Secure streaming to the iPhone and iPod Touch (AES-128 - external method)

**sunsetsurf** · 08-18-2010, 07:27 AM

You mentioned that iPhone/iPod touch OS Version 3.0 is required for the external method. I wasn't sure if that limitation was written before OS Version 4 was released, so I am wondering if you know whether the external method continues to work on iPhones with OS 4?

If not, any suggested workarounds would be appreciated.

Thanks!

**charlie** · 08-18-2010, 12:55 PM

Both methods (internal and external) should still work on all iOS versions greater or equal to 3.0.

Charlie

**jdrepr** · 08-23-2010, 04:24 PM

This question is for Charlie. First, I understand that the examples provided in this tutorial are "provided as is with no expressed warranty". Now, I have set up secure streaming for iphone with the external php to distribute the key. The setup works with the provided php example, it plays when set to true and rejects when set to false. The problem I am having is that when I replace the if conditional statement in the example with my own if statement (statement has been tested and confirmed working on its own) the stream will reject correctly when user not logged in but when user is logged in the player attempts to play the video and seems to crash. The reason I believe it is crashing is because it will show the stream starting to play and sound even tries to play. I have been working on this for hours and hours, I have taken it apart and put it back together several times in several different ways with different statements that have been tested independently and I always get the same error. This error is different than when the key does not reach the browser or when the statement is null because these errors will actually bring up a prompt from the player that says "The stream cannot be player" or "You are not authorized to view this stream". I have spent countless hours reviewing the posts on this forum and any other information I could find online to no avail. I am reaching out to the experts and the community for any help as I am desperate.

Here is my php code for the key distribution:

PHP Code:


<?php



define( '_JEXEC', 1 );



define('JPATH_BASE', dirname(__FILE__) );



define( 'DS', DIRECTORY_SEPARATOR );



require_once JPATH_BASE.DS.'includes'.DS.'defines.php';



require_once JPATH_BASE.DS.'includes'.DS.'framework.php';



jimport( 'joomla.application.application' );



require_once ( JPATH_BASE .DS.'includes'.DS.'application.php' );



$mainframe =& JFactory::getApplication('site');



$mainframe->initialise();



$jUser = &JFactory::getUser();



function hex2bin($h)

{

if (!is_string($h))

return null;

$r = '';

for ($a=0;$a<strlen($h);$a+=2)

{

$r .= chr(hexdec($h{$a}.$h{($a+1)}));

}

return $r;

}





if ($jUser->get('gid') < 1 )

{

header('HTTP/1.0 403 Forbidden');

}

else

{

header('Content-Type: binary/octet-stream');

header('Pragma: no-cache');





echo hex2bin('865D26D502D3E31C67EABEDE6730A53D');



exit(); // this is needed to ensure cr/lf is not added to output

}



?>

All of the code above the function hex2bin is to load the infrastructure necessary to authenticate users, I have independently tested it and it does not appear to be interfering with the key process. It is only when I change the $isValid bool to my own conditional statement that the problem appears. If there is an option to receive specialized support from wowza media systems let me know what I need to do opt in on that, as it is very important that I resolve this issue as soon as possible.

**jdrepr** · 08-24-2010, 04:23 AM

Went at the problem again today and was able to resolve it. It appears that when I would change the original bool in the php example it would affect the output of the key in some way that I was never able to identify. So I left the original bool intact and added my if statement outside of the original script and that solved the issue. Here is my final code just in case it helps anybody with a similar problem.

PHP Code:


<?php



define( '_JEXEC', 1 );



define('JPATH_BASE', dirname(__FILE__) );



define( 'DS', DIRECTORY_SEPARATOR );



require_once JPATH_BASE.DS.'includes'.DS.'defines.php';



require_once JPATH_BASE.DS.'includes'.DS.'framework.php';



jimport( 'joomla.application.application' );



require_once ( JPATH_BASE .DS.'includes'.DS.'application.php' );



$mainframe =& JFactory::getApplication('site');



$mainframe->initialise();



$jUser = &JFactory::getUser();



if ($jUser->get('gid') < 1)

{

header('HTTP/1.0 403 Forbidden');

}



function hex2bin($h)

{

        if (!is_string($h))

                return null;

        $r = '';

        for ($a=0;$a<strlen($h);$a+=2)

        {

                $r .= chr(hexdec($h{$a}.$h{($a+1)}));

        }

        return $r;

}





$isValid = true;

if (! $isValid)

{

    header('HTTP/1.0 403 Forbidden');

}

else

{

    header('Content-Type: binary/octet-stream');

    header('Pragma: no-cache');





    echo hex2bin('865D26D502D3E31C67EABEDE6730A53D');



    exit(); // this is needed to ensure cr/lf is not added to output

}



?>

**derrick217** · 09-28-2010, 11:12 AM

In looking at the external method it looks like the main item is making sure you configure your key-url properly with ASP.NET, JSP or PHP. Correct?

With the internal method it appears to be a little more work since you have to compile your module in the Wowza IDE. Right?

I just want to make sure I understand both processes correctly.

Thanks,

Derrick

Thread: Secure streaming to the iPhone and iPod Touch (AES-128 - external method)

Thread Tools

Display

Issue Resolved

Posting Permissions