Skip to content

Commit e4bb709

Browse files
authored
Verifying with SEI returns OK also if SEI is not (#494)
The special case where a partial GOP is successfully validated, but the SEI is not should return success. A failing signature verification could be due to a bit flip of the SEI or a wrongly set Public key. All the content could still be correct for matching the GOP. This is in particular important when the SEI is not in sync. Co-authored-by: bjornvolcker <bjornvolcker@users.noreply.github.com>
1 parent b3e88ef commit e4bb709

File tree

1 file changed

+4
-2
lines changed

1 file changed

+4
-2
lines changed

lib/src/sv_auth.c

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -559,7 +559,9 @@ verify_hashes_with_sei(signed_video_t *self, bu_list_item_t *sei)
559559
mark_associated_items(bu_list, verify_success, linked_hash_ok, sei);
560560
}
561561

562-
return verify_success;
562+
// Return success also if the GOP hash is correct, but the SEI is not. This means that
563+
// The actual verification is correct.
564+
return verify_success || gop_hash_ok;
563565
}
564566

565567
/* Verifying hashes without the SEI means that we have nothing to verify against. Therefore, we mark
@@ -709,7 +711,7 @@ validate_authenticity(signed_video_t *self, bu_list_item_t *sei)
709711
// Marking this GOP as not OK by verify_hashes_without_sei().
710712
remove_sei_association(self->bu_list, sei);
711713
sei = NULL;
712-
verify_success = verify_hashes_without_sei(self, gop_info->num_sent);
714+
verify_success = verify_hashes_without_sei(self, num_expected);
713715
// If a GOP was verified without a SEI, increment the |current_partial_gop|.
714716
if (validation_flags->signing_present && verify_success) {
715717
gop_info->current_partial_gop++;

0 commit comments

Comments
 (0)