Update signing / encryption code

2021-12-19 11:24:48 +01:00 · 2021-12-19 11:24:48 +01:00 · 2fae9b83a2
parent 218d7e6e52
commit 2fae9b83a2
6 changed files with 29 additions and 24 deletions
--- a/bundle_calibre_plugin.sh
+++ b/bundle_calibre_plugin.sh
@ -1,10 +1,7 @@
 #!/bin/bash

-[ ! -f calibre-plugin/cryptography.zip ] && ./package_modules.sh
-[ ! -f calibre-plugin/rsa.zip ] && ./package_modules.sh
 [ ! -f calibre-plugin/asn1crypto.zip ] && ./package_modules.sh
 [ ! -f calibre-plugin/oscrypto.zip ] && ./package_modules.sh
-[ ! -f calibre-plugin/pyasn1.zip ] && ./package_modules.sh

 pushd calibre-plugin
 pushd keyextract
@ -15,7 +12,7 @@ make
 popd

 # Set module ID. This needs to be changed if any of the module ZIPs change.
-echo -n "2021-12-15-01" > module_id.txt
+echo -n "2021-12-19-03" > module_id.txt

 # Copy LICENSE so it'll be included in the ZIP.
 cp ../LICENSE LICENSE
--- a/calibre-plugin/init.py
+++ b/calibre-plugin/init.py
@ -138,7 +138,10 @@ class DeACSM(FileTypePlugin):

                os.mkdir(rand_path)

-                names = ["cryptography.zip", "rsa.zip", "oscrypto.zip", "asn1crypto.zip", "pyasn1.zip"]
+                names = ["oscrypto.zip", "asn1crypto.zip"]
+
+                # oscrypto is needed to parse the pkcs12 data from Adobe.
+                # asn1crypto is a dependency of oscrypto.
                    
                lib_dict = self.load_resources(names)

@ -174,11 +177,8 @@ class DeACSM(FileTypePlugin):
                # Rename temporary path to actual module path so this will be used next time.
                os.rename(rand_path, self.moddir)

-            sys.path.insert(0, os.path.join(self.moddir, "cryptography"))
-            sys.path.insert(0, os.path.join(self.moddir, "rsa"))
            sys.path.insert(0, os.path.join(self.moddir, "oscrypto"))
            sys.path.insert(0, os.path.join(self.moddir, "asn1crypto"))
-            sys.path.insert(0, os.path.join(self.moddir, "pyasn1"))
            
            # Okay, now all the modules are available, import the Adobe modules.

--- a/calibre-plugin/libadobe.py
+++ b/calibre-plugin/libadobe.py
@ -11,7 +11,6 @@ import urllib.request, ssl
 from datetime import datetime, timedelta

 from lxml import etree
-import rsa

 try:
    from Crypto import Random
@ -26,9 +25,13 @@ except ImportError:
    from Cryptodome.PublicKey import RSA
    from Cryptodome.Hash import SHA

-from oscrypto import keys
-from oscrypto.asymmetric import dump_certificate, dump_private_key, dump_public_key
+try: 
+    from customRSA import CustomRSA
+except: 
+    from calibre_plugins.deacsm.customRSA import CustomRSA

+from oscrypto import keys
+from oscrypto.asymmetric import dump_certificate, dump_private_key


 VAR_ACS_SERVER_HTTP = "http://adeactivate.adobe.com/adept"
@ -393,9 +396,9 @@ def addNonce():
 def get_cert_from_pkcs12(_pkcs12, _key):

    _, cert, _ = keys.parse_pkcs12(_pkcs12, _key)
-    cert = dump_certificate(cert, encoding="der")
+    return dump_certificate(cert, encoding="der")
+

-    return cert


 def sign_node(node):
@ -421,17 +424,20 @@ def sign_node(node):
        return None

    my_pkcs12 = base64.b64decode(pkcs12)
+
    my_priv_key, _, _ = keys.parse_pkcs12(my_pkcs12, base64.b64encode(devkey_bytes))
    my_priv_key = dump_private_key(my_priv_key, None, "der")

-    key = rsa.PrivateKey.load_pkcs1(RSA.importKey(my_priv_key).exportKey())
-    keylen = rsa.pkcs1.common.byte_size(key.n)
-    padded = rsa.pkcs1._pad_for_signing(sha_hash, keylen)
-    payload = rsa.pkcs1.transform.bytes2int(padded)
-    encrypted = key.blinded_encrypt(payload)
-    block = rsa.pkcs1.transform.int2bytes(encrypted, keylen)
+
+    key = RSA.importKey(my_priv_key)
+    keylen = CustomRSA.byte_size(key.n)
+    padded = CustomRSA.pad_message(sha_hash, keylen)
+    payload = CustomRSA.transform_bytes2int(padded)
+    encrypted = CustomRSA.normal_encrypt(key, payload)
+    block = CustomRSA.transform_int2bytes(encrypted, keylen)
    signature = base64.b64encode(block).decode()

+    # Debug
    # print("sig is %s\n" % block.hex())

    return signature
--- a/calibre-plugin/libadobeAccount.py
+++ b/calibre-plugin/libadobeAccount.py
@ -1,6 +1,6 @@
 from lxml import etree
 import base64
-import os, locale, platform
+import locale, platform

 try:
    from Crypto.PublicKey import RSA
--- a/calibre-plugin/libadobeImportAccount.py
+++ b/calibre-plugin/libadobeImportAccount.py
@ -2,7 +2,12 @@ from lxml import etree
 import base64
 import os, locale, platform

-from Crypto.Cipher import AES as _AES
+try: 
+    from Crypto.Cipher import AES as _AES
+except ImportError:
+    # Debian (and Ubuntu) ship pycryptodome, but not in its compatible mode with pycrypto
+    # If `Crypto` can't be found, try under pycryptodome's own namespace
+    from Cryptodome.Cipher import AES as _AES

 class AES(object):
    def __init__(self, key, iv):
--- a/package_modules.sh
+++ b/package_modules.sh
@ -3,10 +3,7 @@
 pushd calibre-plugin

 wget https://github.com/Leseratte10/acsm-calibre-plugin/releases/download/config/asn1crypto_1.4.0.zip -O asn1crypto.zip
-wget https://github.com/Leseratte10/acsm-calibre-plugin/releases/download/config/cryptography_36.0.1.zip -O cryptography.zip
 wget https://github.com/Leseratte10/acsm-calibre-plugin/releases/download/config/oscrypto_1.2.1.zip -O oscrypto.zip
-wget https://github.com/Leseratte10/acsm-calibre-plugin/releases/download/config/pyasn1_0.4.8.zip -O pyasn1.zip
-wget https://github.com/Leseratte10/acsm-calibre-plugin/releases/download/config/rsa_4.8.zip -O rsa.zip

 popd