tsdecrypt reads and decrypts CSA encrypted incoming mpeg transport stream over UDP/RTP using code words obtained from OSCAM or similar CAM server. tsdecrypt communicates with CAM server using cs378x (camd35 over tcp) protocol or newcamd protocol. https://georgi.unixsol.org/programs/tsdecrypt/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

how_to_use.txt 9.7KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239
  1. -------
  2. FFdecsa
  3. -------
  4. This code is able to decrypt MPEG TS packets with the CSA algorithm. To
  5. achieve high speed, the decryption core works on many packets at the
  6. same time, so the interface is more complicated than usual decsa
  7. implementations.
  8. The FFdecsa.h file defines the external interface of this code.
  9. Basically:
  10. 1) you use get_suggested_cluster_size to know the optimal number of
  11. packets you have to pass for decryption
  12. 2) you use set_control_words to set the decryption keys
  13. 3) you use decrypt_packets to do the actual decryption
  14. You don't need to always use set_control_words before decrypt_packets,
  15. if keys aren't changed.
  16. The decrypt_packets function call decrypts many packets at the same
  17. time. The interface is complicated because the only design goal was
  18. speed, so it implements zero-copying of packets, out-of-order decryption
  19. and optimal packet aggregation for better parallelism. This part is the
  20. most difficult to understand.
  21. --- HOW TO USE int decrypt_packets(unsigned char **cluster); ---
  22. PARAMETERS
  23. cluster points to an array of pointers, representing zero or more
  24. ranges. Every range has a start and end pointer; a start pointer==NULL
  25. terminates the array.
  26. So, an array of pointers has this content:
  27. start_of_buffer_1, end_of_buffer_1, ... start_of_buffer_N,
  28. end_of_buffer_N, NULL
  29. example:
  30. 0x12340000, 0x123400bc, 0x56780a00, 0x5678b78, NULL
  31. has two ranges (0x12340000 - 0x123400bc and 0x56780a00 - 0x5678b78),
  32. for a total of three packets (starting at 0x12340000, 0x56780a00,
  33. 0x5678abc)
  34. RETURNS
  35. How many packets can now be consumed by the caller, this is always >=
  36. 1, unless the cluster contained zero packets (in that case it's
  37. obviously zero).
  38. MODIFIES
  39. The cluster is modified to try to exclude packets which shouldn't be
  40. submitted again for decryption (because just decrypted or originally
  41. not crypted). "Try to exclude" because the returned array will never
  42. be bigger than what was passed, so if you passed only a range and some
  43. packets in the middle were decrypted making "holes" into the range,
  44. the range would have to be split into several ranges, and that will
  45. not be done. If you want a strict description of what has to be passed
  46. again to decrypt_packets, you have to use ranges with only one packet
  47. inside. Note that the first packet will certainly be eliminated from
  48. the returned cluster (see also RETURNS).
  49. You can now read the detailed description of operation or just skip to
  50. the API examples.
  51. ---------------------------------
  52. DETAILED DESCRIPTION OF OPERATION
  53. ---------------------------------
  54. consider a sequence of packets like this:
  55. 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 ...
  56. E E E E E E E E E E E O E O E O O 0 0 0 0 0 0 0 0 c O O O O O O O O O O O ...
  57. where
  58. E = encrypted_even,
  59. O = encrypted_odd,
  60. e = clear_was_encrypted_even,
  61. o = clear_was_encrypted_odd,
  62. c = clear
  63. and suppose the suggested cluster size is 10 (this could be for a function with internal parallelism 8)
  64. 1) we define the cluster to include packets 0-9 and
  65. call decrypt_packets
  66. a possible result is that the function call
  67. - returns 8 (8 packets available)
  68. - the buffer contains now this
  69. -----------------------------
  70. 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 ...
  71. e e e e e e e e E E E O E O E O O 0 0 0 0 0 0 0 0 c O O O O O O O O O O O ...
  72. -----
  73. - the modified cluster covers 8-9 [continue reading, but then see note 1 below]
  74. so, we can use the first 8 packets of the original cluster (0-7)
  75. 2) now, we define cluster over 8-17 and call decrypt_packets
  76. a possible result is:
  77. - returns 3 (3 packets available)
  78. - the buffer contains now this (!!!)
  79. -----------------------------
  80. 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 ...
  81. e e e e e e e e e e e O e O e O O 0 0 0 0 0 0 0 0 c O O O O O O O O O O O ...
  82. -- -- --------
  83. - the modified cluster covers 11-11,13-13,15-17 [continue reading, but then see note 1 below]
  84. so, we can use the first 3 packets of the original cluster (8-10)
  85. 3) now, we define cluster over 11-20 and call decrypt packets (defining a cluster 11-11,13-13,15-22 would be better)
  86. a possible result is:
  87. - returns 10 (10 packets available)
  88. - the buffer contains now this
  89. -----------------------------
  90. 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 ...
  91. e e e e e e e e e e e o e o e o o o o o o 0 0 0 0 c O O O O O O O O O O O ...
  92. - the modified cluster is empty
  93. so, we can use the first 10 packets of the original cluster (11-20)
  94. What it happened is that the second call decrypted packets 12 and 14 but they were
  95. not made available because packet 11 was still encrypted,
  96. the third call decrypted 11,13,15-20 and included 12 and 14 as available too.
  97. 4) now, we define cluster over 21-30 and call decrypt packets
  98. a possible result is:
  99. - returns 9 (9 packets available)
  100. - the buffer contains now this
  101. -----------------------------
  102. 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 ...
  103. e e e e e e e e e e e o e o e o o o o o o o o o o c o o o o O O O O O O O ...
  104. --
  105. - the modified cluster covers 30-30
  106. so, we can use the first 9 packets of the original cluster (21-29)
  107. What happened is that packet 25 could be skipped because it is in clear.
  108. Note that the suggested cluster size (10) is higher than the maximum number
  109. of packets that can be really decrypted (8), but we are able to skip 12 and 14
  110. in step 3) and run the decryption on a full 8 packets group.
  111. In the same way, we were able to skip 25 in step 4).
  112. There are three kinds of "free" packets we can skip:
  113. - packets decrypted in a previous call (as 12 and 14)
  114. - packets already in clear (as 25)
  115. - packets with a payload of less than 8 bytes (clear==encrypted!)
  116. Note also that we could have defined a better cluster in step 3
  117. (11-11,13-13,15-22), using what step 2 had returned. The risk of not
  118. having 8 packets to decrypt would have been smaller (consider the case
  119. where 19 and 20 were "c").
  120. Final considerations:
  121. - you can use a bigger or smaller cluster than the suggested number of packets
  122. - every call to decrypt_packets has a *fixed* CPU cost, so you should try to
  123. not run it with a few packets, when possible
  124. - decrypt_packets can't decrypt even and odd at the same time; it guarantees
  125. that the first packet will be decrypted and tries to decrypt as many packets
  126. as possible
  127. - clear packets in the middle of encrypted packets don't happen in real world,
  128. but E,E,E,O,E,O,O,O sequences do happen (audio/video muxing problems?) and
  129. small packets (<8 bytes) happen frequently; the ability to skip is useful.
  130. note 1:
  131. As the returned cluster will not have more ranges than the passed one, what it is
  132. described above is not actually true.
  133. In the step 1) the returned cluster will cover 8-9, but in step 2) it will
  134. cover 11-17 (some extra packets had to remain in); this lack of information
  135. prevents us from using an optimal 11-11,13-13,15-22 in step 3). Note that
  136. in any case step 3) will decrypt 11,13,15,16,17,18,19,20 thanks to the
  137. extra margin we use (we put ten packets (including 19 and 20) even if the
  138. parallelism was just 8, and it was a good idea; but if 19 and 20 were of
  139. type c, we would have run the decryption with only 6/8 efficiency).
  140. This problem can be prevented by using ranges with only one packet: in
  141. step 2) we would have passed
  142. 8-8,9-9,10-10,11-11,12-12,13-13,14-14,15-15,16-16,17-17
  143. and got back
  144. 11-11,13-13,15-17.
  145. ------------
  146. API EXAMPLES
  147. ------------
  148. Some examples of how the API can be used (this is not real code, so it
  149. may have typos or other bugs).
  150. Example 1: (big linear buffer, simple use of cluster)
  151. unsigned char *p;
  152. unsigned char *cluster[3];
  153. for(p=start;p<end;){
  154. cluster[0]=p;cluster[1]=end;
  155. cluster[2]=NULL;
  156. p+=188*decrypt_packets(cluster);
  157. }
  158. //consume(start,end);
  159. Example 2: (circular buffer, simple use of cluster)
  160. unsigned char *p;
  161. unsigned char *cluster[5];
  162. while(1){
  163. if(read==write){
  164. //buffer is empty
  165. //write=refill_buffer(write,start,end);
  166. continue;
  167. }
  168. else if(read<write){
  169. cluster[0]=read;cluster[1]=write;
  170. cluster[2]=NULL;
  171. }
  172. else{
  173. cluster[0]=read;cluster[1]=end;
  174. cluster[2]=start;cluster[3]=write;
  175. cluster[4]=NULL;
  176. }
  177. new_read=read+188*decrypt_packets(cluster);
  178. if(new_read<=end){
  179. //consume(read,new_read);
  180. }
  181. else{
  182. new_read=start+(new_read-end);
  183. //consume(read,end);
  184. //consume(start,new_read);
  185. }
  186. read=new_read;
  187. if(read==end) read=start;
  188. }
  189. Example 3: (undefined buffer structure, advanced use of cluster)
  190. unsigned char *packets[1000000];
  191. unsigned char *cluster[142]; //if suggested packets is 70
  192. cluster[0]=NULL;
  193. for(n=0;n<1000000;){
  194. i=0;
  195. while(cluster[2*i]!=NULL) i++; //preserve returned ranges
  196. for(k=i;k<70&&n<1000000;k++,n++){
  197. cluster[2*k]=packets[n];cluster[2*k+1]=packets[n]+188;
  198. }
  199. cluster[2*k]=NULL;
  200. decrypt_packets(cluster);
  201. }
  202. //consume_all_packets();