Update signing / encryption code

This commit is contained in:
Florian Bach 2021-12-19 11:24:48 +01:00
parent 218d7e6e52
commit 2fae9b83a2
6 changed files with 29 additions and 24 deletions

View File

@ -1,10 +1,7 @@
#!/bin/bash
[ ! -f calibre-plugin/cryptography.zip ] && ./package_modules.sh
[ ! -f calibre-plugin/rsa.zip ] && ./package_modules.sh
[ ! -f calibre-plugin/asn1crypto.zip ] && ./package_modules.sh
[ ! -f calibre-plugin/oscrypto.zip ] && ./package_modules.sh
[ ! -f calibre-plugin/pyasn1.zip ] && ./package_modules.sh
pushd calibre-plugin
pushd keyextract
@ -15,7 +12,7 @@ make
popd
# Set module ID. This needs to be changed if any of the module ZIPs change.
echo -n "2021-12-15-01" > module_id.txt
echo -n "2021-12-19-03" > module_id.txt
# Copy LICENSE so it'll be included in the ZIP.
cp ../LICENSE LICENSE

View File

@ -138,7 +138,10 @@ class DeACSM(FileTypePlugin):
os.mkdir(rand_path)
names = ["cryptography.zip", "rsa.zip", "oscrypto.zip", "asn1crypto.zip", "pyasn1.zip"]
names = ["oscrypto.zip", "asn1crypto.zip"]
# oscrypto is needed to parse the pkcs12 data from Adobe.
# asn1crypto is a dependency of oscrypto.
lib_dict = self.load_resources(names)
@ -174,11 +177,8 @@ class DeACSM(FileTypePlugin):
# Rename temporary path to actual module path so this will be used next time.
os.rename(rand_path, self.moddir)
sys.path.insert(0, os.path.join(self.moddir, "cryptography"))
sys.path.insert(0, os.path.join(self.moddir, "rsa"))
sys.path.insert(0, os.path.join(self.moddir, "oscrypto"))
sys.path.insert(0, os.path.join(self.moddir, "asn1crypto"))
sys.path.insert(0, os.path.join(self.moddir, "pyasn1"))
# Okay, now all the modules are available, import the Adobe modules.

View File

@ -11,7 +11,6 @@ import urllib.request, ssl
from datetime import datetime, timedelta
from lxml import etree
import rsa
try:
from Crypto import Random
@ -26,9 +25,13 @@ except ImportError:
from Cryptodome.PublicKey import RSA
from Cryptodome.Hash import SHA
from oscrypto import keys
from oscrypto.asymmetric import dump_certificate, dump_private_key, dump_public_key
try:
from customRSA import CustomRSA
except:
from calibre_plugins.deacsm.customRSA import CustomRSA
from oscrypto import keys
from oscrypto.asymmetric import dump_certificate, dump_private_key
VAR_ACS_SERVER_HTTP = "http://adeactivate.adobe.com/adept"
@ -393,9 +396,9 @@ def addNonce():
def get_cert_from_pkcs12(_pkcs12, _key):
_, cert, _ = keys.parse_pkcs12(_pkcs12, _key)
cert = dump_certificate(cert, encoding="der")
return dump_certificate(cert, encoding="der")
return cert
def sign_node(node):
@ -421,17 +424,20 @@ def sign_node(node):
return None
my_pkcs12 = base64.b64decode(pkcs12)
my_priv_key, _, _ = keys.parse_pkcs12(my_pkcs12, base64.b64encode(devkey_bytes))
my_priv_key = dump_private_key(my_priv_key, None, "der")
key = rsa.PrivateKey.load_pkcs1(RSA.importKey(my_priv_key).exportKey())
keylen = rsa.pkcs1.common.byte_size(key.n)
padded = rsa.pkcs1._pad_for_signing(sha_hash, keylen)
payload = rsa.pkcs1.transform.bytes2int(padded)
encrypted = key.blinded_encrypt(payload)
block = rsa.pkcs1.transform.int2bytes(encrypted, keylen)
key = RSA.importKey(my_priv_key)
keylen = CustomRSA.byte_size(key.n)
padded = CustomRSA.pad_message(sha_hash, keylen)
payload = CustomRSA.transform_bytes2int(padded)
encrypted = CustomRSA.normal_encrypt(key, payload)
block = CustomRSA.transform_int2bytes(encrypted, keylen)
signature = base64.b64encode(block).decode()
# Debug
# print("sig is %s\n" % block.hex())
return signature

View File

@ -1,6 +1,6 @@
from lxml import etree
import base64
import os, locale, platform
import locale, platform
try:
from Crypto.PublicKey import RSA

View File

@ -2,7 +2,12 @@ from lxml import etree
import base64
import os, locale, platform
try:
from Crypto.Cipher import AES as _AES
except ImportError:
# Debian (and Ubuntu) ship pycryptodome, but not in its compatible mode with pycrypto
# If `Crypto` can't be found, try under pycryptodome's own namespace
from Cryptodome.Cipher import AES as _AES
class AES(object):
def __init__(self, key, iv):

View File

@ -3,10 +3,7 @@
pushd calibre-plugin
wget https://github.com/Leseratte10/acsm-calibre-plugin/releases/download/config/asn1crypto_1.4.0.zip -O asn1crypto.zip
wget https://github.com/Leseratte10/acsm-calibre-plugin/releases/download/config/cryptography_36.0.1.zip -O cryptography.zip
wget https://github.com/Leseratte10/acsm-calibre-plugin/releases/download/config/oscrypto_1.2.1.zip -O oscrypto.zip
wget https://github.com/Leseratte10/acsm-calibre-plugin/releases/download/config/pyasn1_0.4.8.zip -O pyasn1.zip
wget https://github.com/Leseratte10/acsm-calibre-plugin/releases/download/config/rsa_4.8.zip -O rsa.zip
popd