diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index b136b4b..0cd3b29 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -24,4 +24,17 @@ jobs:
name: linux
path: |
calibre-plugin.zip
-
\ No newline at end of file
+
+ test-linux:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v2
+
+ - name: Install dependencies
+ run: |
+ pip3 install freezegun lxml pycryptodome rsa oscrypto
+
+ - name: Run tests
+ run: |
+ cd tests && ./main.py
+
diff --git a/calibre-plugin/libadobeAccount.py b/calibre-plugin/libadobeAccount.py
index 2c136c9..cd202f5 100644
--- a/calibre-plugin/libadobeAccount.py
+++ b/calibre-plugin/libadobeAccount.py
@@ -216,9 +216,18 @@ def createUser(useVersionIndex: int = 0, authCert = None):
return True, "Done"
def encryptLoginCredentials(username: str, password: str, authenticationCertificate: str):
- f = open(get_devkey_path(), "rb")
- devkey_bytes = f.read()
- f.close()
+
+ try:
+ from calibre_plugins.deacsm.libadobe import devkey_bytes as devkey_adobe
+ except:
+ from libadobe import devkey_bytes as devkey_adobe
+
+ if devkey_adobe is not None:
+ devkey_bytes = devkey_adobe
+ else:
+ f = open(get_devkey_path(), "rb")
+ devkey_bytes = f.read()
+ f.close()
_authenticationCertificate = base64.b64decode(authenticationCertificate)
diff --git a/calibre-plugin/libadobeFulfill.py b/calibre-plugin/libadobeFulfill.py
index d22efe3..a1fbd7c 100644
--- a/calibre-plugin/libadobeFulfill.py
+++ b/calibre-plugin/libadobeFulfill.py
@@ -145,9 +145,18 @@ def buildAuthRequest():
user_pkcs12 = base64.b64decode(activationxml.find("./%s/%s" % (adNS("credentials"), adNS("pkcs12"))).text)
- f = open(get_devkey_path(), "rb")
- devkey_bytes = f.read()
- f.close()
+ try:
+ from calibre_plugins.deacsm.libadobe import devkey_bytes as devkey_adobe
+ except:
+ from libadobe import devkey_bytes as devkey_adobe
+
+ if devkey_adobe is not None:
+ devkey_bytes = devkey_adobe
+ else:
+ f = open(get_devkey_path(), "rb")
+ devkey_bytes = f.read()
+ f.close()
+
my_cert = get_cert_from_pkcs12(user_pkcs12, base64.b64encode(devkey_bytes))
diff --git a/tests/main.py b/tests/main.py
new file mode 100755
index 0000000..de26650
--- /dev/null
+++ b/tests/main.py
@@ -0,0 +1,228 @@
+#!/usr/bin/python3 -W ignore::DeprecationWarning
+
+import sys
+sys.path.append("../calibre-plugin")
+
+
+import unittest
+import base64
+from freezegun import freeze_time
+from unittest.mock import patch
+from lxml import etree
+
+
+try:
+ from Cryptodome.PublicKey import RSA
+ from Cryptodome.Cipher import PKCS1_v1_5
+except ImportError:
+ from Crypto.PublicKey import RSA
+ from Crypto.Cipher import PKCS1_v1_5
+
+import libadobe # type: ignore
+import libadobeAccount # type: ignore
+from getEncryptionKeyLinux import unfuck as fix_wine_username # type: ignore
+from libpdf import trim_encrypt_string, cleanup_encrypt_element, deflate_and_base64_encode # type: ignore
+
+
+class TestAdobe(unittest.TestCase):
+
+ def setUp(self):
+ pass
+
+ def tearDown(self):
+ pass
+
+ def forcefail(self):
+ self.assertEqual(1, 2, "force fail")
+
+
+ def test_checkIfVersionListsAreValid(self):
+ '''These lists must have the same amount of elements, otherwise stuff will break.'''
+
+ self.assertEqual(len(libadobe.VAR_VER_SUPP_CONFIG_NAMES), len(libadobe.VAR_VER_SUPP_VERSIONS), "Version lists seem to be invalid")
+ self.assertEqual(len(libadobe.VAR_VER_SUPP_CONFIG_NAMES), len(libadobe.VAR_VER_HOBBES_VERSIONS), "Version lists seem to be invalid")
+ self.assertEqual(len(libadobe.VAR_VER_SUPP_CONFIG_NAMES), len(libadobe.VAR_VER_OS_IDENTIFIERS), "Version lists seem to be invalid")
+ self.assertEqual(len(libadobe.VAR_VER_SUPP_CONFIG_NAMES), len(libadobe.VAR_VER_BUILD_IDS), "Version lists seem to be invalid")
+
+ def test_checkSystemIdentifiers(self):
+ '''Check if we can figure out necessary system IDs.'''
+ self.assertEqual((len(libadobe.get_mac_address())), 6, "MAC address invalid")
+ self.assertEqual((len(libadobe.makeSerial(False))), 40, "SHA1 hash for device serial invalid (device-based)")
+ self.assertEqual((len(libadobe.makeSerial(True))), 40, "SHA1 hash for device serial invalid (random)")
+
+
+ @patch("libadobe.Random")
+ def test_deviceKeyEncryption(self, random):
+ '''Check if encryption with the device key works properly.'''
+
+ # Overwrite the get_random_bytes function that's used to get a random IV
+ # Forcing hard-coded IV ...
+ random.get_random_bytes._mock_side_effect = lambda rndlen: bytes([0xc2, 0x3b, 0x0f, 0xde, 0xf2, 0x4a, 0xc3, 0x03,
+ 0xae, 0xc8, 0x70, 0xd4, 0x46, 0x6c, 0x8b, 0xb0])
+
+
+ libadobe.devkey_bytes = bytes([0xf8, 0x7a, 0xfc, 0x8c, 0x75, 0x25, 0xdc, 0x4b, 0x83, 0xec, 0x0c, 0xe2, 0xab, 0x4b, 0xef, 0x51])
+ mock_data = b"Test message"
+ mock_result = libadobe.encrypt_with_device_key(mock_data)
+ expected_result = bytes([0xc2, 0x3b, 0x0f, 0xde, 0xf2, 0x4a, 0xc3, 0x03, 0xae, 0xc8, 0x70, 0xd4,
+ 0x46, 0x6c, 0x8b, 0xb0, 0x23, 0x5a, 0xd3, 0x1b, 0x4e, 0x2b, 0x12, 0x79,
+ 0x85, 0x63, 0x2d, 0x01, 0xa4, 0xe8, 0x29, 0x22])
+
+ self.assertEqual(mock_result, expected_result, "devkey encryption returned invalid result")
+
+ def test_deviceKeyDecryption(self):
+ '''Check if decryption with the device key works properly.'''
+
+ libadobe.devkey_bytes = bytes([0xf8, 0x7a, 0xfc, 0x8c, 0x75, 0x25, 0xdc, 0x4b, 0x83, 0xec, 0x0c, 0xe2, 0xab, 0x4b, 0xef, 0x51])
+
+ mock_data = bytes([0xc2, 0x3b, 0x0f, 0xde, 0xf2, 0x4a, 0xc3, 0x03, 0xae, 0xc8, 0x70, 0xd4,
+ 0x46, 0x6c, 0x8b, 0xb0, 0x23, 0x5a, 0xd3, 0x1b, 0x4e, 0x2b, 0x12, 0x79,
+ 0x85, 0x63, 0x2d, 0x01, 0xa4, 0xe8, 0x29, 0x22])
+
+ mock_result = libadobe.decrypt_with_device_key(mock_data)
+ expected_result = b"Test message"
+
+ self.assertEqual(mock_result, expected_result, "devkey decryption returned invalid result")
+
+ @freeze_time("2021-12-18 22:07:15.988961")
+ def test_verifyNonceCalculation(self):
+ '''Check if the nonce calculation is correct, at a given date/time.'''
+
+ nonce_return = libadobe.addNonce()
+ expected_return = "8B2aPgg6AAAAAAAA2021-12-18T22:17:15Z"
+ self.assertEqual(nonce_return, expected_return, "Invalid nonce calculation in 2021")
+
+
+ @freeze_time("2031-07-19 22:15:22.074860")
+ def test_verifyNonceCalculationFuture(self):
+ '''Check if the nonce calculation is still correct in the future.'''
+
+ nonce_return = libadobe.addNonce()
+ expected_return = "JFUTp046AAAAAAAA2031-07-19T22:25:22Z"
+ self.assertEqual(nonce_return, expected_return, "Invalid nonce calculation in 2031")
+
+
+
+ def test_hash_node(self):
+ '''Check if the XML hash (needed for the signature) is correct.'''
+
+ # This XML is an anonymized (all IDs replaced with random UUIDs) ACSM file.
+
+ mock_xml_str = """
+
+ urn:uuid:6f633050-ac85-48e7-9204-831bd44db21b
+ https://example.com/fulfillment
+ 351f9325-da50-492a-ab56-f1adc995ce1c-00000001
+ 2021-12-18T21:26:05+00:00
+
+ urn:uuid:6f300313-d746-44b6-8c88-5b2afa8e0909
+ 1
+
+ Book title
+ Book author
+ Book publisher
+ Book identifier
+ application/epub+zip
+ en-us
+
+
+ urn:uuid:fca00d01-4eaf-4c70-b00c-1caa9a71f5be
+
+
+
+
+
+
+
+
+ fHv+2R4N61aP6d0S8/g+RRHEGPE=
+
+ """
+
+ mock_xml_obj = etree.fromstring(mock_xml_str)
+ sha_hash = libadobe.hash_node(mock_xml_obj).hexdigest().lower()
+
+ self.assertEqual(sha_hash, "3452e3d11cdd70eb90323f291c06afafe10e098a", "Invalid SHA hash after node signing")
+
+
+ def test_Account_loginCredentialEncryption(self):
+ '''Check if we can properly encrypt login credentials.'''
+
+ # This cert is not the actual Adobe auth cert.
+ # I added a fake one in here so we can also test if the encrypted data is valid
+ # by just decrypting it again.
+ # Also, I don't think I'd be allowed to redistribute the Adobe cert anyways.
+ mock_auth_certificate = "MIICLjCCAZegAwIBAgIUPo11NtzZuIdqNySSJhG9ntZEpy0wDQYJKoZIhvcNAQEFBQAwKTELMAkGA1UEBhMCVVMxGjAYBgNVBAMMEURlQUNTTSB1bml0IHRlc3RzMB4XDTIxMTIxODIwNDYwMVoXDTIxMTIyODIwNDYwMVowKTELMAkGA1UEBhMCVVMxGjAYBgNVBAMMEURlQUNTTSB1bml0IHRlc3RzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/NkUXHTEYAyQzm6BHekzyAM8EfjBvWCLAvOVBs/eTqKwrOfqkuT+TuIYfvBx/GuWx9szMi/sTL1R0vCLxhO6FxnZH+OW4OC8mi5oyfWQxiZe41Mo7o6FYnyMA+fuwz9TyeL2BmObH9HewVhTwmVesdTNOAwaH+neC/IJ5/yGDMwIDAQABo1MwUTAdBgNVHQ4EFgQUYlO/CiLaNR2Mlmg64KALHq3jq18wHwYDVR0jBBgwFoAUYlO/CiLaNR2Mlmg64KALHq3jq18wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQAzF75pKA2lzNxM+kPWErvJmOmP1aAWGZfbAG7naiC32pPHwNfKjUTQ1vpqoYxydvsmHzVhF1Z/czBdLMR8/PtSv+cGrhhLrc7c5uzp2YDZU4TiGaGz7jiD5C0rp3IpyEP3IN0SNeYwEZtKMph+pv3k5zcgsIPOsHIS0gwV3U70HA=="
+ mock_auth_cert_private_key = "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlDWEFJQkFBS0JnUUMvTmtVWEhURVlBeVF6bTZCSGVrenlBTThFZmpCdldDTEF2T1ZCcy9lVHFLd3JPZnFrCnVUK1R1SVlmdkJ4L0d1V3g5c3pNaS9zVEwxUjB2Q0x4aE82RnhuWkgrT1c0T0M4bWk1b3lmV1F4aVplNDFNbzcKbzZGWW55TUErZnV3ejlUeWVMMkJtT2JIOUhld1ZoVHdtVmVzZFROT0F3YUgrbmVDL0lKNS95R0RNd0lEQVFBQgpBb0dBSUxCaWQyVWlNM3kxLzZ5blpoRGVmckRzczFQdmE5bWhkMW5UeDd2QW81bStkVlZnS0RFVFVXbkdaRDZBCmtLcEVnbnd5M3ZVL1l6UkFPQVRCNUpCWlJuSEpzeHBmUk9sVHBZRHJBaXFoZ0dlZGNkSHozb1NhSk8zZVVZNzcKUEt6NDZ0VTNUTVZvMFdndmV0d3FKWXNEencxcHREa2Nqb2xxVGNYSWxhdTBGYUVDUVFEbERTTnNzWTM2VmlzSwpma0hNblJEd1FJdHFPNGlrZEtFRGNqTzU0Q3RXYVpjK2lGZ1FsMjFzUk1ueW91SVBzT3RBTG96V0wwMzJ2NTRHCk5XQUI1emkvQWtFQTFiVndJV1lzeVh6aHp5Wko4bWhmTGYvY2kydmQyY2RTK3lBTEwrbUpJQmJSejMvNFdHSFgKdUxXMWwxWGVLYWVmRnFob1JpTzdxUWpNWCthb3ZqYytqUUpCQU1TQ2F4djdrTlZ2UytucXZFVHhrL0NyVDNESwp0c1p4RVJyRnhiNzRwZld6RFlFbXRIYzNremRLSlFBMzRqNllDSnk5MHpLR3p4cWM5dFJZd28rZmNqMENRRWptCmY3Mms4Um82YzMwS2ZxY21XM0dCbW1ZbEFhVE1qYzRFZkV4M3ljTWNoYTNXNVl5Z3M4bmFrbnR4V3p1eVpsNkEKVERIQTlyOE90VWp4a2haeEdmRUNRRndVZlhEVncwNjlOaUdJRUpWRWVTRkp6TCszb1JSWCsrZ0krb3AwNlRBaApCcTFjemVZMWFOMllTWGIveDZ4TEI5amFYSXg1UElIM1Uyc3VhZHdETnNVPQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo="
+
+ user = "username"
+ passwd = "unit-test-password"
+
+ libadobe.devkey_bytes = bytes([0xf8, 0x7a, 0xfc, 0x8c, 0x75, 0x25, 0xdc, 0x4b, 0x83, 0xec, 0x0c, 0xe2, 0xab, 0x4b, 0xef, 0x51])
+ encrypted = libadobeAccount.encryptLoginCredentials(user, passwd, mock_auth_certificate)
+
+ # Okay, now try to decrypt this again:
+
+ pkey = RSA.import_key(base64.b64decode(mock_auth_cert_private_key))
+ cipher_engine = PKCS1_v1_5.new(pkey)
+ msg = cipher_engine.decrypt(encrypted, bytes([0x00] * 16))
+
+ expected_msg = bytearray(libadobe.devkey_bytes)
+ expected_msg.extend(bytearray(len(user).to_bytes(1, 'big')))
+ expected_msg.extend(bytearray(user.encode("latin-1")))
+ expected_msg.extend(bytearray(len(passwd).to_bytes(1, 'big')))
+ expected_msg.extend(bytearray(passwd.encode("latin-1")))
+
+ self.assertEqual(msg.hex(), expected_msg.hex(), "devkey encryption returned invalid result")
+
+
+
+
+
+
+class TestOther(unittest.TestCase):
+
+ def setUp(self):
+ pass
+
+ def tearDown(self):
+ pass
+
+ def forcefail(self):
+ self.assertEqual(1, 2, "force fail")
+
+ def test_wineUsernameEscaping(self):
+ '''Wine uses a weird encoding for the username inside the registry. Make sure that the decoder is working correctly.'''
+
+ self.assertEqual(fix_wine_username(r'"1234"'), b'1234', "Wine username mismatch")
+ self.assertEqual(fix_wine_username(r'"a\x00e931"'), b'a\xe931', "Wine username mismatch")
+
+ def test_pdf_trimEncrypt(self):
+ '''Makes sure the encryption string trimming code for PDFs is working fine.'''
+
+ input = "<<2222>]/Size 3>>AppendedData"
+ output = "<<2222>]/Size 3>>"
+
+ self.assertEqual(trim_encrypt_string(input), output, "PDF string trimming broken")
+
+ def test_pdf_cleanupEncrypt(self):
+ '''Makes sure the encryption string cleanup / spacing code for PDFs is working fine.'''
+
+ self.assertEqual(cleanup_encrypt_element("ID[<1111><2222>]"), "ID[<1111> <2222>]")
+ self.assertEqual(cleanup_encrypt_element("ID[ <1111> <2222>] "), "ID[<1111> <2222>]")
+
+ def test_pdf_deflateCompression(self):
+ '''Makes sure the deflate code for PDF rights.xml works properly.'''
+
+ self.assertEqual(deflate_and_base64_encode(b""), b"AwA=", "deflate code error in empty string")
+ self.assertEqual(deflate_and_base64_encode(b"Hello world"), b"80jNyclXKM8vykkBAA==", "deflate code error")
+ self.assertEqual(deflate_and_base64_encode(b"Example AAAAAAAAA"), b"c61IzC3ISVVwhAEA", "deflate code error")
+
+
+
+
+
+
+if __name__ == "__main__":
+ unittest.main(verbosity=1)
+