implementation
Branches: SERVER_14_3_VERIMETRIX_HLS_LR
Reviewed by: Xiaocheng Li
Description
===========
I. Intro
===================================================
Verimatrix specializes in securing and enhancing revenue on multi-device digital TV \
services around the globe. VCAS is the solution they provide for Internet TV \
security. It provides a complete end-to-end pay-TV security solution for \
over-the-top (OTT) service providers, including both broadcast and video-on-demand \
delivery modes.
VCAS includes many components, from server side management to client side modules.
Generally speaking, it combines the content provider, service provider and client \
side player together, with its security system, to provide a reliable way to make \
money from end user. What I focus here is making the Helix server works as a part of \
this solution. That is, getting key from its security system(Verimatrix Key Server), \
encrypt content stream with this key, and provide the m3u8 file with the key URI at \
the same time, send the content stream to client by using HLS.
That is all.
II. What feature will be implemented in Helix Server
===================================================
1. Could set the Verimatrix Key Server URI(IP or Domain name)
2. Could set the port of the Verimatrix Key Server
3. Could connect to the Verimatrix Key Server with SSL(not included in this CR)
4. Could do the keep alive checking by pinging the Verimatrix Key Server with an \
interval. But as after getting key from KMS, the key would be sustained, so there is \
no need to maintain the keep alive connection with KMS. So this feature would not be \
implemented. 5. Could map each stream with a VCAS resource ID; generate a different \
set of keys based on the resource ID
6. Could protect the stream with its random generated key when Verimatrix Key Server \
down
A new web page is created for Verimatrix HLS DRM, The cfg example lists below,
<List Name="Verimatrix_DRM">
<Var KeyServerAddr="public-ott.verimatrix.com"/>
<Var KeyServerPort="12684"/>
<Var EnableKeyServerSSL="0"/>
<Var KeyServerRequestTimeout="25000"/>
<Var EnableRandomKeyWhenFail="1"/> # if 1, when fail to get key, use random key, if \
0, don't encrypt segment <List Name="HLS_DRM">
<List Name="ResourceMapping1">
<Var ResourceIDRange="4002-4122"/>
<Var defaultKeyCount="5"/>
</List>
<List Name="ResourceMapping2">
<Var ResourceIDRange="3111-4222"/>
<Var defaultKeyCount="100"/>
</List>
</List>
</List>
<List Name="MPEG2_TS_Output>
<List Name="/rtpencoder/sports/">
<Var Enable="1">
<Var TargetMountPoint="iPHone"/>
<Var UseVCASEncryption="1"/>
<Var VCASServer="ResourceMapping1"/> #map to the \
config.Verimatrix_DRM.HLS_DRM.ResourceMapping1 </List>
</List>
III. What will be done in next CR
===================================================
1. Recycle the resource-id.
when a feed is disconnected, recycle the resource-id for next new feed to use.
If no availble resour-id, check the EnableRandomKeyWhenFail, if 1, then use random \
key, else return FAIL. 2. move <Var UseVCASEncryption="1"/> <Var \
VCASServer="ResourceMapping1"/> from <List Name="MPEG2_TS_Output> to \
config.FSMount.mountpoint.MPEG2-TS_Output.
IV. Solution Description
===================================================
1.
Inside CStreamHandler::StartProcessing, adding some functions to read VCASServer DRM \
configuration. Likes GetTargetMP using sourcepath to get \
config.MPEG2_Transport_Stream list node, then use list node TargetMountPoint£¬ then \
using TargetMountPoint to get config.FSMount¡£
Here adding GetTargetVcasDRMNode, ParseTargetVcasDRMNodeConfig and \
ParseTargetVcasDRMConfig to do the similar thing which load DRM configuration from \
cfg file. We check UseVCASEncryption£¬if UseVCASEncryption ==1, then load VCAS \
configuration All necessary info are loaded into CStreamHandler::m_config.
After loading successes, using FSManger::Init to start GET first key£¨p=0£©
Implement InitDone£¨will call m_pFSManager->GetFileObject(m_pRequest, NULL)
Implement FileObjectReady, etc.
Here we don't use CREATE method, because the latest Verimatrix KMS don't need it, GET \
method would also trigger key creation.
Besides, we use a delay way when start the key getting process.
eg. a. If VCAS is enabled, then start the key getting process to get the first \
position, and start a timer(KeyServerRequestTimeout or 5s is KeyServerRequestTimeout \
is not set). b. If the first key is gotten successfully before timer timeout, then \
triger the normal GetFileHeader process. Besides, continue to get other keys until \
reach defaultKeyCount or fail to get key. c. If timer timeout, and key is still not \
ready, we have a choice here. choice A, EnableRandomKeyWhenFail==1, triger the \
normal GetFileHeader process, and use the random key. choice B, \
EnableRandomKeyWhenFail==0, return M3U_ERROR, means service is not available.
2.
Configuration params mapping
Global Param: Inner m_config Param
KeyServerAddr <---> VCASHLSServerAddr
KeyServerPort <---> VCASHLSServerPort
EnableKeyServerSSL <---> VCASHLSEnableSSL
KeyServerRequestTimeout <---> VCASHLSTimeout
EnableRandomKeyWhenFail <---> VCASEnableRandomKeyWhenFail
UseVCASEncryption <---> UseVCASEncryption
VCASHLSKeyReady£¨if p=0 and key is ready, will set VCASHLSKeyReady =1£©
Node info£º inner m_config param
Type <---> VCASHLSType
Mapping <---> VCASHLSMapping (not used yet, default is auto)
ResourceIDRange <---> VCASHLSREID £¨current resouce id£©
defaultKeyCount <---> VCASHLSDefKeyCount
3.
CTSArchiver::Init, CTSArchiver::FlushQueue, CTSArchiver::_CreatePlaylist, \
CTSArchiver::_ReWritePlaylist, they are all needed to be changed as they all use the \
encryption key. In CTSArchiver, use CTSArchiver::UpdateVCASHLSKeyInfo to get vcas \
key£¬if current p > 0, and we can¡¯t get p+1, roll back to p=0( which means if \
default key count is 100, we only get 50 of them, it could also works)
4.
M3u8 update
CTSArchiver::_CreatePlaylist
CTSArchiver::HandleSegmentDone
If m_bEnableEncryption£¬ if vcas enable && key ready£¬using vcas url
V. Implementation Detail
===================================================
1. VCAS Scrambler functions
these include read configuration file of the VCAS DRM setting, implement the VCAS \
integration API, GET key from KMS, and store it into memory. The work flow is,
When CStreamHandler::StartProcessing is called(incoming live feed or vod request), \
check cfg file source path to find UseVCASEncryption. If UseVCASEncryption==1, then \
find Verimatrix_DRM setting by VCASServer. Load all the info. Use a callback to \
start the scrambler work, to get the key, there is a defaultKeyCount, the scrambler \
will stop until an error happen or reach the defaultKeyCount.
At the same time, if first key is gotten successfully, will call the \
m_pSource->GetFileHeader() which will trigger the normal segmentation function.
At last, work flow is passed to CTSArchiver, here we have several choice,
If VCAS is used, then try to get key to do the encryption, if could not, will use \
the random key. Another thing to mention is that, in CStreamHandler::Func, there is \
a CHECK_VCAS_KEY_CB callback type, if VCAS is used and key is not gotten \
successfully, and EnableRandomKeyWhenFail==0, we will return error.
There exist a possiblity that we could get all the keys when we need to change a \
new key, if we fail to do so, we will roll back to use the first key. This is done \
in CTSArchiver::UpdateVCASHLSKeyInfo.
When time need to generate m3u8 file, will choose whether to use the URI for the \
KMS or the local URI.
2. Admin Page
A new page is added, which name is "DRM Setting", belongs to Content Management.
3. Httpfsys
it doesn't support HXR_SOCK_WOULDBLOCK in CHTTPFileObject::ProcessIdle, which will \
always return error, so change it to support HXR_SOCK_WOULDBLOCK. VCAS API don't \
need other http header except GET address HTTP/1.1, so add a bUserDrmVCAS parameter \
to let it tell httpfsys not use other header.
VI. Files Affected
==============
filesystem\http\httpfsys.cpp
datatype_rn\mpeg2\ts\filewriter\ctsarchiver.cpp
datatype_rn\mpeg2\ts\filewriter\pub\ctsarchiver.h
server_rn\datatype\mpeg2ts\streamhanlder.cpp
server_rn\datatype\mpeg2ts\pub\streamhanlder.h
server_rn\common\util\pub\mpeg2ts_config_name.h
server_rn\common\util\pub\drmutil.h
server_rn\common\util\pub\vcasscrambler.h
server_rn\common\util\pub\drmpathmap.h
server_rn\common\util\drmutil.cpp
server_rn\common\util\vcasstrambler.cpp
server_rn\common\util\drmpathmap.cpp
server_rn\common\util\Umakefil
common\include\hxdrmscrambler.h
server\admin\web\src\srvprxy\config_mpeg2ts.html.wasm
server\admin\web\src\srvprxy\config_drm.html.wasm
server\admin\web\server.opt
server\admin\web\src\srvprxy\toc~server.js
server\admin\web\src\srvprxy\pageData.pm
Testing Performed
=================
Test ViewRight on PC, ViewRight on iPhone/iPad
Index: toc.js
===================================================================
RCS file: /cvsroot/server/admin/web/build/mserver/toc.js,v
retrieving revision 1.13
retrieving revision 1.13.8.1
diff -u -d -r1.13 -r1.13.8.1
--- toc.js 11 Nov 2011 05:38:24 -0000 1.13
+++ toc.js 28 Apr 2012 20:44:58 -0000 1.13.8.1
@@ -78,6 +78,7 @@
new TOCLinkLicensed( "Channel Switching", "config_fcs.html", tmpParent, \
"FastChannelSwitching.Enabled");
new TOCLinkLicensed( "Serverside Playlist", "config_sspl.html", tmpParent, \
"ServersidePlaylist.Enabled"); new TOCLinkLicensed( "Media Segmentation", \
"config_mpeg2ts.html", tmpParent, "General.MPEG2TSSupport"); + new TOCLinkLicensed( \
"DRM Setting", "config_drm.html", tmpParent, \
"General.MPEG2TSSupport");
new TOCLinkLicensed( "Multiplexing", "config_multiplexer.html", tmpParent, \
"Multiplexer.Enabled"); new TOCLinkLicensed( "Bookmarking", \
"config_bookmarking.html", tmpParent, "General.Bookmarking"); new TOCLink( "View \
Source", "config_viewsrc.html", tmpParent);
_______________________________________________
Server-cvs mailing list
Server-cvs@helixcommunity.org
http://lists.helixcommunity.org/mailman/listinfo/server-cvs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic