Welcome to Doom9's Forum, THE in-place to be for everyone interested in DVD conversion.

Before you start posting please read the forum rules. By posting to this forum you agree to abide by the rules.

 

Go Back   Doom9's Forum > General > Decrypting

Reply
 
Thread Tools Search this Thread Display Modes
Old 3rd June 2007, 19:31   #1  |  Link
Zotty
Registered User
 
Join Date: Sep 2006
Posts: 110
DecryptHD - Realtime decryption and streaming

Time to introduce a new tool called DecryptHD. While most other tools focus on 'backing up' an entire HD DVD, this one can be used for realtime decryption while streaming the decrypted movie to the player. It uses drive authentication to obtain the volume ID from it. This means it doesn't use a key database, but you do need a real drive. Without a real drive there's probably no point in realtime decryption anyway. Not wanting to watch all files on disc starting from A to Z, this also means it works on a per file basis. You have to specify the file you want to watch.

Atm this tool is Linux only for the simple reason that it's my normal desktop and development environment (Debian). So it's kinda obvious the targeted player is mplayer because of this. This is also where the streaming comes into the picture. The ffvc1 decoder not only works for normal playback from harddisk, but also supports streaming.

The current status of the tool is that it works and runs stable. But I've only tested it with the Bourne Supremacy, but I'm hoping that it should with all HD DVDs released to date. Mind the "hoping" though since a 1 disc test is not a 100% guarantee. See this as a testrun. It's written in C++ and if there's demand I'll release the source once the rough edges are gone. Also need to improve the subset-difference stuff first, it's kinda sucky the way it's implemented right now. Also both currently discovered processing keys are in it (let's get this into the open right away). The advantage of this is that there's no fiddling with keys, but the downside is that when keys get revoked/discovered, this will require an update of the app. Maybe I'll make a different solution at a later time, who knows.
If you run into trouble (so many things can go wrong), there's a log created called decrypthd.log in the same directory the tool is in. Please include it in any bug reports.

Right, enough talk, how does the damn thing work?

As you might have guessed it's console based (maybe a GUI in the future). It uses the following syntax:

Code:
decrypthd <device> <mountpoint> <filename> -o | <player>
This should sound familiar to most Linux users; First you need to plug in your drive if you haven't done so already (DUH!). I'v been using a Xbox360 HD DVD drive. Unmodified, just as you buy it in a store. Once plugged in you'll need to find it's device. Usually this is /dev/sr0 (it's alias is /dev/scd0). This is the <device> value and you need this for the drive authentication. Next mount the drive (the <mountpoint>). In short now you're good to go.
In reality however, you need to know the filename of the evo you want to watch. On the disc I've got here this is FEATURE_1.EVO (case sensitive). So look this up in the HVDVD_TS directory.
It uses OpenSSL for the signature calculations, so make sure you've got that.

Now fire the entire thing up (I'm assuming you've got the latest mplayer). You need to specify the demuxer and decoder:

Code:
decrypthd /dev/scd0 /mnt/hddvd/ FEATURE_1.EVO -o | mplayer -demuxer mpegps -vc ffvc1 -
Grab some popcorn and enjoy.

On a sidenote it's also possible to replace the -o and pipe stuff by a directory. In that case it doesn't stream to mplayer, but just outputs the decrypted content to that directory.

PS, a huge thanks to arnezami for figuring out the ECDSA stuff (and the rest ). Interresting stuff to dive into, but not at this time. And thanks to all others who have contributed to the information available here.

PS 2, in theory this approach should also work with a windows version of mplayer. This would require tweaking the code so it compiles under Windows, but it offers the possibility of banning that crappy PowerDVD

----------------------------- LATEST VERSION -----------------------

Links:
sourcecode at www.decrypthd.org/
binaries

Changelog
v0.5 - 2008/01/08
- Fixed bug where Title Key 0 resulted in an invalid key exception
- Split into libaacs and seperate tools
- Fixed memoryleaks
- Processingkeys are internal again
- Added CMake build system

v0.4 - 2007/11/28
- Added ACA file decryption
- Added XPL file decryption
- Rewrote logging code
- Improved error handling
- Improved utility usability
- Improved filesystem code
- HDDVDFS now detects files independant of case
- Renamed classes to better reflect their purpose
- External certificate/keys are used to overrule the internal ones
- Minor bug/leak fixes throughout the code

v0.3.1 - 2007/11/15
- Fixed bug that prevented Xbox 360 drive from authenticating
- Reduced memory I/O
- Minor fixes in HD DVD drive handling code

v0.3 - 2007/11/15
- Made drive, harddisk and HDDVDFS version (huge thanks to pensivepuppy)
- Keys/certificates/etc are replacable
- Rewritten stream decryption code
- Bug fixes
- Probably more which I don't remember

v0.2 - 2007/7/11
- Simultanious save to file while watching (use <output dir> -o)
- CMAC AES (for Volume ID verification)
- Code cleanup
- Resets AGIDs so it's no longer needed to manually reset the drive

v0.1 - 2007/6/3
- Initial release

Last edited by Zotty; 14th January 2008 at 23:56. Reason: Updated url and changelog
Zotty is offline   Reply With Quote
Old 3rd June 2007, 19:52   #2  |  Link
arnezami
Registered User
 
Join Date: Sep 2006
Posts: 390
Sounds really cool.

Completely open source huh. Wow.

arnezami
arnezami is offline   Reply With Quote
Old 3rd June 2007, 20:31   #3  |  Link
Zotty
Registered User
 
Join Date: Sep 2006
Posts: 110
Quote:
Originally Posted by arnezami View Post
Completely open source huh. Wow.
Yup, that's the idea.

Btw, a few things I just realised. I have no clue what the current state of audioplayback for VC-1 video is. Been running it on my server which has no audio. Maybe the peepz at MplayerHQ are still working on this?
Another thing is that this doesn't need an expensive video card! It's running rather smooth on a build into the chipset thingy (Intel G965).

Last edited by Zotty; 3rd June 2007 at 20:45.
Zotty is offline   Reply With Quote
Old 3rd June 2007, 21:02   #4  |  Link
Rufus210
Registered User
 
Join Date: Jan 2007
Posts: 15
Quote:
Originally Posted by Zotty View Post
Btw, a few things I just realised. I have no clue what the current state of audioplayback for VC-1 video is. Been running it on my server which has no audio. Maybe the peepz at MplayerHQ are still working on this?
Another thing is that this doesn't need an expensive video card! It's running rather smooth on a build into the chipset thingy (Intel G965).
The none of the new audio formats (DTS-HD, E-AC3/DD+ and TrueHD) are supported yet. DTS-HD is nice in that it's a backwards compatible format, meaning the ffmpeg DTS decoder will get a DTS stream, but not the advantage of the better quality HD stream. The only way to currently play the others at all is to use windows codecs. There's a tool for converting them to AC3, but it requires the windows codecs. Someone might be able to get the mplayer binary codec loader to load the audio codecs, but AFAIK the binary loader has only been used for video codecs so far. There is hope though, there's an ffmpeg summer of code project for E-AC3, but no TrueHD project yet (that I know of).

It would be nice if you could integrate this into mplayer directly. Something like `mplayer hddvd://' and it handles the decryption, reads the playlist, and starts playing tracks. Ideally it could even be made into a library, libaacs or something. That way any program (ffmpeg, mplayer, xine, etc) could just ask the library "open this disk" and "open this file" and the library does all the needed decryption. Kinda like libdvdcss.

It's always nice to see open-source linux work going on. Be sure to post this to mplayer's user list, and the -dev list if you're interested in integrating it into mplayer. Just be warned that mplayer devs are quite against C++, but that shouldn't be too big of a deal.

Last edited by Rufus210; 3rd June 2007 at 21:39.
Rufus210 is offline   Reply With Quote
Old 4th June 2007, 14:10   #5  |  Link
Adub
Fighting spam with a fish
 
Adub's Avatar
 
Join Date: Sep 2005
Posts: 2,685
This is a really cool idea, Zotty. Thank you very much. I have already archived a copy of the code, just in case.
__________________
FAQs:Bond's AVC/H.264 FAQ
Site:Adubvideo
Adub is offline   Reply With Quote
Old 4th June 2007, 19:54   #6  |  Link
qubic
Registered User
 
Join Date: Sep 2006
Posts: 49
Hi Zotty

I get these errors:

Quote:
[root@dhcppc0 ~]# /data/decrypthd /dev/scd0 /mnt/hddvd/ /mnt/hddvd/HVDVD_TS/THECAST.EVO -o
/data/decrypthd: /usr/lib/libcrypto.so.0.9.8: no version information available (required by /data/decrypthd)
/data/decrypthd: relocation error: /data/decrypthd: symbol EC_KEY_new, version OPENSSL_0.9.8 not defined in file libcrypto.so.0.9.8 with link time reference
[root@dhcppc0 ~]# /data/decrypthd /dev/scd0 /mnt/hddvd/ /mnt/hddvd/HVDVD_TS/THECAST.EVO -o
/data/decrypthd: /usr/lib/libcrypto.so.0.9.8: no version information available (required by /data/decrypthd)
ioctl failed: -1 errno 5 stat 0
Error fetching AGID, aborting. -1
[root@dhcppc0 ~]#
regards qub
qubic is offline   Reply With Quote
Old 4th June 2007, 20:22   #7  |  Link
xyz987
Registered User
 
Join Date: Dec 2006
Posts: 142
Great!



And yes, there is demand for source code ;-)
xyz987 is offline   Reply With Quote
Old 4th June 2007, 20:42   #8  |  Link
Sirber
retired developer
 
Sirber's Avatar
 
Join Date: Oct 2002
Location: Canada
Posts: 8,978
@qubic

you are missing libcrypto
__________________
Detritus Software
Sirber is offline   Reply With Quote
Old 4th June 2007, 23:48   #9  |  Link
jackelmatador
Registered User
 
Join Date: May 2007
Posts: 11
Zotty this is awesome! I was wondering if I should bother with my Xbox 360 drive as ripping and playing was sort of a pain, but now....I will try this tonight with planet earth and king kong and let you know how well it works!
jackelmatador is offline   Reply With Quote
Old 5th June 2007, 01:00   #10  |  Link
Galileo2000
Registered User
 
Join Date: Jan 2007
Posts: 224
Quote:
Originally Posted by Zotty
PS 2, in theory this approach should also work with a windows version of mplayer. This would require tweaking the code so it compiles under Windows, but it offers the possibility of banning that crappy PowerDVD
Zotty, we need a Windoz version
Galileo2000 is offline   Reply With Quote
Old 5th June 2007, 07:49   #11  |  Link
HyperHacker
Resident DRM Hater
 
HyperHacker's Avatar
 
Join Date: Oct 2006
Location: International waters
Posts: 242
Very nice. Could it be made to output to both a file and mplayer at the same time? Then you save time by creating0 a backup as you watch.

For the keys, I'd just use a keys.ini or similar file, having one processing key per line. It would just try each key in order, so new keys can be added to the end. However, keep a list of known keys built in as well; this would allow it to fall back or re-create keys.ini if the file is missing or corrupt.
__________________
Because Moogles pwn.
HyperHacker is offline   Reply With Quote
Old 5th June 2007, 12:16   #12  |  Link
spare
Registered User
 
Join Date: Jan 2006
Posts: 14
"Could it be made to output to both a file and mplayer at the same time? Then you save time by creating0 a backup as you watch."

Alright...

I know very little about linux (nothing about this subject) but because i wanted to do something "similar" once maybe I know the answer to this !!

Isn't there a program that accepts input in stdio and outputs it both to stdout and a list of named files ????

tee ???

So it would be something like:

decrypthd /dev/scd0 /mnt/hddvd/ FEATURE_1.EVO -o |

tee <path><filename> |

mplayer -demuxer mpegps -vc ffvc1 -

(on a per-file basis, of course, if you mean backup the entire "set", i don't know,... but this program doesn't do that anyway, right)


Hope it's helpful, like i said I'm just curious, not "knowledgeable"...
spare is offline   Reply With Quote
Old 5th June 2007, 12:23   #13  |  Link
qubic
Registered User
 
Join Date: Sep 2006
Posts: 49
Quote:
Originally Posted by Sirber View Post
@qubic

you are missing libcrypto
no, it is installed. version 0.9.8b.

I get the "EC_KEY_new" error once, and then it continous with the "ioctl" error. I have to reconnect the drive, to get the "EC_KEY_new" error again.
Unmounting and mounting the drive, is not enough.

the log is:

Quote:
*** Starting log ***

DecryptHD v0.1 (Jun 3 2007 21:52:35)
Device: /dev/scd0
Mountpoint: /mnt/hddvd/
Filename: /mnt/hddvd/HVDVD_TS/THECAST.EVO
Ouput dir: dumping to stdout
Chunksize: 65536

*** Setting up decrypter ***
Processing MKB
MKB filesize: 1000000
Extracting MKB version:
Type 266243, Version 1
Extracting U masks and UV numbers
Extracting Media Key Data
Detecting media
Detected HD DVD
Loading Title Key file
Extracting encrypted Title Keys:
Encrypted key 1: 5B2CF6D81024C18C4F54280F2E86D150
Encrypted key 2: 2ED608CE2384B0873138C288A30739CB
Encrypted key 3: 03A4B96F5AFB62CE54437C2A968C78EB
Encrypted key 4: 1E8082AA5AB23645B01FF95CF74603B6
Encrypted key 5: 812EB64622B848F7B16092B5037231E3
Encrypted key 6: F61921838D9B2E131EB97DDFB69C1B3C
Encrypted key 7: E969678D372C93D6F3F2C40EA2970FDB
Encrypted key 8: 04B8F5104E06DDB055E99EF44BDD56BD
Encrypted key 9: CD15EDCC39BFD202FA01032AEFCCE8A6
Encrypted key 10: 5AAEC6174259B9B5C3B23DD40E0AB57D
Encrypted key 11: A2CF3664C5C87CAB054B35F1A098DCA7
Encrypted key 12: CF5CE9527669B442FC07D0B1C1EB487A
Encrypted key 13: 18456DDB1F260A5852FD59B4A8A30680
Calculating Media Key:
Processing Key 09F911029D74E35BD84156C5635688C0
Media Key Data 0A1E9BEC716F34061519D8F6A0795A45
Decrypt result CCFB14DF10623C201C7BA4961C30708A
Media Key CCFB14DF10623C201C7BA4961C30708B
Verifying Media Key
Verify Data CEA882A57091F8EBB3C0F82C7F7C1576
Verify result 0123456789ABCDEF
Media Key is valid.
Device /dev/scd0 opened (handle 4)
Doing drive authentication

regards qub
qubic is offline   Reply With Quote
Old 5th June 2007, 12:28   #14  |  Link
qubic
Registered User
 
Join Date: Sep 2006
Posts: 49
Hi Zotty

please write log into $HOME or somthing. not current dir.

thanks.

-qub
qubic is offline   Reply With Quote
Old 5th June 2007, 20:26   #15  |  Link
Zotty
Registered User
 
Join Date: Sep 2006
Posts: 110
Quote:
Originally Posted by Rufus210 View Post
The none of the new audio formats (DTS-HD, E-AC3/DD+ and TrueHD) are supported yet. DTS-HD is nice in that it's a backwards compatible format, meaning the ffmpeg DTS decoder will get a DTS stream, but not the advantage of the better quality HD stream. The only way to currently play the others at all is to use windows codecs. There's a tool for converting them to AC3, but it requires the windows codecs. Someone might be able to get the mplayer binary codec loader to load the audio codecs, but AFAIK the binary loader has only been used for video codecs so far. There is hope though, there's an ffmpeg summer of code project for E-AC3, but no TrueHD project yet (that I know of).
Thanks for clearing this up. I really hope someone picks this up soon so we can all enjoy a more complete movie experience!

Quote:
It would be nice if you could integrate this into mplayer directly. Something like `mplayer hddvd://' and it handles the decryption, reads the playlist, and starts playing tracks. Ideally it could even be made into a library, libaacs or something. That way any program (ffmpeg, mplayer, xine, etc) could just ask the library "open this disk" and "open this file" and the library does all the needed decryption. Kinda like libdvdcss.
I love the idea, but they may be a problem; player certificate and processing keys. Unless a different solution is found, these are essential for authentication/decryption. Since there is no open-source certificate available, this would mean using the (perhaps revoked) certificate of an unnamed commercial player. IF it would be allowed in the source, it would probably make mplayer a prime target for AACS LA and friends.

Another option would be to make library of this like libcss. I haven't looked at how that one works, but the idea might be a potential possibility.

However just image this would work. How about adding total menu functionality aswell. Would be nice to have complete playback and not only the movie itself. Just pop in the disc, navigate the menu (subtitles, audiotracks, scne selection, extra's, etc.) and have fun for the coming 2 hours.

Quote:
Originally Posted by Galileo2000 View Post
Zotty, we need a Windoz version
When I've got some spare time I'll see if I can compile the latest mplayer source using mingw. If that works and it plays evo files from harddisk, 'tweaking' the app and testing would be the next logical step. Very doable imho.

Quote:
Originally Posted by HyperHacker View Post
Very nice. Could it be made to output to both a file and mplayer at the same time? Then you save time by creating0 a backup as you watch.
Should be easy to implement. Added to the todo list.

Quote:
For the keys, I'd just use a keys.ini or similar file, having one processing key per line. It would just try each key in order, so new keys can be added to the end. However, keep a list of known keys built in as well; this would allow it to fall back or re-create keys.ini if the file is missing or corrupt.
Right now it determines the version of the MKB and based on that decides which of the 2 currently known processing key and corresponding uv numbers to use. So there could/should be some backup functionality here indeed. Need to experiment a bit.

Quote:
Originally Posted by qubic View Post
no, it is installed. version 0.9.8b.

I get the "EC_KEY_new" error once, and then it continous with the "ioctl" error. I have to reconnect the drive, to get the "EC_KEY_new" error again.
Unmounting and mounting the drive, is not enough.

the log is:

...

regards qub
Haven't gotten a clue what goes wrong here. I'll try to find out more about what could be causing this. In any case it shouldn't continue and just exit reporting the error, so this could be a bug.
For the record, I'm using 0.9.8e (latest version available in my distro without building from source).

About the reconnecting, this is something I've noticed aswell during testing. This happens when drive authentication fails. According the AACS spec this is drive behaviour to be expected when authentication fails. I've always been able to reset this by ejecting the disc and inserting it again.

Quote:
Originally Posted by qubic View Post
Hi Zotty

please write log into $HOME or somthing. not current dir.

thanks.
-qub
How about $HOME by default and the ability to specify an optional different directory? Place decrypthd in your bin directory and keep the log stuff out of the root stuff.

Last edited by Zotty; 5th June 2007 at 20:39.
Zotty is offline   Reply With Quote
Old 7th June 2007, 19:15   #16  |  Link
jackelmatador
Registered User
 
Join Date: May 2007
Posts: 11
So I get the same error trying to play planet earth or king kong, I think I have something wrong with FFMPEG, but I don't know what. I tried it with FFMPEG installed from the synaptic manager, and by trying to compile the latest greatest svn then install

root@main:~# /home/stephan/decrypthd /dev/scd0 /media/KING_KONG/ FEATURE_1.EVO -o | mplayer -demuxer mpegps -vc ffvc1 -
MPlayer 2:1.0~rc1-0ubuntu9 (C) 2000-2006 MPlayer Team
CPU: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz (Family: 6, Model: 15, Stepping: 6)
CPUflags: MMX: 1 MMX2: 1 3DNow: 0 3DNow2: 0 SSE: 1 SSE2: 1
Compiled with runtime CPU detection.
Can't open joystick device /dev/input/js0: No such file or directory
Can't init input joystick
mplayer: could not open config files /root/.lircrc and /etc/lirc//lircrc
mplayer: No such file or directory
Failed to read LIRC config file ~/.lircrc.

Playing -.
Reading from stdin...
demux: File doesn't contain the selected audio or video stream.
MPEG: Missing video stream!? Contact the author, it may be a bug


Exiting... (End of file)
jackelmatador is offline   Reply With Quote
Old 7th June 2007, 19:29   #17  |  Link
jackelmatador
Registered User
 
Join Date: May 2007
Posts: 11
Ok I update my Mplayer (I thought I already did that, guess not) so that got video working but audio is not working for King Kong=(, as already stated may happen. Planet Earth works perfectly!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Also I guess this might be known but I have to do this from root, not even sudo works. Is that what qubic meant by log into home?
jackelmatador is offline   Reply With Quote
Old 7th June 2007, 21:41   #18  |  Link
qubic
Registered User
 
Join Date: Sep 2006
Posts: 49
Quote:
Also I guess this might be known but I have to do this from root, not even sudo works. Is that what qubic meant by log into home?
no. There is a logfile called "decrypthd.log" in the current working directory. This file should be written in $HOME. Which is the home directory of the user.


--qub
qubic is offline   Reply With Quote
Old 7th June 2007, 21:50   #19  |  Link
qubic
Registered User
 
Join Date: Sep 2006
Posts: 49
Quote:
Originally Posted by Zotty View Post
Haven't gotten a clue what goes wrong here. I'll try to find out more about what could be causing this. In any case it shouldn't continue and just exit reporting the error, so this could be a bug.
For the record, I'm using 0.9.8e (latest version available in my distro without building from source).
I have been trying to update to the latest. From source. No matter what, it compiles as 64-bit. I don't have a clue how to compile it to 32-bit.
Can anybody help?

Zotty, could you please compile it statically.

--qub
qubic is offline   Reply With Quote
Old 7th June 2007, 22:52   #20  |  Link
Zotty
Registered User
 
Join Date: Sep 2006
Posts: 110
Quote:
Originally Posted by jackelmatador View Post
Also I guess this might be known but I have to do this from root, not even sudo works. Is that what qubic meant by log into home?
The reason you need root for this is that some (or maybe all) discs are authored with about the worst rights you can get. You can't even fully see what's on the disc without root rights. And no fileaccess means no decrypting.
If I'm not mistaken the kernel is responsible for granting access to devices and it can't just grant access without valid rights. Would be a mess if this could easily be circumvented. The downside is that this restriction is kind of annoying in our situation. But the problem is caused by the way the discs are authored.
Would be nice if this can be solved though.

PS, working towards a weekend release...

Last edited by Zotty; 8th June 2007 at 07:37.
Zotty is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 20:09.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2017, vBulletin Solutions Inc.