Skip to content

Commit a711a92

Browse files
bjornvolckerbjornvolcker
authored
Code cleanup of prepare_for_validation (#465)
Now uses validation flag num_lost_seis and only detects lost SEIs once. Also renames compute gop hash function since it now only computes it. Also renames update link hash function.
1 parent 59139d0 commit a711a92

File tree

1 file changed

+21
-18
lines changed

1 file changed

+21
-18
lines changed

lib/src/sv_auth.c

Lines changed: 21 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -112,7 +112,6 @@ decode_sei_data(signed_video_t *self, const uint8_t *payload, size_t payload_siz
112112
gop_info->num_partial_gop_wraparounds++;
113113
}
114114
}
115-
detect_lost_sei(self);
116115

117116
return status;
118117
}
@@ -232,7 +231,7 @@ mark_associated_items(bu_list_t *bu_list, bool set_valid, bool link_ok, bu_list_
232231
* linked hash with the first BU hash and marks it as used.
233232
*/
234233
static void
235-
update_link_hash_for_auth(signed_video_t *self, const bu_list_item_t *sei)
234+
update_link_hash(signed_video_t *self, const bu_list_item_t *sei)
236235
{
237236
const size_t hash_size = self->verify_data->hash_size;
238237
bu_list_item_t *item = self->bu_list->first_item;
@@ -264,14 +263,13 @@ reset_linked_hash(signed_video_t *self)
264263
memset(self->gop_info->linked_hashes, 0, 2 * MAX_HASH_SIZE);
265264
}
266265

267-
/* Marks the Bitstream Units (BU) that are used in GOP hash and computes the GOP hash.
266+
/* Computes the GOP hash from Bitstream Units (BU) in the |bu_list|
268267
*
269268
* This function iterates through the BU list, identifies the BUs that belong to the
270-
* current GOP, and marks them as used in the GOP hash. It initializes the GOP hash and
271-
* updates it with each incoming BU that belongs to the GOP.
269+
* current partial GOP, and associates them with the current |sei|.
272270
*/
273271
static svrc_t
274-
prepare_for_link_and_gop_hash_verification(signed_video_t *self, bu_list_item_t *sei)
272+
compute_gop_hash(signed_video_t *self, bu_list_item_t *sei)
275273
{
276274
// Ensure the `self` pointer is valid
277275
assert(self);
@@ -975,7 +973,6 @@ prepare_for_validation(signed_video_t *self, bu_list_item_t **sei)
975973
(*sei)->in_validation = true;
976974
if (!(*sei)->has_been_decoded) {
977975
// Decode the SEI and set signature->hash
978-
self->latest_validation->public_key_has_changed = false;
979976
const uint8_t *tlv_data = (*sei)->bu->tlv_data;
980977
size_t tlv_size = (*sei)->bu->tlv_size;
981978
SV_THROW(decode_sei_data(self, tlv_data, tlv_size));
@@ -984,7 +981,7 @@ prepare_for_validation(signed_video_t *self, bu_list_item_t **sei)
984981
}
985982
detect_lost_sei(self);
986983
// Mark status of |sei| based on signature verification.
987-
if (!validation_flags->has_lost_sei) {
984+
if (validation_flags->num_lost_seis == 0) {
988985
if ((*sei)->bu->is_signed) {
989986
switch ((*sei)->verified_signature) {
990987
case 1:
@@ -1001,12 +998,27 @@ prepare_for_validation(signed_video_t *self, bu_list_item_t **sei)
1001998
} else {
1002999
(*sei)->validation_status_if_sei_ok = '.';
10031000
}
1001+
} else if (validation_flags->num_lost_seis < 0) {
1002+
if ((*sei)->bu->is_signed) {
1003+
(*sei)->tmp_validation_status = 'N';
1004+
} else {
1005+
(*sei)->validation_status_if_sei_ok = 'N';
1006+
}
10041007
}
1005-
SV_THROW(prepare_for_link_and_gop_hash_verification(self, *sei));
1008+
SV_THROW(compute_gop_hash(self, *sei));
1009+
update_link_hash(self, *sei);
10061010

10071011
SV_THROW_IF_WITH_MSG(validation_flags->signing_present && !self->has_public_key,
10081012
SV_NOT_SUPPORTED, "No public key present");
10091013

1014+
// For SEIs, transfer the result of the signature verification.
1015+
if ((*sei)->bu->is_signed) {
1016+
self->gop_info->verified_signature_hash = (*sei)->verified_signature;
1017+
} else {
1018+
self->gop_info->verified_signature_hash = 1;
1019+
}
1020+
validation_flags->waiting_for_signature = !(*sei)->bu->is_signed;
1021+
10101022
#ifdef SV_VENDOR_AXIS_COMMUNICATIONS
10111023
// If "Axis Communications AB" can be identified from the |product_info|, get
10121024
// |supplemental_authenticity| from |vendor_handle|.
@@ -1035,14 +1047,6 @@ prepare_for_validation(signed_video_t *self, bu_list_item_t **sei)
10351047
}
10361048
#endif
10371049

1038-
// For SEIs, transfer the result of the signature verification.
1039-
if ((*sei)->bu->is_signed) {
1040-
self->gop_info->verified_signature_hash = (*sei)->verified_signature;
1041-
} else {
1042-
self->gop_info->verified_signature_hash = 1;
1043-
}
1044-
validation_flags->waiting_for_signature = !(*sei)->bu->is_signed;
1045-
10461050
SV_CATCH()
10471051
SV_DONE(status)
10481052

@@ -1232,7 +1236,6 @@ maybe_validate_gop(signed_video_t *self, bu_info_t *bu)
12321236
}
12331237

12341238
SV_THROW(prepare_for_validation(self, &sei));
1235-
update_link_hash_for_auth(self, sei);
12361239

12371240
if (!validation_flags->signing_present) {
12381241
latest->authenticity = SV_AUTH_RESULT_NOT_SIGNED;

0 commit comments

Comments
 (0)