diff --git a/Makefile b/Makefile index 3637eac..d05d86d 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,3 @@ - AR ?= $(CROSS)ar CXX ?= $(CROSS)g++ @@ -67,7 +66,7 @@ libgourou.so: $(OBJECTS) $(UPDFPARSERLIB) $(CXX) obj/*.o $(LDFLAGS) -o $@ -shared build_utils: - make -C utils ROOT=$(PWD) CXX=$(CXX) AR=$(AR) DEBUG=$(DEBUG) STATIC_UTILS=$(STATIC_UTILS) OPENSSL3=$(OPENSSL3) + make -C utils ROOT=$(PWD) CXX=$(CXX) AR=$(AR) DEBUG=$(DEBUG) STATIC_UTILS=$(STATIC_UTILS) clean: rm -rf libgourou.a libgourou.so obj diff --git a/include/libgourou_common.h b/include/libgourou_common.h index 2f7b098..f8ab290 100644 --- a/include/libgourou_common.h +++ b/include/libgourou_common.h @@ -106,6 +106,7 @@ namespace gourou CLIENT_INVALID_PKCS12, CLIENT_INVALID_CERTIFICATE, CLIENT_NO_PRIV_KEY, + CLIENT_NO_PUB_KEY, CLIENT_RSA_ERROR, CLIENT_BAD_CHAINING, CLIENT_BAD_KEY_SIZE, diff --git a/utils/Makefile b/utils/Makefile index b9fd76f..4d7b9e4 100644 --- a/utils/Makefile +++ b/utils/Makefile @@ -3,16 +3,6 @@ TARGETS=acsmdownloader adept_activate adept_remove adept_loan_mgt CXXFLAGS=-Wall -fPIC -I$(ROOT)/include -I$(ROOT)/lib/pugixml/src/ -LDFLAGS= - -ifneq ($(OPENSSL3),) -# OpenSSL 1.1.0 compat -CXXFLAGS += -DOPENSSL_API_COMPAT=0x10100000L -CXXFLAGS += -I/tmp/openssl3/usr/include/ -I/tmp/openssl3/usr/include/x86_64-linux-gnu -LDFLAGS += -L/tmp/openssl3/usr/lib/x86_64-linux-gnu -L/tmp/openssl3/usr/lib/x86_64-linux-gnu/ossl-modules -endif - - STATIC_DEP= LDFLAGS += -L$(ROOT) -lcrypto -lzip -lz -lcurl diff --git a/utils/drmprocessorclientimpl.cpp b/utils/drmprocessorclientimpl.cpp index 555e5ee..c62e2d8 100644 --- a/utils/drmprocessorclientimpl.cpp +++ b/utils/drmprocessorclientimpl.cpp @@ -31,6 +31,8 @@ #include #include +#define OPENSSL_NO_DEPRECATED 1 + #include #include #include @@ -302,68 +304,110 @@ std::string DRMProcessorClientImpl::sendHTTPRequest(const std::string& URL, cons return std::string((char*)replyData.data(), replyData.length()); } +void DRMProcessorClientImpl::padWithPKCS1(unsigned char* out, unsigned int outLength, + const unsigned char* in, unsigned int inLength) +{ + if (outLength < (inLength + 3)) + EXCEPTION(gourou::CLIENT_RSA_ERROR, "Not enough space for PKCS1 padding"); + + /* + PKCS1v5 Padding is : + 0x00 0x01 0xff * n 0x00 dataIn + */ + + memset(out, 0xFF, outLength); + + out[0] = 0x0; + out[1] = 0x1; + out[outLength - inLength - 1] = 0x00; + memcpy(&out[outLength - inLength], in, inLength); +} + + void DRMProcessorClientImpl::RSAPrivateEncrypt(const unsigned char* RSAKey, unsigned int RSAKeyLength, const RSA_KEY_TYPE keyType, const std::string& password, const unsigned char* data, unsigned dataLength, unsigned char* res) { PKCS12 * pkcs12; - EVP_PKEY* pkey; - X509* cert; - STACK_OF(X509)* ca; - RSA * rsa; - + EVP_PKEY_CTX *ctx; + EVP_PKEY* pkey = NULL; + size_t outlen; + unsigned char* tmp; + int ret; + pkcs12 = d2i_PKCS12(NULL, &RSAKey, RSAKeyLength); if (!pkcs12) EXCEPTION(gourou::CLIENT_INVALID_PKCS12, ERR_error_string(ERR_get_error(), NULL)); - PKCS12_parse(pkcs12, password.c_str(), &pkey, &cert, &ca); - - if (!pkey) + if (PKCS12_parse(pkcs12, password.c_str(), &pkey, NULL, NULL) <= 0) EXCEPTION(gourou::CLIENT_INVALID_PKCS12, ERR_error_string(ERR_get_error(), NULL)); - rsa = EVP_PKEY_get1_RSA(pkey); + outlen = EVP_PKEY_get_size(pkey); - int ret = RSA_private_encrypt(dataLength, data, res, rsa, RSA_PKCS1_PADDING); + ctx = EVP_PKEY_CTX_new(pkey, NULL); - if (ret < 0) + /* Use RSA private key */ + if (EVP_PKEY_decrypt_init(ctx) <= 0) EXCEPTION(gourou::CLIENT_RSA_ERROR, ERR_error_string(ERR_get_error(), NULL)); - if (gourou::logLevel >= gourou::DEBUG) - { - printf("Encrypted : "); - for(int i=0; i= gourou::LG_LOG_DEBUG) { printf("Decrypted : "); - for(int i=0; i= 3 OSSL_PROVIDER *legacy, *deflt; #else