All Products
Search
Document Center

Obtain the security file

Last Updated: Sep 13, 2018

For security, VoD encrypts videos. Encrypted videos are decrypted by the player. As encryption and decryption processes are required, a security file must be obtained first for downloading the player. The following section describes how to obtain the security file.

Target audience

Developers requiring “security image” for client player download.

Enable secure downloading and generate a security file

  1. Make sure that the VoD service is activated. For information about how to enable the Alibaba Cloud VoD service, see start to use VoD.
  2. In the Alibaba Cloud console, select Media Services > VoD > Global Settings > Download, enable the Download function, and select Encrypted.
  3. Two values are required to obtain the key: how to obtain the unique application ID.
    • Android: The sha1 key must be provided. Except for using the command line, you can also use the following code to directly generate the key.
      1. //Method for obtaining SHA1
      2. public static String getCertificateSHA1Fingerprint(Context context) {
      3. //Obtain the package manager.
      4. PackageManager pm = context.getPackageManager();
      5. //Obtain the name of the package of SHA1 to be obtained. You can also use another package name.
      6. //However, note that the prerequisite of using another package name is that the Context parameter transmitted in this method is the context of the corresponding package.
      7. String packageName = context.getPackageName();
      8. //Return the signature information contained in the package.
      9. int flags = PackageManager.GET_SIGNATURES;
      10. PackageInfo packageInfo = null;
      11. try {
      12. //Obtain all content information categories of the package.
      13. packageInfo = pm.getPackageInfo(packageName, flags);
      14. } catch (PackageManager.NameNotFoundException e) {
      15. e.printStackTrace();
      16. }
      17. //Signature information
      18. Signature[] signatures = packageInfo.signatures;
      19. byte[] cert = signatures[0].toByteArray();
      20. //Convert the signature to a byte array stream.
      21. InputStream input = new ByteArrayInputStream(cert);
      22. //Certificate factory category, which implements the factory certificate algorithm function.
      23. CertificateFactory cf = null;
      24. try {
      25. cf = CertificateFactory.getInstance("X509");
      26. } catch (CertificateException e) {
      27. e.printStackTrace();
      28. }
      29. //X509 certificate, which is a common certificate format.
      30. X509Certificate c = null;
      31. try {
      32. c = (X509Certificate) cf.generateCertificate(input);
      33. } catch (CertificateException e) {
      34. e.printStackTrace();
      35. }
      36. String hexString = null;
      37. try {
      38. //Encryption algorithm category. The parameters can use encryption algorithms like MD4 and MD5.
      39. MessageDigest md = MessageDigest.getInstance("SHA1");
      40. //Obtain the public key.
      41. byte[] publicKey = md.digest(c.getEncoded());
      42. //Format conversion from byte to hexadecimal
      43. hexString = byte2HexFormatted(publicKey);
      44. } catch (NoSuchAlgorithmException e1) {
      45. e1.printStackTrace();
      46. } catch (CertificateEncodingException e) {
      47. e.printStackTrace();
      48. }
      49. return hexString;
      50. }
      51. //Convert the obtained code to a hexadecimal string.
      52. private static String byte2HexFormatted(byte[] arr) {
      53. StringBuilder str = new StringBuilder(arr.length * 2);
      54. for (int i = 0; i < arr.length; i++) {
      55. String h = Integer.toHexString(arr[i]);
      56. int l = h.length();
      57. if (l == 1)
      58. h = "0" + h;
      59. if (l > 2)
      60. h = h.substring(l - 2, l);
      61. str.append(h.toUpperCase());
      62. if (i < (arr.length - 1))
      63. str.append(':');
      64. }
      65. return str.toString();
      66. }
    • iOS: You can directly enter bundleID.
  4. Two values are required to obtain the key. You can enter a number with 16 to 32 bits for the offline decryption private key.
  5. After entering, click Generate Key and Download to obtain the expected security image.

Note: The prerequisite of providing the algorithm to obtain sha1 is to obtain the sha1 of the default keystore signature. If you finally release a package of another keystore, we recommend that you directly configure release keystore in the gradle file and obtain sha1 using the preceding method.

  1. //The following example shows how to configure keystore. You can replace `keystore` as needed, and the prerequisite for all configurations is that you have put `keystore` in the root directory of this project.
  2. signingConfigs {
  3. debug {
  4. storeFile file("$rootDir/debug.keystore")
  5. storePassword "android"
  6. keyAlias "androiddebugkey"
  7. keyPassword "android"
  8. }
  9. release {
  10. storeFile file("$rootDir/debug.keystore")
  11. storePassword "android"
  12. keyAlias "androiddebugkey"
  13. keyPassword "android"
  14. }
  15. }
  16. buildTypes {
  17. debug {
  18. multiDexEnabled true
  19. signingConfig signingConfigs.debug
  20. minifyEnabled false
  21. proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
  22. }
  23. release {
  24. minifyEnabled true
  25. multiDexEnabled true
  26. signingConfig signingConfigs.release
  27. proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
  28. }
  29. }