Update signing / encryption code

This commit is contained in:
Florian Bach 2021-12-19 11:24:48 +01:00
parent 218d7e6e52
commit 2fae9b83a2
6 changed files with 29 additions and 24 deletions

View File

@ -1,10 +1,7 @@
#!/bin/bash #!/bin/bash
[ ! -f calibre-plugin/cryptography.zip ] && ./package_modules.sh
[ ! -f calibre-plugin/rsa.zip ] && ./package_modules.sh
[ ! -f calibre-plugin/asn1crypto.zip ] && ./package_modules.sh [ ! -f calibre-plugin/asn1crypto.zip ] && ./package_modules.sh
[ ! -f calibre-plugin/oscrypto.zip ] && ./package_modules.sh [ ! -f calibre-plugin/oscrypto.zip ] && ./package_modules.sh
[ ! -f calibre-plugin/pyasn1.zip ] && ./package_modules.sh
pushd calibre-plugin pushd calibre-plugin
pushd keyextract pushd keyextract
@ -15,7 +12,7 @@ make
popd popd
# Set module ID. This needs to be changed if any of the module ZIPs change. # Set module ID. This needs to be changed if any of the module ZIPs change.
echo -n "2021-12-15-01" > module_id.txt echo -n "2021-12-19-03" > module_id.txt
# Copy LICENSE so it'll be included in the ZIP. # Copy LICENSE so it'll be included in the ZIP.
cp ../LICENSE LICENSE cp ../LICENSE LICENSE

View File

@ -138,7 +138,10 @@ class DeACSM(FileTypePlugin):
os.mkdir(rand_path) os.mkdir(rand_path)
names = ["cryptography.zip", "rsa.zip", "oscrypto.zip", "asn1crypto.zip", "pyasn1.zip"] names = ["oscrypto.zip", "asn1crypto.zip"]
# oscrypto is needed to parse the pkcs12 data from Adobe.
# asn1crypto is a dependency of oscrypto.
lib_dict = self.load_resources(names) lib_dict = self.load_resources(names)
@ -174,11 +177,8 @@ class DeACSM(FileTypePlugin):
# Rename temporary path to actual module path so this will be used next time. # Rename temporary path to actual module path so this will be used next time.
os.rename(rand_path, self.moddir) os.rename(rand_path, self.moddir)
sys.path.insert(0, os.path.join(self.moddir, "cryptography"))
sys.path.insert(0, os.path.join(self.moddir, "rsa"))
sys.path.insert(0, os.path.join(self.moddir, "oscrypto")) sys.path.insert(0, os.path.join(self.moddir, "oscrypto"))
sys.path.insert(0, os.path.join(self.moddir, "asn1crypto")) sys.path.insert(0, os.path.join(self.moddir, "asn1crypto"))
sys.path.insert(0, os.path.join(self.moddir, "pyasn1"))
# Okay, now all the modules are available, import the Adobe modules. # Okay, now all the modules are available, import the Adobe modules.

View File

@ -11,7 +11,6 @@ import urllib.request, ssl
from datetime import datetime, timedelta from datetime import datetime, timedelta
from lxml import etree from lxml import etree
import rsa
try: try:
from Crypto import Random from Crypto import Random
@ -26,9 +25,13 @@ except ImportError:
from Cryptodome.PublicKey import RSA from Cryptodome.PublicKey import RSA
from Cryptodome.Hash import SHA from Cryptodome.Hash import SHA
from oscrypto import keys try:
from oscrypto.asymmetric import dump_certificate, dump_private_key, dump_public_key from customRSA import CustomRSA
except:
from calibre_plugins.deacsm.customRSA import CustomRSA
from oscrypto import keys
from oscrypto.asymmetric import dump_certificate, dump_private_key
VAR_ACS_SERVER_HTTP = "http://adeactivate.adobe.com/adept" VAR_ACS_SERVER_HTTP = "http://adeactivate.adobe.com/adept"
@ -393,9 +396,9 @@ def addNonce():
def get_cert_from_pkcs12(_pkcs12, _key): def get_cert_from_pkcs12(_pkcs12, _key):
_, cert, _ = keys.parse_pkcs12(_pkcs12, _key) _, cert, _ = keys.parse_pkcs12(_pkcs12, _key)
cert = dump_certificate(cert, encoding="der") return dump_certificate(cert, encoding="der")
return cert
def sign_node(node): def sign_node(node):
@ -421,17 +424,20 @@ def sign_node(node):
return None return None
my_pkcs12 = base64.b64decode(pkcs12) my_pkcs12 = base64.b64decode(pkcs12)
my_priv_key, _, _ = keys.parse_pkcs12(my_pkcs12, base64.b64encode(devkey_bytes)) my_priv_key, _, _ = keys.parse_pkcs12(my_pkcs12, base64.b64encode(devkey_bytes))
my_priv_key = dump_private_key(my_priv_key, None, "der") my_priv_key = dump_private_key(my_priv_key, None, "der")
key = rsa.PrivateKey.load_pkcs1(RSA.importKey(my_priv_key).exportKey())
keylen = rsa.pkcs1.common.byte_size(key.n) key = RSA.importKey(my_priv_key)
padded = rsa.pkcs1._pad_for_signing(sha_hash, keylen) keylen = CustomRSA.byte_size(key.n)
payload = rsa.pkcs1.transform.bytes2int(padded) padded = CustomRSA.pad_message(sha_hash, keylen)
encrypted = key.blinded_encrypt(payload) payload = CustomRSA.transform_bytes2int(padded)
block = rsa.pkcs1.transform.int2bytes(encrypted, keylen) encrypted = CustomRSA.normal_encrypt(key, payload)
block = CustomRSA.transform_int2bytes(encrypted, keylen)
signature = base64.b64encode(block).decode() signature = base64.b64encode(block).decode()
# Debug
# print("sig is %s\n" % block.hex()) # print("sig is %s\n" % block.hex())
return signature return signature

View File

@ -1,6 +1,6 @@
from lxml import etree from lxml import etree
import base64 import base64
import os, locale, platform import locale, platform
try: try:
from Crypto.PublicKey import RSA from Crypto.PublicKey import RSA

View File

@ -2,7 +2,12 @@ from lxml import etree
import base64 import base64
import os, locale, platform import os, locale, platform
try:
from Crypto.Cipher import AES as _AES from Crypto.Cipher import AES as _AES
except ImportError:
# Debian (and Ubuntu) ship pycryptodome, but not in its compatible mode with pycrypto
# If `Crypto` can't be found, try under pycryptodome's own namespace
from Cryptodome.Cipher import AES as _AES
class AES(object): class AES(object):
def __init__(self, key, iv): def __init__(self, key, iv):

View File

@ -3,10 +3,7 @@
pushd calibre-plugin pushd calibre-plugin
wget https://github.com/Leseratte10/acsm-calibre-plugin/releases/download/config/asn1crypto_1.4.0.zip -O asn1crypto.zip wget https://github.com/Leseratte10/acsm-calibre-plugin/releases/download/config/asn1crypto_1.4.0.zip -O asn1crypto.zip
wget https://github.com/Leseratte10/acsm-calibre-plugin/releases/download/config/cryptography_36.0.1.zip -O cryptography.zip
wget https://github.com/Leseratte10/acsm-calibre-plugin/releases/download/config/oscrypto_1.2.1.zip -O oscrypto.zip wget https://github.com/Leseratte10/acsm-calibre-plugin/releases/download/config/oscrypto_1.2.1.zip -O oscrypto.zip
wget https://github.com/Leseratte10/acsm-calibre-plugin/releases/download/config/pyasn1_0.4.8.zip -O pyasn1.zip
wget https://github.com/Leseratte10/acsm-calibre-plugin/releases/download/config/rsa_4.8.zip -O rsa.zip
popd popd