I searched through a lot of questions on SO but I can't find the answer, that's why I ask the following question:
An Android app should be able to play an encrypted video file (stored on the SD card and retrieved from a webserver).
The file has to be stored on the SD card so that the app can play the video file without having an active internet connection.
Because the video files may not be copied, the plan is to encrypt them server side when uploading the files to a webserver.
What is the best option?
1) I have seen suggestions for running a local webserver which decrypts the file (and how to do this?)
2) or should we decrypt the file, save it as a temporary file and set this temporary file as the source for the videoplayer?
3) something completely different?
You are trying to implement a DRM scheme, and a naive one at that. Look into DRM schemes and report back if you cannot implement the impossible. All you can hope for is obfuscation, and there are plenty of ways of doing that (none of them are secure of course).
What you need is DRM. Digital Rights Management (DRM) controls the access to your digital content such as video. Firstly, you need to encrypt the video with an encryption video like AES-128. Then with the use of DRM play in exoplayer. Exoplayer has DRM support. you can check here. https://exoplayer.dev/drm.html
You will expose the user to a waiting time if you choose to decrypt a entire big video beforehand. As of the security, you can guess it's a poor idea to have the contents in clear in a file, even temporary. The local webserver is a better choice because it's a streaming method, so without file storage. There is no class for an http server in the SDK, you have to implement your own one, otherwise look for an existing library similar to LocalSingleHttpServer.
Related
I am working on a cordova android application which will display images and videos.I have the images and videos in the assets folder.I want to protect my resources.I don't want anyone to copy the resources.I have googled for the same and didn't get any proper solution.How to protect files in assets?
Is there any way to encrypt and store videos in assets folder and decrypt it during run time?
My video files will be maximum of 10 MB each file and there are 50 videos in the whole application.
You can definitely do this with DRM - it won't stop someone copying the video files, but as they are encrypted they will not be able to play them back without the correct key.
The process is roughly:
your content is encrypted before it is streamed or downloaded
when the user wants to playback the content the app must request a key for the content from owner of the content or the 'rights authority' (a service which handles keys for content)
The DRM system on the device will securely encrypt the content and play it back using the key it obtained. The video will not be stored in clear format at any point.
Native Android DRM is explained here:
http://developer.android.com/reference/android/drm/package-summary.html
To use this with cordova I think you will have to create a Native plugin - I could not see any cordova DRM API. Alternatively, if you are able to stream the content using the new MPEG DASH format, then you could use a HTML5 video player which supports DRM, such as BitDASH (https://www.dash-player.com).
You need to be aware that all DRM and encryption systems are really just hurdles that make it harder to copy content - at the end of the day if you have a very high quality display and a very high quality camera to record the display, then no DRM protection will save you.
I want to play encrypted video files present on my device after decrypting them. I want to pre-process the data-stream and parallel play it using videoview like streaming video from Internet.
Is there any way I could buffer the processed data to videoview like a network stream ?
I think you are saying that you want to decrypt the video in one process and then pass the decrypted 'clear stream' video to another process to play it?
If the video is DRM protected, then your use case is very unlikely to be supported by any of the leading DRM solutions - they go to great lengths to ensure the clear stream video is not accessible by an application on the device (for obvious reasons).
If you are using or a simple encryption with the encryption key available to your application then you should be able to do this.
Update
Answering BMvit's question in the comment - one way is to follow these steps:
Stream the encrypted file from the server as usual, 'chunk by chunk'
On your Android device, read from the stream and decrypt each chunk as it is received
Using a localhost http server on your Android device, now 'serve' the decrypted chunks to the MediaPlayer (the media player should be set up to use a URL pointing at your localhost http server)
I am guessing this is the most likely the approach that the libMedia library uses, although I have never seen the source so I could not say for sure: http://libeasy.alwaysdata.net
It is worth being aware that this is tricky (which is probably why LibMedia is not free).
I have encrypted fiiles in the external Storage dir / the SD card. The files are crypted
images (jpg, bmp,...)
videos (3gp, mp4,...)
Pdfs
I want to load the bitmaps, videos or pdfs to load them in my ImageView, VideoView or open them via a pdf viewer. The problem is the files are secret. I dont want the files to be stored to open them. They could be read by others during the PDFviewer shows them for example.
Is there a way to directly open an image or pdf even though it is encrypted without copying an unencrypted copy?
If you want to keep your files as secret as possible for your app, I would use
javax.crypto.CipherInputStream
or a customized subclass of it. To do that you'll have to display your content embedded in your app, which is pretty straightforward for images and video. For PDFs you'll need to add a control which can display that kind of file to prevent others from getting access to the content.
Hope it helps.
You cite three scenarios: images into an ImageView, videos into a VideoView, and PDFs to a third-party app.
Images are easy. Make sure your decryption logic can give you an InputStream of the decrypted contents, then use appropriate methods on BitmapFactory.
I am not aware of a way to reliably serve videos to VideoView from an encrypted source. I know some people have experimented with embedding an HTTP server and streaming it.
You can publish a ContentProvider that supplies the decrypted content of a PDF to a third party app. This sample app just reads in the file, but you could use the same approach to decrypt it along the way.
All of this assumes that the user is the one responsible for requesting that this content be encrypted, and that you have collected a passphrase from the user. If, instead, your vision is that you are trying a DRM solution, anyone who wants to will be able to decrypt your content by reverse-engineering your app.
i am developing one android application. it download videos from server and store it in mobile.
i want to store those video in secure manner.(deny the user from copying. or deny them from viewing the video directly from sdcard)
i found two ways to solve the problem.
1)Store the video's inside the application.
2)Encrypt the entire video
but facing some problem in implementing solution
i)first solution found suitable. but i am fearing that. if we store too much video inside the application .it would become bulkier.and fore the user to uninstall.
ii)but in second solution. i did not find any correct way to do so.
so please help me to solve the problem.
This is kind of suggestion :
To store the videos you must have created some folder on SDCARD, so you can hide the folder by putting the "." in front of the name while creating it. on top of this you can encrypt the video file using AES algorithm so it can not be viewed, if copied outside the android it will not be view able. but from your application you can decry-pt the file and view it.
Definitively, you must encrypt the media and that's quite simple. What is more difficult is to play the media, because MediaPlayer only accepts clear contents. A basic way would be to convert an encrypted file to a decrypted one, just for the time of the playing session. A better approach is to build a stream from the file, decrypt that stream and feed it to the player. The hard point is to have a local http server to serve the stream.
I am trying to create an app that would download a file from a remote server and save it to the SD card. The file is quite confidential so I need an encryption for this. I would like it to be saved as encrypted. When I want to play the file, it should only be played on my media player which has the decrypt code. No other player can play that file. How is this possible? Thanks for any suggestions you may have.
If you don't want to be bothered with a delay by decrypting the entire file before to be able to start the playing, you should consider a streaming architecture. A typical design involves the javax.crypto.CipherInputStream class and a local http instance. For an example of that kind of design, look at something like LocalSingleHttpServer.