CN108924596A - media data transmission method, device and storage medium - Google Patents

media data transmission method, device and storage medium Download PDF

Info

Publication number
CN108924596A
CN108924596A CN201810986718.0A CN201810986718A CN108924596A CN 108924596 A CN108924596 A CN 108924596A CN 201810986718 A CN201810986718 A CN 201810986718A CN 108924596 A CN108924596 A CN 108924596A
Authority
CN
China
Prior art keywords
key
media
encrypted
label
fragment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810986718.0A
Other languages
Chinese (zh)
Other versions
CN108924596B (en
Inventor
谢志钢
胡小鹏
万春雷
陈冬根
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Suzhou Keda Technology Co Ltd
Original Assignee
Suzhou Keda Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Suzhou Keda Technology Co Ltd filed Critical Suzhou Keda Technology Co Ltd
Priority to CN201810986718.0A priority Critical patent/CN108924596B/en
Publication of CN108924596A publication Critical patent/CN108924596A/en
Application granted granted Critical
Publication of CN108924596B publication Critical patent/CN108924596B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/80Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
    • H04N21/83Generation or processing of protective or descriptive data associated with content; Content structuring
    • H04N21/845Structuring of content, e.g. decomposing content into time segments
    • H04N21/8456Structuring of content, e.g. decomposing content into time segments by decomposing the content in the time domain, e.g. in time segments
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs
    • H04N21/2347Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs involving video stream encryption
    • H04N21/23476Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs involving video stream encryption by partially encrypting, e.g. encrypting the ending portion of a movie
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/633Control signals issued by server directed to the network components or client
    • H04N21/6332Control signals issued by server directed to the network components or client directed to client
    • H04N21/6334Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
    • H04N21/63345Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key by transmitting keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/643Communication protocols

Abstract

This application involves a kind of media data transmission method, device and storage mediums, belong to field of communication technology, and this method includes:Determine the original agreement version number of used transport protocol when transmission objectives media fragment;To original agreement, version number is extended, and be expanded protocol version;Key-label is generated according to the key identification of the process identifier of extension ciphering process and encryption key;Target medium segment is encrypted according to extension ciphering process and encryption key, obtains encrypted media fragment;Media play list is generated according to the fragment identification of Extended Protocol version number, key-label and encrypted media fragment;Publication medium playlist and encrypted media fragment;It can solve the problem of can only carrying out encrypted media data using the ciphering process that original HLS transport protocol defines in net cast transmission process, cipher mode is caused to compare limitation;Cipher mode can be extended.

Description

Media data transmission method, device and storage medium
Technical field
This application involves media data transmission method, device and storage mediums, belong to field of communication technology.
Background technique
HTTP live stream (Http Live Streaming, HLS) is defined by Apple company for real-time streaming transport Agreement.HLS is realized based on hypertext transfer protocol (HyperText Transfer Protocol, HTTP), and provides one The method that kind efficiently and reliably propagates continuous videos on internet.
HLS protocol defines at least two ciphering process and encrypts to media data.Such as:Define advanced encryption Standard (Advanced Encryption Standard, AES) -128 ciphering process and SAMPLE-AES ciphering process.Wherein, AES-128 ciphering process be with 128 number of bits according to make one group of carry out symmetric cryptography block encryption algorithm and with the use of plus Close piece of chain (Cipher-block chaining, CBC) encryption mode integrally encrypts target medium segment;SAMPLE- AES encryption process with the use of CBC for adding the media sample data in target medium segment using AES-128 Encryption Algorithm Close mode is encrypted.
However, during net cast using HLS protocol transmission data when, the encryption that define of HLS protocol can only be used Process encryption, cipher mode compare limitation.
Summary of the invention
This application provides a kind of media data transmission method, device and storage mediums, can solve net cast process In the ciphering process that can only be defined using transport protocol the problem of carrying out encrypted media data, cipher mode is caused to compare limitation.This Application provides the following technical solutions:
In a first aspect, a kind of media data transmission method is provided, the method includes:
Determine the original agreement version number of used transport protocol when transmission objectives media fragment;
The original agreement version number is extended, be expanded protocol version;The extension ciphering process refers to Ciphering process other than the transport protocol range of definition;
Key-label is generated according to the key identification of the process identifier of the extension ciphering process and encryption key;
The target medium segment is encrypted according to the extension ciphering process and the encryption key, is encrypted Media fragment afterwards;
It is raw according to the fragment identification of the Extended Protocol version number, the key-label and the encrypted media fragment At media play list;
The media play list and the encrypted media fragment are issued, the media play list is used for for receiving End is decrypted the encrypted media fragment according to the Extended Protocol version number and the key-label.
Optionally, described that the target medium segment is added according to the extension ciphering process and the encryption key It is close, encrypted media fragment is obtained, including:
As a whole by the target medium segment, using the extension ciphering process and the encryption key to institute It states target medium segment to be encrypted, obtains the encrypted media fragment.
Optionally, the target medium segment includes media sample data and structure describes data, described according to the expansion Exhibition ciphering process and the encryption key encrypt the target medium segment, obtain encrypted media fragment, including:
Using the extension ciphering process and the encryption key to the media sample in the target medium segment Data are encrypted, and the encrypted media fragment is obtained.
Optionally, described that key is generated according to the process identifier of the extension ciphering process and the key identification of encryption key Label, including:
Obtain encryption initial vector;
Obtain the key identification;
The algorithm attribute in the key-label is set to according to the transport protocol mistake of the extension ciphering process Journey mark, set the key identification for the key attribute in the key-label, by the key-label it is initial to Amount attribute is set as the encryption initial vector, obtains the key-label.
Optionally, described that the target medium segment is added according to the extension ciphering process and the encryption key It is close, encrypted media fragment is obtained, including:
It is different using the encryption initial vector and the progress of target medium segment under cryptographic block chain CBC block cipher mode Or operation;The target medium segment after exclusive or is encrypted using the extension ciphering process and the encryption key, is obtained The encrypted media fragment;
Alternatively,
Under counter CTR block cipher mode, added using the extension ciphering process and the encryption key to described Close initial vector is encrypted;Xor operation initially is carried out to vector and the target medium segment using encrypted encryption, Obtain the encrypted media fragment.
Optionally, after the key identification according to the extension ciphering process and encryption key generates key-label, Further include:
The key-label is updated when the use duration of the encryption key reaches preset duration;
It is raw according to the updated key-label and corresponding target medium segment at the time of updating the key-label At updated media play list.
Second aspect provides a kind of media data transmission method, the method includes:
Obtain the media play list of transmitting terminal publication;The media play list is the transmitting terminal according to Extended Protocol What the fragment identification of version number, key-label and encrypted media fragment generated;The Extended Protocol version number is to transmission What the original agreement version number of agreement was extended;The key-label be according to extension ciphering process process identifier and What the key identification of encryption key generated;The encrypted media fragment is using the extension ciphering process and the encryption Target medium segment described in key pair is encrypted;The extension ciphering process refers to the transport protocol range of definition Except ciphering process;
The processing of the target medium segment is determined according to the Extended Protocol version number in the media play list Process;
The described encrypted of the instruction of fragment identification described in the media play list is downloaded according to the treatment process Media fragment;
The encryption key of the instruction of key identification described in the key-label is obtained according to the treatment process;
According to the extension ciphering process of process identifier instruction and the encryption key to the encrypted media piece Section is decrypted, and obtains the target medium segment;
The target medium segment is handled.
The third aspect, provides a kind of media data transmission, and described device includes:
Version number's determining module, the original agreement version of used transport protocol when for determining transmission objectives media fragment This number;
Version number's expansion module, for being extended to the original agreement version number, be expanded protocol version;Institute It states extension ciphering process and refers to ciphering process other than the transport protocol range of definition;
Tag generation module, it is close for being generated according to the process identifier of extension ciphering process and the key identification of encryption key Key label;
Data encryption module is used for according to the extension ciphering process and the encryption key to the target medium segment It is encrypted, obtains encrypted media fragment;
List Generating Module, for according to the Extended Protocol version number, the key-label and the encrypted matchmaker The fragment identification of body segment generates media play list;
Data publication module, for issuing the media play list and the encrypted media fragment, the media Playlist is used for for receiving end according to the Extended Protocol version number and the key-label to the encrypted media piece Section is decrypted.
Fourth aspect, provides a kind of media data transmission, and described device includes:
List obtains module, for obtaining the media play list of transmitting terminal publication;The media play list is described Transmitting terminal is generated according to the fragment identification of Extended Protocol version number, key-label and encrypted media fragment;The extension Protocol version is extended to the original agreement version number of transport protocol;The key-label is added according to extension What the process identifier of close process and the key identification of encryption key generated;The encrypted media fragment is using the extension What ciphering process and the encryption key encrypted the target medium segment;The extension ciphering process refers to institute State the ciphering process except the transport protocol range of definition;
Process determining module, for determining the mesh according to the Extended Protocol version number in the media play list Mark the treatment process of media fragment;
Data download module refers to for downloading fragment identification described in the media play list according to the treatment process The encrypted media fragment shown;
Key Acquisition Module, for obtaining the instruction of key identification described in the key-label according to the treatment process The encryption key;
Data decryption module, the extension ciphering process and the encryption key for being indicated according to the process identifier are to institute It states encrypted media fragment to be decrypted, obtains the target medium segment;
Data processing module, for handling the target medium segment.
5th aspect, provides a kind of media data transmission, described device includes processor and memory;The storage Program is stored in device, described program is loaded as the processor and executed to realize media data transmission described in first aspect Method;Or media data transmission method described in second aspect.
6th aspect, provides a kind of computer readable storage medium, program, described program is stored in the storage medium It is loaded as the processor and is executed to realize media data transmission method described in first aspect;Or described in second aspect Media data transmission method.
The beneficial effects of the present application are as follows:Used transport protocol is original when by determining transmission objectives media fragment Protocol version;Using extension ciphering process the target medium segment is encrypted when, to original agreement version number into Row extension, be expanded protocol version;It is generated according to the key identification of the process identifier of extension ciphering process and encryption key Key-label;Target medium segment is encrypted according to extension ciphering process and encryption key, obtains encrypted media piece Section;Media play list is generated according to the fragment identification of Extended Protocol version number, key-label and encrypted media fragment;Hair Cloth media play list and encrypted media fragment;Can solve net cast in the process can only be fixed using original transport protocol The problem of ciphering process of justice carrys out encrypted media data, cipher mode is caused to compare limitation;Due to can be to original agreement version It number is extended, so that new ciphering process is introduced, it is thereby achieved that ciphering process on the basis of original transport protocol Extension.
Above description is only the general introduction of technical scheme, in order to better understand the technological means of the application, And can be implemented in accordance with the contents of the specification, with the preferred embodiment of the application and cooperate attached drawing below detailed description is as follows.
Detailed description of the invention
Fig. 1 is the structural schematic diagram for the media data transmission system that the application one embodiment provides;
Fig. 2 is the flow chart for the media data transmission method that the application one embodiment provides;
Fig. 3 is the block diagram for the media data transmission that the application one embodiment provides;
Fig. 4 is the block diagram for the media data transmission that the application one embodiment provides;
Fig. 5 is the block diagram for the media data transmission that the application one embodiment provides.
Specific embodiment
With reference to the accompanying drawings and examples, the specific embodiment of the application is described in further detail.Implement below Example is not limited to scope of the present application for illustrating the application.
Firstly, to this application involves several nouns be introduced.
HTTP live stream (Http Live Streaming, HLS) is that defeated agreement is spread for real-time perfoming.HLS is based on Hypertext transfer protocol (HyperText Transfer Protocol, HTTP) realization, the data packet based on HLS protocol transmission At least two parts are included, a part is the description content of text (being known as M3U8 file in the application) of M3U8 format, and another part is The media content (being known as TS file in the application) of TS format.
Optionally, M3U8 file is for defining a media play list (Media Playlist).Media play list Be by one group of uniform resource locator (Uniform Resource Locator, URL) and much information label temporally and language One section of text made of adopted sequence is enumerated.Each URL is associated with a media fragment, which is a consecutive numbers According to the fragment data block that can be transmitted of stream within a certain period of time.For play data stream, receiving end obtains media first Then playlist obtains and plays the media fragment of media play list instruction.
Wherein, media fragment is referred to as media data fragment, media slicing file etc., and the application is not to media fragment Name be referred to as limit.
Optionally, media fragment includes that media sample data and structure describe data;Media sample data are used to indicate matchmaker Media content in body segment;Structure describes data for describing the sequence of media sample data so that target medium segment is constituted One section of data block that can be transmitted.Wherein, media sample data include but is not limited to:It is designated as user and acoustic medium is directly provided Audio-frequency information, video information that image media is directly provided etc..Structure describes data:By certain media transmission Call format will be described for the audio frequency media that user provides and be packaged into the auxiliary description information of streaming audio data, by certain Kind of media transmission call format will be described for the video media that user provides and be packaged into the auxiliary of streaming visual data and retouches It states information, retouch the auxiliary that streaming audio data and streaming visual data multiplex by certain media transmission call format Information etc. is stated, the content that the application does not describe data to media sample data and structure limits.
Optionally, associated to describe row URL by insertion information labels before certain row URL in media play list Certain characteristic of media fragment;Alternatively, describing certain characteristic of entire media play list;Alternatively, describe the information labels it Certain feature of the media fragment occurred afterwards.Optionally, information labels guide the title of an information labels using " # ".
Schematically, the content of M3U8 file is as follows:
#EXTM3U
#EXT-X-TARGETDURATION:10
#EXT-X-VERSION:7
#EXT-X-ALLOW-CACHE:NO
#EXT-X-MEDIA-SEQUENCE:1
#EXT-X-KEY:METHOD=SAMPLE-SM4,
URI=https://media.example.com/key/keyid,
IV=0x2F170FB605C5765EBA8D619612ACA7E5
#EXT-X-MAP:URI=" live.mp4 ", BYTERANGE=" 560@0 "
#EXTINF:4.96907,
#EXT-X-BYTERANGE:25312@560
live.mp4
#EXTINF:4.96907,
#EXT-X-BYTERANGE:25440@25872
live.mp4
#EXTINF:9.009,
http://media.example.com/first.ts
#EXTINF:9.009,
http://media.example.com/second.ts
#EXTINF:3.003,
http://media.example.com/third.ts
In upper example, the #EXTM3U of first trip is used to indicate analysis program by the grammer lattice of the media play list of HLS protocol Formula understands the content of this section of text.
EXT-X-TARGETDURATION label specifies the maximum value of media fragment duration.Optionally, EXT-X- The value of TARGETDURATIO is integer.Media fragment duration defined in EXTINF label in media play list The duration specified less than or equal to EXT-X-TARGETDURATION label.Optionally, EXT-X- TARGETDURATION label occurs once in media play list, and format is:
#EXT-X-TARGETDURATION:<s>
Wherein, s is an integer in seconds.
EXT-X-VERSION is version number's label, which is used to indicate the media piece in media play list The version number of HLS protocol used in segment file.During the value of version number label E XT-X-VERSION is media data transmission The protocol version for the HLS protocol that each transmission device can execute.
EXT-X-ALLOW-CATCH is caching indicating label, which is used to indicate permission or does not allow Buffered media segment.Cache each media fragment of the indicating label suitable for media play list.EXT-X-ALLOW-CATCH Format it is as follows:
#EXT-X-ALLOW-CACHE:<YES|NO>
Wherein, YES, which is used to indicate, allows buffered media segment;NO, which is used to indicate, does not allow buffered media segment.
EXT-X-MEDIA-SEQUENCE is serial number indicating label, and serial number indicating label is used to indicate media play list text Sequence number of first media fragment in the media fragment sequence being entirely broadcast live in part.The lattice of EXT-X-MEDIA-SEQUENCE Formula is as follows:
#EXT-X-MEDIA-SEQUENCE:<Number>
Wherein, Number is the value of sequence number.Optionally, Serial No. integer.
Optionally, the quantity of the EXT-X-MEDIA-SEQUENCE label in media play list file is less than or equal to 1. If there is no EXT-X-MEDIA-SEQUENCE label in media play list file, then can be first in media play list The sequence number of a URL is considered as 0.
EXT-X-KEY is key-label, and key-label is for information needed for providing decryption media fragment, EXT-X-KEY The format of label is as follows:
#EXT-X-KEY:METHOD=<method>, [URI="<uri>"], [IV=<iv>]
METHOD is algorithm attribute, and the value method of the METHOD specifies ciphering process, and method can be encrypted The process identifier of journey.Process identifier for uniquely identifying a certain ciphering process, the process identifier can be ciphering process (including Original encryption process and extension ciphering process) title;Alternatively, being also possible to random string etc., the present embodiment is not to process The set-up mode of mark limits.Three kinds of ciphering process are defined in current newest HLS protocol, such as:NONE,AES-128 And SAMPLE-AES.Ciphering process NONE indicates that media file is not encrypted, if ciphering process is NONE, unified resource Identifier (Uniform Resource Identifier, URI) and IV attribute are not present, and at this moment also can be omitted EXT-X-KEY Label;Ciphering process AES-128 indicates that media fragment uses advanced encryption standard (Advanced Encryption Standard, AES) -128 keys and cryptographic block chain (Cipher-block chaining, CBC) group mode is cooperated to encrypt; Ciphering process SAMPLE-AES expression using AES-128 ciphering process and cooperates CBC to the media sample data in media fragment Group mode is encrypted, and is not encrypted to the format information for constituting media fragment.URI attribute is key attribute, can be referred to Surely the method for encryption key is obtained.The value uri of URI is the key identification of encryption key.IV attribute can specify using key Initialization vector.Optionally, if media play list does not include EXT-X-KEY label, media fragment will not be added It is close.Optionally, key-label can also include other attributes, such as:The attributes such as KEYFORMAT, KEYFORMATVERSIONS, This is no longer going to repeat them for this implementation;Wherein, KEYFORMAT and KEYFORMATVERSIONS passes through the key mark for describing The Context resolution that URI in label is got goes out the mode of key.
EXT-X-MAP label is used to indicate the mode of the media initialize part needed for obtaining.EXT-X-MAP label is applicable in In subsequent media fragment, until the appearance of next EXT-X-MAP label.The format of XT-X-MAP label is as follows:
#EXT-X-MAP:URI=<uri>, BYTERANGE=<byterange>
Wherein, URI is used to indicate the position of media initialize part resource;BYTERANGE is used to indicate initialization resource Occupy byte length and the byte starting position of block of bytes.BYTERANG is an option, if not specified, then it represents that entire Specified resource requires.
EXTINF label is a record label, and the record label is for media file specified by the URI after describing. Optionally, the format for recording label is:
#EXTINF:<DURATION>,<TITLE>
Wherein, DURATION is used to specify the duration of media fragment, which can in seconds, this is held The continuous time can be rounded up to immediate integer.The remainder of comma back is the title of media file in row, this is surplus Remaining part point or sky.
EXT-X-BYTERANGE label is for indicating that media fragment is one section in a media URI resource, to later URL is effective, and the format of EXT-X-BYTERANGE label is as follows:
#EXT-X-BYTERANGE:<n>[@<o>]
Wherein, n indicates that the byte length for the media resource that URL link shared by the data block of media fragment arrives, o indicate media Byte starting position of the data block of segment in the media resource that URI is linked to.
Certainly, the exemplary illustration of above-mentioned only M3U8 file, in actual implementation, M3U8 file may include it is more or The less information labels of person, the application are not construed as limiting this.
“http://media.example.com/first.ts”、“http://media.example.com/ second.ts","http://media.example.com/third.ts " is the uniform resource locator of media fragment The address (Uniform Resource Locator, URL).
Uniform resource identifier (Uniform Resource Identifier, URI):Refer to for identifying a certain interconnection The character string of net resource name.
Uniform resource locator (Uniform Resource Locator, URL):It is used to indicate and obtains from internet The position of resource and access method are the addresses of the standard resource on internet.Generally speaking, a network money is marked in URI Source, the Internet resources include address and the access mode of Internet resources, and URL be marked an Internet resources address and Access mode, that is, URI includes URL;In other words, all URL are URI, but not all URI is URL.
Original transport protocol:Refer to the existing agreement for being used to carry out media data transmission, such as:Above-mentioned HLS protocol.
Original agreement version number:Refer to the version number that original transport protocol provides, such as:The HLS protocol second edition, HLS association Discuss the 5th edition etc..
Transport protocol after extension:Refer to and media data transmission mode is extended on the basis of original transport protocol Obtained transport protocol afterwards.Schematically, in the application, the transport protocol after extension refers on the basis of original transport protocol On, the ciphering process of media data is extended, original HLS protocol provide NONE, AES-128 ciphering process and The expansible mode of ciphering process is increased on the basis of SAMPLE-AES ciphering process, such as:Expansible mode is original Character is added after protocol version to indicate the extension to ciphering process.In other words, the transport protocol after extension does not change The protocol contents for becoming original transport protocol, only increase the expansible side of ciphering process on the basis of original transport protocol Formula.
Extended Protocol version number:When referring to using extension transport protocol transmission media data, if being extended using ciphering process Ciphering process encrypted media data, then protocol version original agreement version number being extended.Such as:Original agreement Version number is 2, is 2.1 to the Extended Protocol version number that the original agreement version number is extended.
Original encryption process:Refer to the ciphering process that original transport protocol defines, such as:AES- defined in HLS protocol 128 ciphering process.
Extend ciphering process:Refer to transport protocol (including the transport protocol after original transport protocol and extension) defined model Other ciphering process except enclosing, such as:It is decrypted using the China commercialization key algorithm SM4 except the HLS protocol range of definition Process encrypts target medium segment;For another example:Using the SAMPLE-SM4 except the HLS protocol range of definition to target Target sample data in media fragment encrypt etc..Wherein, SM4 and SAMPLE-SM4 is to extend ciphering process.
Fig. 1 is the structural schematic diagram for the media data transmission system that the application one embodiment provides, as shown in Figure 1, should System includes at least:Transmitting terminal 110 and receiving end 120.
Transmitting terminal 110 and receiving end 120 are the equipment for supporting media data transmission, such as:It is mobile phone, computer, wearable Formula equipment, tablet computer, personal computer etc., the present embodiment will not enumerate herein.
Optionally, transmitting terminal 110 carries out communication phase with cipher key service subsystem 130 and media releasing subsystem 140 respectively Even.
Cipher key service subsystem 130 can include but is not limited to following several for the service that transmitting terminal 110 provides:
Service 1 creates encryption key and provides the encryption key and the key mark of the encryption key for transmitting terminal 110 Know.
Wherein, the character string that encryption key can be randomly generated, such as:The binary data of 16 bytes or 128 ratios Special binary data etc., the present embodiment does not limit the length of encryption key and generating mode.
The corresponding unique key identification of each encryption key, it is close can be associated with the encryption by the key identification Key.Optionally, key identification is unified a fragment identifier or a character string etc..
Optionally, the encryption key that cipher key service subsystem 130 creates has timeliness, and in other words, encryption key is only In effective time effectively.Effective time can be 24 hours or 12 hours etc., and the present embodiment is not to the value of effective time It limits.
Service 2 obtains associated encryption key according to key identification.
Cipher key service subsystem 130 needs to be identified according to target cipher key when obtaining associated target encryption key, can be with It is retrieved in the encryption key and associated key identification created;Consistent key mark is identified with target cipher key when retrieving When knowledge, the target cipher key can be got and identify associated target encryption key;It is consistent with target cipher key mark when not retrieving Key identification when, then to transmitting terminal 110 return retrieval error to notify transmitting terminal 110 not retrieve target encryption key.
Optionally, cipher key service subsystem 130 can provide service, GET request packet by the GET request of http protocol Include key identification;And the initial data of encryption key is returned in the response message of GET request, such as:By 16 byte representations Binary data.
Optionally, cipher key service subsystem 130 can by be different from http protocol GET request certain have it is higher The privately owned security key transmission channel of safety provides the access service of key, such as:Virtual Private Network (Virtual Private Network, VPN) channel provides the access service of key, and the application do not limit the transmission mode of key.
Service 3 nullifies associated encryption key according to key identification.
Optionally, it when cipher key service subsystem 130 receives de-registration request, is identified according to the target cipher key in de-registration request It is retrieved in the encryption key and associated key identification created;Consistent key mark is identified with target cipher key when retrieving When knowledge, nullifies (deletion) target cipher key and identify associated target encryption key;If not retrieving consistent with target cipher key mark Key identification when, then process terminates.
Optionally, cipher key service subsystem 130 can be set in the mutually independent equipment of transmitting terminal 110, such as:Service Device or mobile terminal are medium;Alternatively, also can be set in transmitting terminal 110;Cipher key service subsystem 130 is in practical realization When can be hardware, software or software and hardware combining system.
Transmitting terminal 110 be used for after getting media data (or Media Stream), by set time length (such as:It is several Second) time interval to media data carry out cutting, obtain at least one fragment;Then, to the media data in same fragment (such as audio media data and/or video media-data) is multiplexed to obtain media fragment by transformat.Wherein, to matchmaker Volume data carries out multiplexing and refers to:Media sample data in each media fragment are created that according to the transformat of media data Sequence media structure data, and obtained structure is described into data in conjunction with media sample data, obtains the matchmaker that can be transmitted The process of volume data block.
Wherein, transformat can be dynamic image expert group (Moving Picture Experts Group, MPEG) 2- transport stream (Transport Stream, TS).
Transmitting terminal 110 is also used to after getting target medium segment, is created for recording the target medium segment The resource of media play list;And determine the protocol version of used transport protocol when transmission objectives media fragment.Wherein, Transport protocol can be original transport protocol;Version number can be the original agreement version number of original transport protocol;Alternatively, transmission Agreement is also possible to the transport protocol after extension;Version number is also possible to the expansion being extended based on original agreement version number Open up protocol version.Such as:The Extended Protocol version number that transmitting terminal 110 is determined is 5.1, that is, setting " #EXT-X- VERSION:5.1”。
Wherein, media data can be live data or order program data etc., the media data can for video data, Audio data, text data or image data etc., the present embodiment do not limit the type of media data.
Optionally, after transmitting terminal 110 gets target medium segment, the offer of cipher key service subsystem 130 is first passed through Service the key identification of 1 service acquisition encryption key and the encryption key;Then, it is generated in key-label according to the key identification URI.
Optionally, it is initial as encryption also to generate a string of character strings before generating key-label at random for transmitting terminal 110 Vector, such as:The binary data of 16 bytes or 128 bits;Then, transmitting terminal 110 uses the encryption initial vector, basis The key-label that the process identifier of URI and ciphering process that key identification generates splice;The key-label is added to mesh Media play list is obtained before marking the fragment identification of media fragment.
Wherein, for process identifier for uniquely identifying a certain ciphering process, which can be the name of ciphering process Claim;Alternatively, being also possible to random string etc., the present embodiment is not limited the set-up mode of process identifier.
It is the uniform resource locator (Uniform that target medium segment generates that fragment identification, which can be transmitting terminal 110, Resource Locator, URL).Optionally, when the quantity of the fragment identification recorded in media play list reaches amount threshold When, transmitting terminal 110 removes the fragment identification added at first;And the key-label used in the fragment identification of the removal is therewith Used in fragment identification afterwards when key-label difference, key-label used in the fragment identification by removal is removed, and to Cipher key service subsystem 130 sends de-registration request, and the key identification in the key-label of removal is carried in the de-registration request, this When, cipher key service subsystem 130 provides service 3.
Optionally, transmitting terminal 110 starts timer after getting encryption key, reaches pre- in the duration of timer instruction If when duration, obtaining encryption key and key identification again through cipher key service subsystem 130;And/or regenerate encryption just Beginning vector obtains updated key-label to update key-label;Updated key-label is added to current time Before the fragment identification of corresponding target medium segment, updated media play list is generated.Wherein, preset duration can be It 1 hour or greater than 1 hour and less than the arbitrary value in 24 hours sections or is greater than being averaged for media fragment file and holds Continuous time and less than the arbitrary value in 1 hour section, the present embodiment does not limit the setting means of preset duration and value.
In the present embodiment, the ciphering process in key-label is original encryption process, or is extension ciphering process.Than Such as:Process identifier METHOD=SM4 in key-label;Alternatively, the process identifier METHOD=SAMPLE- in key-label SM4, wherein SM4 and SAMPLE-SM4 is extension ciphering process.
Optionally, when process identifier METHOD=SM4 in key-label, transmitting terminal 110 makes target medium segment It is encrypted with SM4 with the use of CBC encryption mode and encryption key, obtains encrypted media fragment.In process identifier When METHOD=SAMPLE-SM4, it is used cooperatively CBC encryption mode and encryption key using SM4, in target medium segment Media sample data are encrypted;Encrypted target medium sample data and not encrypted media structure data composition are added Media fragment after close;Alternatively, encrypted media sample data are encrypted according still further to rebuilding series media structure data Media fragment afterwards.
After transmitting terminal 110 generates media play list, media play list can be sent to media releasing subsystem 140。
Optionally, media releasing subsystem 140 can be set in the mutually independent equipment of transmitting terminal 110, such as:Service Device or mobile terminal are medium;Alternatively, also can be set in transmitting terminal 110;Media releasing subsystem 140 is in practical realization When can be hardware, software or software and hardware combining system.Media releasing subsystem 140 can for webpage (Web) website, Web server, content distributing network or any service for supporting http protocol and HTTPS agreement, program, module are set It is standby.
Media releasing subsystem 140 is for the fragment identification in publication medium playlist and the media play list The target medium segment of instruction.
Optionally, receiving end 120 is connected with the communication of media releasing subsystem 140.
Receiving end 120 obtains the media play list that media releasing subsystem 140 is issued, according in the media play list Fragment identification obtain corresponding target medium segment;And according to the protocol version of media play list instruction, ciphering process Target medium segment is handled with key identification.
Optionally, receiving end 120 obtains protocol version after getting media play list, in the lattice of the protocol version When formula meets the format of Extended Protocol version number, then using the transport protocol processing target media fragment after extension.
Optionally, receiving end 120 obtains key identification after getting media play list;The key identification is sent to matchmaker Body issues subsystem 140, and it is corresponding to obtain the key identification from cipher key service subsystem 130 by media releasing subsystem 140 Encryption key, at this point, cipher key service subsystem 130 provides service 2 according to key identification.
Certainly, receiving end 120 can also be connected with cipher key service subsystem 130, directly send out to cipher key service subsystem 130 Key identification is sent, without providing encryption key by 140 proxy signature key service subsystem 130 of media releasing subsystem.
Schematically, the ciphering process in media play list in key-label is extension ciphering process, and extends and add When close process is cooperates CBC encryption mode to encrypt target medium segment using SM4, if process identifier METHOD=SM4, Then receiving end 120 is decrypted encrypted media fragment using SM4 and encryption key, obtains target medium segment.If crossing Journey identifies METHOD=SAMPLE-SM4, then receiving end 120 uses SM4 to the media sample data in encrypted media fragment These media sample data are decrypted with encryption key, data is described in conjunction with the structure of unencryption and obtains target medium piece Section;Alternatively, the media sample data after decryption, which are described data according still further to rebuilding series structure, obtains target medium segment.
Fig. 2 is the flow chart for the media data transmission method that the application one embodiment provides, and the present embodiment is in this way Applied to being illustrated in media data transmission system shown in FIG. 1.This method includes at least following steps:
Step 201, transmitting terminal determines the original agreement version number of used transport protocol when transmission objectives media fragment.
Target medium segment is that transmitting terminal obtain after fragment according to certain time interval to the media data got It arrives.Target medium segment may include video media-data or audio media data etc., and the present embodiment is not to target medium The type of media data in segment limits.
Wherein, the media data that transmitting terminal is got can be transmitting terminal by acquisition component it is collected, such as:Pass through Camera and microphone are collected;Alternatively, be also possible to acquire what equipment was sent, such as:What video camera was sent;Alternatively, It can be by external service system transmission, such as:What video conferencing system was sent;Alternatively, being also possible to from storage medium It reads, such as:It is read from stored file.
Optionally, transport protocol can be original transport protocol;Alternatively, being also possible to the transport protocol after extension.
Wherein, original transport protocol may be there are many original agreement version, according to the difference of type of service, and transmitting terminal can be with The corresponding original agreement version of selection present type of service carrys out transmission objectives media fragment.Due to extension after transport protocol be Extension obtains on the basis of original transport protocol, and therefore, the original transport protocol of each version can have corresponding extension Transport protocol afterwards.
Such as:Original transport protocol is HLS protocol, and the original agreement version number of HLS protocol includes 2,3,4,5,6,7,8 etc. Miscellaneous editions, transmitting terminal determine that original agreement version number is 5 according to the type of service of target medium segment.
Step 202, transmitting terminal is extended original agreement version number, and be expanded protocol version.
Extension ciphering process refers to the ciphering process except the transport protocol range of definition.
Transmitting terminal may use the ciphering process except the original transport protocol range of definition to add target medium segment Close, at this point, being extended to original agreement version number, be expanded protocol version.
Optionally, original agreement version number is extended and is referred on the basis of retaining original agreement version number, added Other mark for marking transport protocols are the transport protocol after extension, and be expanded protocol version.Schematically, retaining use On the basis of the integer of instruction original agreement version number, decimal point and number are added after the integer, be expanded agreement Version.Such as:It adds decimal point after the original agreement version number 3 of original transport protocol HLS and number 1 is expanded agreement version This number 3.1.
Such as:The Extended Protocol version number in media play list that transmitting terminal generates is as follows:
#EXT-X-VERSION:3.1
Step 203, transmitting terminal generates key according to the process identifier of extension ciphering process and the key identification of encryption key Label.
For process identifier for uniquely identifying a certain ciphering process, which can be ciphering process (including extension Ciphering process) title;Alternatively, being also possible to random string etc., the present embodiment is not limited the set-up mode of process identifier It is fixed.Such as:Process identifier is SM4, SAMPLE-SM4.
Encryption key can be transmitting terminal generation;It is obtained from cipher key service subsystem alternatively, being also possible to transmitting terminal It arrives.
Optionally, transmitting terminal can also obtain encryption initial vector before generating key-label;Obtain key identification; Then, the algorithm attribute in key-label is set to according to transport protocol the process identifier of extension ciphering process, by key mark Key attribute in label is set as key identification, sets encryption initial vector for the initial vector attribute in key-label, obtains To key-label.
Optionally, there are many encryption modes for the block encryption of media data, close except needing to encrypt under various encryption modes Can also include the start-up parameter that there is the encryption initial vector of random element as ciphering process except key, encryption initially to Amount and encryption key one react on target medium segment to be encrypted, generate encrypted media fragment.As encryption is grouped The difference of mode, encryption initial vector apply the concrete operations in data also different in ciphering process.
In one example, different using encryption initial vector and the progress of target medium segment under CBC block cipher mode Or operation;Then, the target medium segment after exclusive or is encrypted using extension ciphering process and encryption key, is encrypted Media fragment afterwards.
In yet another example, under counter (Counter, CTR) block cipher mode, using extension ciphering process and Encryption key encrypts encryption initial vector;Then, using encrypted encryption initial vector and target medium segment into Row xor operation obtains encrypted media fragment.
Optionally, transmitting terminal is every sends target medium segment one encryption initial vector of acquisition;Alternatively, transmitting terminal is every An encryption initial vector is obtained every the target medium segment that a period of time is subsequent transmission;Alternatively, transmitting terminal is using same New encryption initial vector is obtained when the target medium segment of encryption initial vector encryption preset quantity;Alternatively, transmitting terminal is obtaining New encryption initial vector is obtained when taking encryption key;Alternatively, transmitting terminal obtains encryption when sending target medium segment for the first time Initial vector;The present embodiment does not limit the generation opportunity of encryption initial vector, application range and replacement rule.
Such as:The key-label in media play list that transmitting terminal generates is as follows:
#EXT-X-KEY:METHOD=SM4, URI=" https://media.example.com/key/keyid",
IV=0xBFE5DD026B3170DE8854EA0D9E142479
Step 204, transmitting terminal encrypts target medium segment according to extension ciphering process and encryption key, is added Media fragment after close.
Optionally, the mode that transmitting terminal encrypts target medium segment includes but is not limited to following several:
The first:As a whole by target medium segment, using extension ciphering process and encryption key to target matchmaker Body segment is encrypted, and encrypted media fragment is obtained.
Such as:When process identifier METHOD=SM4 in key-label, transmitting terminal integrally carries out target medium segment Encryption, obtains encrypted media fragment.
Optionally, the first cipher mode can be only applicable to part original agreement version number, such as:It is only applicable to original HLS protocol version number 1,2 and 3.
Second:Target medium segment includes that media sample data and structure describe data, using extension ciphering process and Encryption key encrypts the media sample data in target medium segment, obtains encrypted media fragment.
Transmitting terminal is encrypted using extending by the media sample data and media structure data separating in target medium segment Journey and encryption key encrypt media sample data, then the media structure of encrypted media sample data and unencryption Data recombination is encrypted media fragment;Alternatively, transmitting terminal is using extension ciphering process and encryption key to media sample number According to being encrypted, according to encrypted media sample data reconstruction media structure data, by encrypted media sample data and Structure after reconstruction describes data recombination and obtains encrypted media fragment.
Such as:When process identifier METHOD=SAMPLE-SM4 in key-label, transmitting terminal first isolates target matchmaker Media sample data in body segment simultaneously encrypt, then encrypted media sample data and media structure data recombination are added Media fragment after close.
Optionally, second of cipher mode can be only applicable to part original agreement version number, such as:It is only applicable to original HLS protocol version number 5 and original agreement version number later.
Optionally, when transmitting terminal encrypts target medium segment using extension ciphering process, block encryption can be combined Operating mode target medium segment is encrypted.Such as:Target medium segment is encrypted in conjunction with CBC mode.
Such as:When under MPEG-2_TS format, transmitting terminal skip the byte of the regular length of each data frame beginning not into Then row data encryption again encrypts next data.Wherein, the byte of the regular length of beginning is leading bright Text belongs to structure and describes data;Data in data frame after leading plaintext are media sample data.
Optionally, the length of leading plaintext is according to the different and different of media data encoding type.Such as:For sound Frequency evidence, when audio coding formats are Advanced Audio Coding (Advanced Audio Coding, AAC) format, leading plaintext The data of header data and subsequent 16 byte lengths including audio data.For another example, for audio data, when audio is compiled When code format is audio coding -3 (Audio Coding-3, AC-3) format, leading plaintext is the data of 16 byte lengths.Again For example, for video media-data, when video code model is the H.264 coded format expressed using NALU, leading plaintext For the data of 32 byte lengths.
Optionally, when being encrypted to the media sample data in target medium segment, if remaining matchmaker to be encrypted The length of body sample data, which is not up to, encrypts the length (such as 16 bytes) that grouping requires, then can be remaining to be encrypted by this Media sample data are as plaintext, without encryption.In this case, encryption block length is shorter than media sample data Length, at this point, will not be to the encryption of whole media sample data one piece of media sample data occur and not making encryption Effect causes significantly to negatively affect.
Optionally, when being encrypted to the media sample data in target medium segment, if remaining matchmaker to be encrypted The length of body sample data, which is not up to, encrypts the length (such as 16 bytes) that grouping requires, then can use random data in tail portion The remaining media sample data to be encrypted are pieced together into the length that an encryption grouping requires, participate in encrypting later again.This In the case of kind, it may appear that encrypted data length is bigger than data length before encrypting, so being at this moment no longer used in combination former Carry out the media structure data of unencryption, but rebuilds new media structure data, by encrypted media sample data and newly Media structure data recombination is encrypted media fragment.
Certainly, when in key-label including encryption initial vector, transmitting terminal can also use encryption initial vector and add Close key pair target medium segment is encrypted, and therefore not to repeat here for the present embodiment.
Step 205, transmitting terminal is according to Extended Protocol version number, the fragment identification of key-label and encrypted media fragment Generate media play list.
Optionally, the fragment identification of encrypted media fragment can be the address URL of encrypted media fragment;It receives End corresponding encrypted media fragment is downloaded according to the address URL.
Media play list is used for for receiving end according to Extended Protocol version number and key-label to encrypted media piece Section is decrypted.
Step 206, transmitting terminal publication medium playlist and encrypted media fragment.
Optionally, transmitting terminal can pass through media releasing subsystem publication medium playlist and encrypted media piece Section.
Optionally, the media play list and encrypted media fragment of media releasing subsystem publication are in specified access Receiving end is allowed to access in period.Access time section can be what transmitting terminal was specified.
Optionally, access time section can be the multiple of encrypted media fragment duration, such as:10 times;Alternatively, When the media data that transmitting terminal is got is live data, the time span of access time section is greater than or equal to live streaming duration, The present embodiment does not limit the duration of access time section.
Optionally, media releasing subsystem is based on http protocol publication medium playlist and encrypted media fragment; Alternatively, being based on security socket layer hypertext transfer protocol (Hyper Text Transfer Protocol over Secure Socket Layer, HTTPS) protocol issuance media play list and encrypted media fragment, the present embodiment do not send out media The agreement that cloth subsystem uses limits.
Optionally, media releasing subsystem issues encrypted media fragment in a manner of forbidding caching.
Step 207, receiving end obtains the media play list of transmitting terminal publication.
When transmitting terminal encrypts target medium segment using extension ciphering process, media play list is transmitting terminal It is generated according to the fragment identification of Extended Protocol version number, key-label and encrypted media fragment;Extended Protocol version number It is to be extended to the original agreement version number of transport protocol;Key-label is the process mark according to extension ciphering process Know and the generation of the key identification of encryption key;Encrypted media fragment is using extension ciphering process and encryption key to mesh Mark media fragment is encrypted.
Optionally, receiving end obtains the media play column of transmitting terminal publication after by the authorization of media releasing subsystem Table.Such as:Receiving end sends log-on message to media releasing subsystem, and it is correct to verify the log-on message in media releasing subsystem When, allow receiving end to obtain media play list.
Optionally, receiving end is periodically arranged according to the media play that the URL of media play list obtains transmitting terminal publication Table.
Step 208, receiving end determines the place of target medium segment according to the Extended Protocol version number in media play list Reason process.
Optionally, receiving end obtains version number's label after getting media play list, in the format of version number's label For Extended Protocol version number format when, illustrate receiving end using extension after transport protocol processing target media fragment.
Step 209, the encrypted matchmaker that receiving end is indicated according to fragment identification in treatment process downloads of media playlist Body segment.
Receiving end encrypted media fragment is downloaded from media releasing subsystem according to fragment identification.
Step 210, receiving end obtains the encryption key of key identification instruction in key-label according to treatment process.
Optionally, key identification is sent to cipher key subsystem by media releasing subsystem by receiving end, then, by key Subsystem returns to corresponding encryption key according to key identification;Alternatively, receiving end is directly communicated with cipher key subsystem, by close Key subsystem returns to corresponding encryption key according to key identification.
Step 211, the extension ciphering process and encryption key that receiving end is indicated according to process identifier are to encrypted media Segment is decrypted, and obtains target medium segment.
According to the two kinds of cipher modes provided in step 204, correspondingly manner of decryption includes but is not limited to following several:
The first manner of decryption of the first corresponding cipher mode:After extending ciphering process and encryption key to encryption Media fragment be decrypted, i.e. target medium segment.
Second of manner of decryption of corresponding second of cipher mode:Encrypted media fragment is separated, is tied Structure describes data and encrypted media sample data;Using extension ciphering process and encryption key to encrypted media sample Data are decrypted, and the media sample data after decryption are recombinated to obtain target medium segment with media structure;Alternatively, according to solution The rebuilding series media structure data of media sample data after close by the media sample data after decryption and rebuild obtained knot Structure describes data recombination and obtains target medium segment.
Certainly, if transmitting terminal has used encryption initial vector to encrypt target medium segment in ciphering process, phase Ying Di, receiving end needs to need to generate corresponding decryption initial vector using identical method in decrypting process, and using should Encrypted media fragment is decrypted in decryption initial vector.
Step 212, receiving end handles target medium segment.
Optionally, processing target media fragment in receiving end can be to play out to target medium segment.
In conclusion media data transmission method provided in this embodiment, by determining transmission objectives media fragment when institute The original agreement version number of the transport protocol used;The target medium segment is encrypted using extension ciphering process When, to original agreement, version number is extended, and be expanded protocol version;According to the process identifier of extension ciphering process and add The key identification of key generates key-label;Target medium segment is added according to extension ciphering process and encryption key It is close, obtain encrypted media fragment;According to the piece segment mark of Extended Protocol version number, key-label and encrypted media fragment Know and generates media play list;Publication medium playlist and encrypted media fragment;During can solve net cast The problem of ciphering process that can only be defined using original transport protocol is carried out encrypted media data, cipher mode is caused to compare limitation; Due to that can be extended to original agreement version number, so that new ciphering process is introduced, it is thereby achieved that in original transmitted To the extension of ciphering process on the basis of agreement.
In addition, media data transmission method provided in this embodiment can be adapted for media transport protocol, even if Extended meeting upgrades after some transport protocols, and the media data transmission method is still effective.
In addition, selectively being disclosed by describing data to the media structure in media fragment;To media sample number According to encrypting;Do not reduce media sample data it is protected in the state of, media fragment is formatted etc. Reason, for example describe data by the structure of new media formats requirement re-constructing media and recombinate out media data, it can be directly integrated Into the operation system of new media formats.
Optionally, step 201-206 can be implemented separately to send the embodiment of the method for end side;Step 207-212 can be independent It is embodied as receiving the embodiment of the method for end side, the present embodiment is not construed as limiting this.
Optionally, transmitting terminal needs to regularly replace encryption key when providing media data, to reduce in the long period Media data transmission during media data it is under attack a possibility that.In the encryption key more renewed, transmitting terminal needs New encryption key is applied in media play list, and in the piece of the media fragment encrypted using the encryption key Before segment identification, insertion applies the key identification of new encryption key.
Based on the above embodiment, after step 203, transmitting terminal is when the use duration of encryption key reaches preset duration Key-label is updated, updated key-label is obtained;According at the time of updated key-label and update key-label pairs The target medium segment answered generates updated media play list.
Optionally, preset duration is 1 hour;Alternatively, being greater than 1 hour and less than 24 hours;Alternatively, less than 1 hour and big In the average duration of target medium segment.The present embodiment does not limit the setting means of preset duration and value.
Wherein, transmitting terminal update key-label includes:Update key-label in key identification and/or encryption initially to Amount.
In conclusion in the present embodiment, it is first by the key identification and/or encryption that update encryption key every preset duration Beginning vector can reduce a possibility that media data is under attack during the media data transmission of long period;Improve matchmaker The safety of volume data.
Fig. 3 is the block diagram for the media data transmission that the application one embodiment provides, and the present embodiment is answered with the device For being illustrated for the transmitting terminal 110 in media data transmission system shown in FIG. 1.The device includes at least following Module:Version number's determining module 310, version number's expansion module 320, tag generation module 330, data encryption module 340, list Generation module 350 and data release module 360.
Version number's determining module 310, the original association of used transport protocol when for determining transmission objectives media fragment Discuss version number;
Version number's expansion module 320, for being extended to the original agreement version number, be expanded protocol version Number;The extension ciphering process refers to the ciphering process other than the transport protocol range of definition;
Tag generation module 330, for according to the process identifier of the extension ciphering process and the key mark of encryption key Know and generates key-label;
Data encryption module 340 is used for according to the extension ciphering process and the encryption key to the target medium Segment is encrypted, and encrypted media fragment is obtained;
List Generating Module 350, for according to the Extended Protocol version number, the key-label and described encrypted The fragment identification of media fragment generates media play list;
Data publication module 360, for issuing the media play list and the encrypted media fragment, the matchmaker Body playlist is used for for receiving end according to the Extended Protocol version number and the key-label to the encrypted media Segment is decrypted.
Correlative detail refers to above method embodiment.
Fig. 4 is the block diagram for the media data transmission that the application one embodiment provides, and the present embodiment is answered with the device For being illustrated for the receiving end 120 in media data transmission system shown in FIG. 1.The device includes at least following Module:List obtains module 410, process determining module 420, data download module 430, Key Acquisition Module 440, data deciphering Module 450 and data processing module 460.
List obtains module 410, for obtaining the media play list of transmitting terminal publication;The media play list is institute State what transmitting terminal was generated according to the fragment identification of Extended Protocol version number, key-label and encrypted media fragment;The expansion Opening up protocol version is extended to the original agreement version number of transport protocol;The key-label is according to What the key identification of the process identifier and encryption key that extend ciphering process generated;The encrypted media fragment is using institute It states extension ciphering process and the encryption key encrypts the target medium segment;The extension ciphering process Refer to the ciphering process except the transport protocol range of definition;
Process determining module 420, for determining institute according to the Extended Protocol version number in the media play list State the treatment process of target medium segment;
Data download module 430, for downloading piece segment mark described in the media play list according to the treatment process Know the encrypted media fragment of instruction;
Key Acquisition Module 440 refers to for obtaining key identification described in the key-label according to the treatment process The encryption key shown;
Data decryption module 450, extension ciphering process and the encryption key for being indicated according to the process identifier The encrypted media fragment is decrypted, the target medium segment is obtained;
Data processing module 460, for handling the target medium segment.
Correlative detail refers to above method embodiment.
It should be noted that:The media data transmission provided in above-described embodiment when carrying out media data transmission, Only the example of the division of the above functional modules, it in practical application, can according to need and by above-mentioned function distribution It is completed by different functional modules, i.e., the internal structure of media data transmission is divided into different functional modules, with complete At all or part of function described above.In addition, media data transmission provided by the above embodiment and media data Transmission method embodiment belongs to same design, and specific implementation process is detailed in embodiment of the method, and which is not described herein again.
Fig. 5 is the block diagram for the media data transmission that the application one embodiment provides, which can be shown in Fig. 1 Media data transmission system in transmitting terminal 110;Alternatively, being also possible to receiving end 120.The device includes at least processor 501 and memory 502.
Processor 501 may include one or more processing cores, such as:4 core processors, 5 core processors etc..Place Reason device 501 can use DSP (Digital Signal Processing, Digital Signal Processing), FPGA (Field- Programmable Gate Array, field programmable gate array), PLA
At least one of (Programmable Logic Array, programmable logic array) example, in hardware is realized. Processor 501 also may include primary processor and coprocessor, and primary processor is for carrying out to data in the awake state The processor of processing, also referred to as CPU (Central Processing Unit, central processing unit);Coprocessor be for to The low power processor that data under machine state are handled.In some embodiments, processor 501 can be integrated with GPU (Graphics Processing Unit, image processor), GPU are used to be responsible for the rendering of content to be shown needed for display screen And drafting.In some embodiments, processor 501 can also include at AI (Artificial Intelligence, artificial intelligence) Device is managed, the AI processor is for handling the calculating operation in relation to machine learning.
Memory 502 may include one or more computer readable storage mediums, which can To be non-transient.Memory 502 may also include high-speed random access memory and nonvolatile memory, such as one Or multiple disk storage equipments, flash memory device.In some embodiments, the non-transient computer in memory 502 can Storage medium is read for storing at least one instruction, at least one instruction performed by processor 501 for realizing this Shen Please in embodiment of the method provide media data transmission method.
In some embodiments, media data transmission is also optional includes:Peripheral device interface and at least one outside Peripheral equipment.It can be connected by bus or signal wire between processor 501, memory 502 and peripheral device interface.Each periphery Equipment can be connected by bus, signal wire or circuit board with peripheral device interface.Schematically, peripheral equipment includes but unlimited In:Radio circuit, touch display screen, voicefrequency circuit and power supply etc..
Certainly, media data transmission can also include less or more component, and the present embodiment is not construed as limiting this.
Optionally, the application is also provided with a kind of computer readable storage medium, in the computer readable storage medium It is stored with program, described program is loaded by processor and executed the media data transmission method to realize above method embodiment.
Optionally, the application is also provided with a kind of computer product, which includes computer-readable storage medium Matter is stored with program in the computer readable storage medium, and described program is loaded by processor and executed to realize above-mentioned side The media data transmission method of method embodiment.
Each technical characteristic of embodiment described above can be combined arbitrarily, for simplicity of description, not to above-mentioned reality It applies all possible combination of each technical characteristic in example to be all described, as long as however, the combination of these technical characteristics is not deposited In contradiction, all should be considered as described in this specification.
The several embodiments of the application above described embodiment only expresses, the description thereof is more specific and detailed, but simultaneously It cannot therefore be construed as limiting the scope of the patent.It should be pointed out that coming for those of ordinary skill in the art It says, without departing from the concept of this application, various modifications and improvements can be made, these belong to the protection of the application Range.Therefore, the scope of protection shall be subject to the appended claims for the application patent.

Claims (10)

1. a kind of media data transmission method, which is characterized in that the method includes:
Determine the original agreement version number of used transport protocol when transmission objectives media fragment;
The original agreement version number is extended, be expanded protocol version;
Key-label is generated according to the key identification of the process identifier of extension ciphering process and encryption key;The extension is encrypted Journey refers to the ciphering process other than the transport protocol range of definition;
The target medium segment is encrypted according to the extension ciphering process and the encryption key, is obtained encrypted Media fragment;
Matchmaker is generated according to the fragment identification of the Extended Protocol version number, the key-label and the encrypted media fragment Body playlist;
The media play list and the encrypted media fragment are issued, the media play list is used for for receiving end root The encrypted media fragment is decrypted according to the Extended Protocol version number and the key-label.
2. the method according to claim 1, wherein the target medium segment includes media sample data and knot Structure describes data, described to be encrypted according to the extension ciphering process and the encryption key to the target medium segment, Encrypted media fragment is obtained, including:
Using the extension ciphering process and the encryption key to the media sample data in the target medium segment It is encrypted, obtains the encrypted media fragment.
3. the method according to claim 1, wherein it is described according to it is described extension ciphering process process identifier and The key identification of encryption key generates key-label, including:
Obtain encryption initial vector;
Obtain the key identification;
The algorithm attribute in the key-label is set to according to the transport protocol process mark of the extension ciphering process Know, the key identification is set by the key attribute in the key-label, by the initial vector category in the key-label Property is set as the encryption initial vector, obtains the key-label.
4. according to the method described in claim 3, it is characterized in that, it is described according to the extension ciphering process and it is described encryption it is close Key encrypts the target medium segment, obtains encrypted media fragment, including:
Under cryptographic block chain CBC block cipher mode, exclusive or behaviour is carried out using the encryption initial vector and target medium segment Make;The target medium segment after exclusive or is encrypted using the extension ciphering process and the encryption key, is obtained described Encrypted media fragment;
Alternatively,
Under counter CTR block cipher mode, using the extension ciphering process and the encryption key at the beginning of the encryption Beginning vector is encrypted;Xor operation initially is carried out to vector and the target medium segment using encrypted encryption, is obtained The encrypted media fragment.
5. the method according to claim 1, wherein it is described according to it is described extension ciphering process process identifier and After the key identification of encryption key generates key-label, further include:
The key-label is updated when the use duration of the encryption key reaches preset duration;
It is generated more according to the updated key-label with target medium segment corresponding at the time of updating the key-label Media play list after new.
6. a kind of media data transmission method, which is characterized in that the method includes:
Obtain the media play list of transmitting terminal publication;The media play list is the transmitting terminal according to Extended Protocol version Number, the fragment identification of key-label and encrypted media fragment generates;The Extended Protocol version number is to transport protocol Original agreement version number be extended;The key-label is the process identifier and encryption according to extension ciphering process What the key identification of key generated;The encrypted media fragment is using the extension ciphering process and the encryption key The target medium segment is encrypted;The extension ciphering process refers to except the transport protocol range of definition Ciphering process;
The treatment process of the target medium segment is determined according to the Extended Protocol version number in the media play list;
The encrypted media of the instruction of fragment identification described in the media play list are downloaded according to the treatment process Segment;
The encryption key of the instruction of key identification described in the key-label is obtained according to the treatment process;
According to the process identifier instruction extension ciphering process and the encryption key to the encrypted media fragment into Row decryption, obtains the target medium segment;
The target medium segment is handled.
7. a kind of media data transmission, which is characterized in that described device includes:
Version number's determining module, the original agreement version of used transport protocol when for determining transmission objectives media fragment Number;
Version number's expansion module, for being extended to the original agreement version number, be expanded protocol version;The expansion Exhibition ciphering process refers to the ciphering process other than the transport protocol range of definition;
Tag generation module, for generating key mark according to the process identifier of extension ciphering process and the key identification of encryption key Label;
Data encryption module, for being carried out according to the extension ciphering process and the encryption key to the target medium segment Encryption, obtains encrypted media fragment;
List Generating Module, for according to the Extended Protocol version number, the key-label and the encrypted media piece The fragment identification of section generates media play list;
Data publication module, for issuing the media play list and the encrypted media fragment, the media play List be used for for receiving end according to the Extended Protocol version number and the key-label to the encrypted media fragment into Row decryption.
8. a kind of media data transmission, which is characterized in that described device includes:
List obtains module, for obtaining the media play list of transmitting terminal publication;The media play list is the transmission What end was generated according to the fragment identification of Extended Protocol version number, key-label and encrypted media fragment;The Extended Protocol Version number is extended to the original agreement version number of transport protocol;The key-label is encrypted according to extending What the process identifier of journey and the key identification of encryption key generated;The encrypted media fragment is encrypted using the extension What process and the encryption key encrypted the target medium segment;The extension ciphering process refers to the biography Ciphering process except defeated protocol definition range;
Process determining module, for determining the target matchmaker according to the Extended Protocol version number in the media play list The treatment process of body segment;
Data download module, for downloading the instruction of fragment identification described in the media play list according to the treatment process The encrypted media fragment;
Key Acquisition Module, for according to the treatment process obtain key identification described in the key-label instruction described in Encryption key;
Data decryption module, extension ciphering process and the encryption key for being indicated according to the process identifier add to described Media fragment after close is decrypted, and obtains the target medium segment;
Data processing module, for handling the target medium segment.
9. a kind of media data transmission, which is characterized in that described device includes processor and memory;In the memory It is stored with program, described program is loaded by the processor and executed to realize such as media described in any one of claim 1 to 5 Data transmission method;Alternatively, realizing media data transmission method as claimed in claim 6.
10. a kind of computer readable storage medium, which is characterized in that be stored with program, described program quilt in the storage medium For realizing media data transmission method such as described in any one of claim 1 to 5 when processor executes;Alternatively, realizing as weighed Benefit require 6 described in media data transmission method.
CN201810986718.0A 2018-08-28 2018-08-28 Media data transmission method, device and storage medium Active CN108924596B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810986718.0A CN108924596B (en) 2018-08-28 2018-08-28 Media data transmission method, device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810986718.0A CN108924596B (en) 2018-08-28 2018-08-28 Media data transmission method, device and storage medium

Publications (2)

Publication Number Publication Date
CN108924596A true CN108924596A (en) 2018-11-30
CN108924596B CN108924596B (en) 2020-11-13

Family

ID=64407255

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810986718.0A Active CN108924596B (en) 2018-08-28 2018-08-28 Media data transmission method, device and storage medium

Country Status (1)

Country Link
CN (1) CN108924596B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112040268A (en) * 2020-08-11 2020-12-04 福建天泉教育科技有限公司 Video playing method and storage medium supporting user-defined DRM
CN112235258A (en) * 2020-09-24 2021-01-15 黄杰 Encryption/decryption method, encryption/decryption system, and encryption/decryption device for information transmission
CN113468567A (en) * 2021-07-02 2021-10-01 罗克佳华(重庆)科技有限公司 Data processing method and data processing equipment

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140101445A1 (en) * 2012-10-09 2014-04-10 Futurewei Technologies, Inc. Authenticated Encryption Support in ISO/IEC 23009-4
CN104471913A (en) * 2012-07-13 2015-03-25 华为技术有限公司 Signaling and handling content encryption and rights management in content transport and delivery
US20150379286A1 (en) * 2014-06-30 2015-12-31 Konica Minolta Laboratory U.S.A., Inc. Cryptographic key
CN105939484A (en) * 2016-06-14 2016-09-14 深圳创维数字技术有限公司 Audio/video encrypted playing method and system thereof
CN106331751A (en) * 2016-08-31 2017-01-11 广州易方信息科技有限公司 Online encrypted slice video playing method based on iOS operating system
CN106550245A (en) * 2010-12-14 2017-03-29 苹果公司 Real-time or near real-time streaming with compression playlist
CN106572109A (en) * 2016-11-08 2017-04-19 广东信鉴信息科技有限公司 Method for realizing encrypted communication based on TLS protocol and device
CN108156152A (en) * 2017-12-22 2018-06-12 北京百度网讯科技有限公司 Streaming Media downloads method, apparatus, storage medium and the terminal device with playing

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106550245A (en) * 2010-12-14 2017-03-29 苹果公司 Real-time or near real-time streaming with compression playlist
CN104471913A (en) * 2012-07-13 2015-03-25 华为技术有限公司 Signaling and handling content encryption and rights management in content transport and delivery
US20140101445A1 (en) * 2012-10-09 2014-04-10 Futurewei Technologies, Inc. Authenticated Encryption Support in ISO/IEC 23009-4
US20150379286A1 (en) * 2014-06-30 2015-12-31 Konica Minolta Laboratory U.S.A., Inc. Cryptographic key
CN105939484A (en) * 2016-06-14 2016-09-14 深圳创维数字技术有限公司 Audio/video encrypted playing method and system thereof
CN106331751A (en) * 2016-08-31 2017-01-11 广州易方信息科技有限公司 Online encrypted slice video playing method based on iOS operating system
CN106572109A (en) * 2016-11-08 2017-04-19 广东信鉴信息科技有限公司 Method for realizing encrypted communication based on TLS protocol and device
CN108156152A (en) * 2017-12-22 2018-06-12 北京百度网讯科技有限公司 Streaming Media downloads method, apparatus, storage medium and the terminal device with playing

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
蒋昊: ""关于hls和mpeg-dash中的加密方案的分析"", 《西部广播电视》 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112040268A (en) * 2020-08-11 2020-12-04 福建天泉教育科技有限公司 Video playing method and storage medium supporting user-defined DRM
CN112235258A (en) * 2020-09-24 2021-01-15 黄杰 Encryption/decryption method, encryption/decryption system, and encryption/decryption device for information transmission
CN113468567A (en) * 2021-07-02 2021-10-01 罗克佳华(重庆)科技有限公司 Data processing method and data processing equipment

Also Published As

Publication number Publication date
CN108924596B (en) 2020-11-13

Similar Documents

Publication Publication Date Title
CN109120998A (en) media data transmission method, device and storage medium
CN108965302B (en) Media data transmission system, method, device and storage medium
CN103650526B (en) Playlists for real-time or near real-time streaming
CN104380753B (en) For representing the system and method for the sectional encryption of adaptive stream media and cipher key derivative
JP5861220B2 (en) System and method for effective support for short term crypto periods in template mode
CN100591121C (en) Upgradable error elastic DRM used for upgradable medium
US10608815B2 (en) Content encryption and decryption using a custom key
CN104471913A (en) Signaling and handling content encryption and rights management in content transport and delivery
CN106067874B (en) It is a kind of by the method for data record to server end, terminal and server
CN108924596A (en) media data transmission method, device and storage medium
CN105071927B (en) Method is locally stored in a kind of mobile device data
CN110912690A (en) Data encryption and decryption method, vehicle and storage medium
CN110062014A (en) The encryption and decryption method and system of network model
CN109495258A (en) Method and device for decrypting monitoring data, computer equipment and storage medium
CN109561323B (en) MP4 file encryption and decryption method and device
JP6598044B2 (en) Information processing apparatus and information processing method
CN107222759A (en) Method, system, equipment and the medium of media file encryption and decryption
CN108989886A (en) A kind of method and system playing encrypted video
US20230208615A1 (en) Online-Streamer Image Model File Transmission in Co-Hosting During Livestreaming
CN110912941A (en) Transmission processing method and device for multicast data
CN110191360A (en) The device of multi-media processing method, multi-medium play method and corresponding method
CN113301038B (en) Web end video playing method and device
WO2021129676A1 (en) Uri construction method and apparatus, and medium and device
WO2005059776A2 (en) Key assignment method for content distribution
CN109218009A (en) It is a kind of to improve the method for device id safety, client and server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant