Moves sv_update_hashable_data() into BU parser (#436)

Previously SEIs were postprocessed to update the
hashable_data_size after parsing the BU. This is now done as
part of the parsing.

The function sv_update_hashable_data() has been removed.

Author: bjornvolcker

lib/src/sv_auth.c

@@ -1283,29 +1283,6 @@ maybe_validate_gop(signed_video_t *self, bu_info_t *bu)
   return status;
 }
 
-/* This function updates the hashable part of the Bitstream Unit (BU) data. The default assumption
- * is that all bytes from BU header to stop bit are hashed. This holds for all BU types but the
- * Signed Video generated SEIs. For these, the last X bytes storing the signature are not hashed.
- *
- * In this function we update the bu_info_t member |hashable_data_size| w.r.t. that. The pointer
- * to the start is still the same. */
-void
-sv_update_hashable_data(bu_info_t *bu)
-{
-  assert(bu && (bu->is_valid > 0));
-  if (!bu->is_hashable || !bu->is_sv_sei) return;
-
-  // This is a Signed Video generated BU of type SEI. As payload it holds TLV data where the last
-  // chunk is supposed to be the signature. That part should not be hashed, hence we need to
-  // re-calculate hashable_data_size by subtracting the number of bytes (including potential
-  // emulation prevention bytes) coresponding to that tag. This is done by scanning the TLV for that
-  // tag.
-  const uint8_t *signature_tag_ptr =
-      sv_tlv_find_tag(bu->tlv_start_in_bu_data, bu->tlv_size, SIGNATURE_TAG, bu->with_epb);
-
-  if (signature_tag_ptr) bu->hashable_data_size = signature_tag_ptr - bu->hashable_data;
-}
-
 /* A valid BU is registered by hashing and adding to the |item|. */
 static svrc_t
 register_bu(signed_video_t *self, bu_list_item_t *item)
@@ -1316,7 +1293,6 @@ register_bu(signed_video_t *self, bu_list_item_t *item)
   if (bu->is_valid == 0) return SV_OK;
 
   extract_optional_info_from_sei(self, item);
-  sv_update_hashable_data(bu);
 
   svrc_t status = SV_UNKNOWN_FAILURE;
   SV_TRY()

lib/src/sv_common.c

@@ -385,8 +385,20 @@ remove_epb_from_sei_payload(bu_info_t *bu)
   bu->with_epb = (bu->reserved_byte & 0x80);  // Hash with emulation prevention bytes
   bu->is_golden_sei = (bu->reserved_byte & 0x40);  // The BU is a golden SEI.
 
-  if (bu->emulation_prevention_bytes <= 0) return;
+  // Check if the SEI is signed, i.e., a signature TLV tag exists. This is only possible
+  // if TLV data size (computed from the payload size) fit within the total data size.
+  const uint8_t *signature_ptr = NULL;
+  if (bu->hashable_data_size > bu->tlv_size) {
+    bool has_epb = bu->emulation_prevention_bytes > 0;
+    signature_ptr = sv_tlv_find_tag(bu->tlv_data, bu->tlv_size, SIGNATURE_TAG, has_epb);
+  }
+  bu->is_signed = (signature_ptr != NULL);
+  // If the SEI is signed the hashable part of the SEI ends at the signature tag.
+  if (bu->is_signed) {
+    bu->hashable_data_size = signature_ptr - bu->hashable_data;
+  }
 
+  if (bu->emulation_prevention_bytes <= 0) return;
   // We need to read byte by byte to a new memory and remove any emulation prevention bytes.
   uint16_t last_two_bytes = LAST_TWO_BYTES_INIT_VALUE;
   // Complete data size including stop bit (byte). Note that |payload_size| excludes the final byte
@@ -407,10 +419,17 @@ remove_epb_from_sei_payload(bu_info_t *bu)
     // Point |tlv_data| to the first byte of the TLV part in |nalu_data_wo_epb|.
     bu->tlv_data = &bu->nalu_data_wo_epb[data_size - bu->payload_size + UUID_LEN];
     if (!bu->with_epb) {
+      // Find the signature tag again, but now after emulation prevention has been
+      // removed, to get the correct size of the hashable part.
+      signature_ptr = sv_tlv_find_tag(bu->tlv_data, bu->tlv_size, SIGNATURE_TAG, false);
       // If the SEI was hashed before applying emulation prevention, update |hashable_data|.
       bu->hashable_data = bu->nalu_data_wo_epb;
-      bu->hashable_data_size = data_size;
       bu->tlv_start_in_bu_data = bu->tlv_data;
+      if (bu->is_signed) {
+        bu->hashable_data_size = signature_ptr - bu->hashable_data;
+      } else {
+        bu->hashable_data_size = data_size;
+      }
     }
   }
 }
@@ -560,14 +579,6 @@ parse_bu_info(const uint8_t *bu_data,
     }
 
     remove_epb_from_sei_payload(&bu);
-    if (bu.emulation_prevention_bytes >= 0 && (bu.hashable_data_size > bu.tlv_size)) {
-      // Check if a signature TLV tag exists. If number of computed emulation prevention
-      // bytes is negative, either the SEI is currupt or incomplete. Or if there is enough
-      // TLV data.
-      const uint8_t *signature_tag =
-          sv_tlv_find_tag(bu.tlv_data, bu.tlv_size, SIGNATURE_TAG, false);
-      bu.is_signed = (signature_tag != NULL);
-    }
     // Update |is_hashable| w.r.t. signed or not.
     bu.is_hashable |= bu.is_sv_sei && !bu.is_signed;
   }

lib/src/sv_internal.h

@@ -397,9 +397,6 @@ parse_bu_info(const uint8_t *bu_data,
 void
 copy_bu_except_pointers(bu_info_t *dst_bu, const bu_info_t *src_bu);
 
-void
-sv_update_hashable_data(bu_info_t *bu);
-
 void
 sv_bytes_to_version_str(const int *arr, char *str);
 

lib/src/sv_sign.c

@@ -445,7 +445,6 @@ complete_sei(signed_video_t *self)
     uint8_t test_hash[MAX_HASH_SIZE];
     bu_info_t test_bu_info =
         parse_bu_info(sei, sei_data->completed_sei_size, self->codec, false, true);
-    sv_update_hashable_data(&test_bu_info);
     SV_THROW(sv_simply_hash(self, &test_bu_info, test_hash, self->sign_data->hash_size));
     free(test_bu_info.nalu_data_wo_epb);
     // Borrow hash and signature from |sign_data|.

tests/check/check_signed_video_sign.c

@@ -849,7 +849,6 @@ START_TEST(w_wo_emulation_prevention_bytes)
     ck_assert(seis[ii]);
     sei_sizes[ii] = sei_size;
     bu[ii] = parse_bu_info(seis[ii], sei_sizes[ii], codec, false, true);
-    sv_update_hashable_data(&bu[ii]);
     signed_video_free(sv);
     sv = NULL;
   }