HLS Encryption with AES-128 and PKCS7 padding

[afriza]

Hello, I am wondering if SRS' support for HLS AES-128 encryption uses PKCS7 padding ?

My understanding from quickly checking the code is that it does not use PKCS7 padding?

srs/trunk/src/kernel/srs_kernel_ts.cpp

Lines 2802 to 2810 in d70e735

	int nb_padding = 16 - (nb_buf % 16);
	if (nb_padding > 0) {
	memset(buf + nb_buf, nb_padding, nb_padding);
	}
	SrsUniquePtr<char[]> cipher(new char[nb_buf + nb_padding]);
	AES_KEY* k = (AES_KEY*)key;
	AES_cbc_encrypt((unsigned char *)buf, (unsigned char *)cipher.get(), nb_buf + nb_padding, k, iv, AES_ENCRYPT);

srs/trunk/src/kernel/srs_kernel_ts.cpp

Line 2775 in d70e735

AES_cbc_encrypt((unsigned char *)buf, (unsigned char *)cipher.get(), HLS_AES_ENCRYPT_BLOCK_LENGTH, k, iv, AES_ENCRYPT);

It seems like old Apple docs mentioned that there is no padding.. But RFC8216 mentions PCKS7 padding..

I am requesting PKCS7 padding to be added for compatibility with ExoPlayer on Android..

[suzp1984]

srs/trunk/src/kernel/srs_kernel_ts.cpp

Lines 2802 to 2810 in d70e735

	int nb_padding = 16 - (nb_buf % 16);
	if (nb_padding > 0) {
	memset(buf + nb_buf, nb_padding, nb_padding);
	}
	SrsUniquePtr<char[]> cipher(new char[nb_buf + nb_padding]);
	AES_KEY* k = (AES_KEY*)key;
	AES_cbc_encrypt((unsigned char *)buf, (unsigned char *)cipher.get(), nb_buf + nb_padding, k, iv, AES_ENCRYPT);

Above code is PCKS7 (PCKS#7) padding. If the buf is not 16-byte alignment, then fill the remaining bytes with the remaining number of bytes.

It seems like old Apple docs mentioned that there is no padding

No, I don't think the padding mentioned in above apple doc is the padding the AES encryption.
For AES, the encrypting buf must be the aligned with the number of bytes of the secrete key, that's why there are PCKS7 method to let the buf aligned with the number of bytes of secrete key.