Add DRM removal for ePub only

This commit is contained in:
Grégory Soutadé 2021-11-26 15:01:26 +01:00
parent 55ab41613e
commit a751327dab
8 changed files with 262 additions and 56 deletions

View File

@ -32,6 +32,7 @@ namespace gourou
*
* Data handled is first copied in a newly allocated buffer
* and then shared between all copies until last object is destroyed
* (internal reference counter == 0)
*/
class ByteArray
{
@ -39,8 +40,18 @@ namespace gourou
/**
* @brief Create an empty byte array
*
* @param useMalloc If true, use malloc() instead of new[] for allocation
*/
ByteArray();
ByteArray(bool useMalloc=false);
/**
* @brief Create an empty byte array of length bytes
*
* @param length Length of data
* @param useMalloc If true, use malloc() instead of new[] for allocation
*/
ByteArray(unsigned int length, bool useMalloc=false);
/**
* @brief Initialize ByteArray with a copy of data
@ -119,14 +130,36 @@ namespace gourou
void append(const std::string& str);
/**
* @brief Get internal data. Must bot be modified nor freed
* @brief Get internal data. Must bot be freed
*/
const unsigned char* data() {return _data;}
unsigned char* data() {return _data;}
/**
* @brief Get internal data and increment internal reference counter.
* Must bot be freed
*/
unsigned char* takeShadowData() {addRef() ; return _data;}
/**
* @brief Release shadow data. It can now be freed by ByteArray
*/
void releaseShadowData() {delRef();}
/**
* @brief Get internal data length
*/
unsigned int length() {return _length;}
unsigned int length() const {return _length;}
/**
* @brief Get internal data length
*/
unsigned int size() const {return length();}
/**
* @brief Create a new internal buffer of length bytes
* All previous data is lost
*/
void resize(unsigned int length);
ByteArray& operator=(const ByteArray& other);
@ -135,9 +168,10 @@ namespace gourou
void addRef();
void delRef();
const unsigned char* _data;
bool _useMalloc;
unsigned char* _data;
unsigned int _length;
static std::map<const unsigned char*, int> refCounter;
static std::map<unsigned char*, int> refCounter;
};
}
#endif

View File

@ -128,6 +128,22 @@ namespace gourou
const unsigned char* data, unsigned dataLength,
unsigned char* res) = 0;
/**
* @brief Decrypt data with RSA private key. Data is padded using PKCS1.5
*
* @param RSAKey RSA key in binary form
* @param RSAKeyLength RSA key length
* @param keyType Key type
* @param password Optional password for RSA PKCS12 certificate
* @param data Data to encrypt
* @param dataLength Data length
* @param res Encryption result (pre allocated buffer)
*/
virtual void RSAPrivateDecrypt(const unsigned char* RSAKey, unsigned int RSAKeyLength,
const RSA_KEY_TYPE keyType, const std::string& password,
const unsigned char* data, unsigned dataLength,
unsigned char* res) = 0;
/**
* @brief Encrypt data with RSA public key. Data is padded using PKCS1.5
*
@ -331,19 +347,19 @@ namespace gourou
*
* @param handler ZIP file handler
* @param path Internal path inside zip file
*
* @return File content
* @param result Result buffer
* @param decompress If false, don't decompress read data
*/
virtual std::string zipReadFile(void* handler, const std::string& path) = 0;
virtual void zipReadFile(void* handler, const std::string& path, ByteArray& result, bool decompress=true) = 0;
/**
* @brief Write zip internal file
*
* @param handler ZIP file handler
* @param path Internal path inside zip file
* @param content Internal file content
* @param content File content
*/
virtual void zipWriteFile(void* handler, const std::string& path, const std::string& content) = 0;
virtual void zipWriteFile(void* handler, const std::string& path, ByteArray& content) = 0;
/**
* @brief Delete zip internal file
@ -367,7 +383,7 @@ namespace gourou
* @param result Zipped data
* @param wbits Window bits value for libz
*/
virtual void inflate(std::string data, gourou::ByteArray& result,
virtual void inflate(gourou::ByteArray& data, gourou::ByteArray& result,
int wbits=-15) = 0;
/**
@ -378,7 +394,7 @@ namespace gourou
* @param wbits Window bits value for libz
* @param compressionLevel Compression level for libz
*/
virtual void deflate(std::string data, gourou::ByteArray& result,
virtual void deflate(gourou::ByteArray& data, gourou::ByteArray& result,
int wbits=-15, int compressionLevel=8) = 0;
};

View File

@ -40,7 +40,7 @@
#define ACS_SERVER "http://adeactivate.adobe.com/adept"
#endif
#define LIBGOUROU_VERSION "0.4.4"
#define LIBGOUROU_VERSION "0.5"
namespace gourou
{
@ -181,6 +181,8 @@ namespace gourou
*/
DRMProcessorClient* getClient() { return client; }
void removeDRM(const std::string& ePubFile, ITEM_TYPE type);
private:
gourou::DRMProcessorClient* client;
gourou::Device* device;
@ -204,6 +206,7 @@ namespace gourou
void buildSignInRequest(pugi::xml_document& signInRequest, const std::string& adobeID, const std::string& adobePassword, const std::string& authenticationCertificate);
void fetchLicenseServiceCertificate(const std::string& licenseURL,
const std::string& operatorURL);
void removeEPubDRM(const std::string& ePubFile);
};
}

View File

@ -112,6 +112,11 @@ namespace gourou
CLIENT_NETWORK_ERROR,
};
enum DRM_REMOVAL_ERROR {
CLIENT_DRM_ERR_ENCRYPTION_KEY = 0x6000,
CLIENT_DRM_FORMAT_NOT_SUPPORTED,
};
/**
* Generic exception class
*/

View File

@ -24,33 +24,48 @@
namespace gourou
{
std::map<const unsigned char*, int> ByteArray::refCounter;
std::map<unsigned char*, int> ByteArray::refCounter;
ByteArray::ByteArray():_data(0), _length(0)
ByteArray::ByteArray(bool useMalloc):_useMalloc(useMalloc), _data(0), _length(0)
{}
ByteArray::ByteArray(const unsigned char* data, unsigned int length)
ByteArray::ByteArray(unsigned int length, bool useMalloc):
_useMalloc(useMalloc)
{
initData(0, length);
}
ByteArray::ByteArray(const unsigned char* data, unsigned int length):
_useMalloc(false)
{
initData(data, length);
}
ByteArray::ByteArray(const char* data, int length)
ByteArray::ByteArray(const char* data, int length):
_useMalloc(false)
{
if (length == -1)
length = strlen(data);
initData((const unsigned char*)data, (unsigned int) length);
initData((unsigned char*)data, (unsigned int) length);
}
ByteArray::ByteArray(const std::string& str)
ByteArray::ByteArray(const std::string& str):
_useMalloc(false)
{
initData((unsigned char*)str.c_str(), (unsigned int)str.length());
}
void ByteArray::initData(const unsigned char* data, unsigned int length)
{
_data = new unsigned char[length];
memcpy((void*)_data, data, length);
if (_useMalloc)
_data = (unsigned char*)malloc(length);
else
_data = new unsigned char[length];
if (data)
memcpy((void*)_data, data, length);
_length = length;
addRef();
@ -58,6 +73,7 @@ namespace gourou
ByteArray::ByteArray(const ByteArray& other)
{
this->_useMalloc = other._useMalloc;
this->_data = other._data;
this->_length = other._length;
@ -68,6 +84,7 @@ namespace gourou
{
delRef();
this->_useMalloc = other._useMalloc;
this->_data = other._data;
this->_length = other._length;
@ -97,7 +114,10 @@ namespace gourou
if (refCounter[_data] == 1)
{
delete[] _data;
if (_useMalloc)
free(_data);
else
delete[] _data;
refCounter.erase(_data);
}
else
@ -152,8 +172,13 @@ namespace gourou
void ByteArray::append(const unsigned char* data, unsigned int length)
{
const unsigned char* oldData = _data;
unsigned char* newData = new unsigned char[_length+length];
unsigned char* oldData = _data;
unsigned char* newData;
if (_useMalloc)
newData = (unsigned char*)malloc(_length+length);
else
newData = new unsigned char[_length+length];
memcpy(newData, oldData, _length);
@ -170,4 +195,10 @@ namespace gourou
void ByteArray::append(unsigned char c) { append(&c, 1);}
void ByteArray::append(const char* str) { append((const unsigned char*)str, strlen(str));}
void ByteArray::append(const std::string& str) { append((const unsigned char*)str.c_str(), str.length()); }
void ByteArray::resize(unsigned length)
{
delRef();
initData(0, length);
}
}

View File

@ -597,7 +597,7 @@ namespace gourou
GOUROU_LOG(INFO, "Download into " << path);
std::string rightsStr = item->getRights();
ByteArray rightsStr(item->getRights());
if (item->getMetadata("format").find("application/pdf") != std::string::npos)
res = PDF;
@ -925,4 +925,80 @@ namespace gourou
int DRMProcessor::getLogLevel() {return (int)gourou::logLevel;}
void DRMProcessor::setLogLevel(int logLevel) {gourou::logLevel = (GOUROU_LOG_LEVEL)logLevel;}
void DRMProcessor::removeEPubDRM(const std::string& ePubFile)
{
ByteArray zipData;
void* zipHandler = client->zipOpen(ePubFile);
client->zipReadFile(zipHandler, "META-INF/rights.xml", zipData);
pugi::xml_document rightsDoc;
rightsDoc.load_string((const char*)zipData.data());
std::string encryptedKey = extractTextElem(rightsDoc, "/adept:rights/licenseToken/encryptedKey");
ByteArray arrayEncryptedKey = ByteArray::fromBase64(encryptedKey);
unsigned char decryptedKey[RSA_KEY_SIZE];
std::string privateKeyData = user->getPrivateLicenseKey();
ByteArray privateRSAKey = ByteArray::fromBase64(privateKeyData);
ByteArray deviceKey(device->getDeviceKey(), Device::DEVICE_KEY_SIZE);
std::string pkcs12 = user->getPKCS12();
client->RSAPrivateDecrypt(privateRSAKey.data(), privateRSAKey.length(),
RSAInterface::RSA_KEY_PKCS12, deviceKey.toBase64().data(),
arrayEncryptedKey.data(), arrayEncryptedKey.length(), decryptedKey);
if (decryptedKey[0] != 0x00 || decryptedKey[1] != 0x02 ||
decryptedKey[RSA_KEY_SIZE-16-1] != 0x00)
EXCEPTION(CLIENT_DRM_ERR_ENCRYPTION_KEY, "Unable to retrieve encryption key");
client->zipReadFile(zipHandler, "META-INF/encryption.xml", zipData);
pugi::xml_document encryptionDoc;
encryptionDoc.load_string((const char*)zipData.data());
pugi::xpath_node_set nodeSet = encryptionDoc.select_nodes("//CipherReference");
for (pugi::xpath_node_set::const_iterator it = nodeSet.begin();
it != nodeSet.end(); ++it)
{
std::string encryptedFile = it->node().attribute("URI").value();
GOUROU_LOG(DEBUG, "Encrypted file " << encryptedFile);
client->zipReadFile(zipHandler, encryptedFile, zipData, false);
unsigned char* _data = zipData.data();
ByteArray clearData(zipData.length()-16+1); /* Reserve 1 byte for 'Z' */
unsigned char* _clearData = clearData.data();
gourou::ByteArray inflateData(true);
unsigned int dataOutLength;
client->AESDecrypt(CryptoInterface::CHAIN_CBC,
decryptedKey+RSA_KEY_SIZE-16, 16, /* Key */
_data, 16, /* IV */
&_data[16], zipData.length()-16,
_clearData, &dataOutLength);
// Add 'Z' at the end, done in ineptepub.py
_clearData[dataOutLength] = 'Z';
client->inflate(clearData, inflateData);
client->zipWriteFile(zipHandler, encryptedFile, inflateData);
}
client->zipDeleteFile(zipHandler, "META-INF/rights.xml");
client->zipDeleteFile(zipHandler, "META-INF/encryption.xml");
client->zipClose(zipHandler);
}
void DRMProcessor::removeDRM(const std::string& ePubFile, ITEM_TYPE type)
{
if (type == EPUB)
removeEPubDRM(ePubFile);
else
EXCEPTION(CLIENT_DRM_FORMAT_NOT_SUPPORTED, "Can't remove DRM in PDF");
}
}

View File

@ -37,8 +37,8 @@
#include <QNetworkAccessManager>
#include <QFile>
#include <zip.h>
#include <zlib.h>
#include <zip.h>
#include <libgourou_common.h>
#include <libgourou_log.h>
@ -163,8 +163,39 @@ void DRMProcessorClientImpl::RSAPrivateEncrypt(const unsigned char* RSAKey, unsi
if (gourou::logLevel >= gourou::DEBUG)
{
printf("Sig : ");
for(int i=0; i<(int)sizeof(res); i++)
printf("Encrypted : ");
for(int i=0; i<ret; i++)
printf("%02x ", res[i]);
printf("\n");
}
}
void DRMProcessorClientImpl::RSAPrivateDecrypt(const unsigned char* RSAKey, unsigned int RSAKeyLength,
const RSA_KEY_TYPE keyType, const std::string& password,
const unsigned char* data, unsigned dataLength,
unsigned char* res)
{
BIO* mem=BIO_new_mem_buf(RSAKey, RSAKeyLength);
PKCS8_PRIV_KEY_INFO* p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(mem, NULL);
if (!p8inf)
EXCEPTION(gourou::CLIENT_INVALID_PKCS12, ERR_error_string(ERR_get_error(), NULL));
EVP_PKEY* pkey = EVP_PKCS82PKEY(p8inf);
RSA * rsa;
int ret;
rsa = EVP_PKEY_get1_RSA(pkey);
ret = RSA_private_decrypt(dataLength, data, res, rsa, RSA_NO_PADDING);
if (ret < 0)
EXCEPTION(gourou::CLIENT_RSA_ERROR, ERR_error_string(ERR_get_error(), NULL));
if (gourou::logLevel >= gourou::DEBUG)
{
printf("Decrypted : ");
for(int i=0; i<ret; i++)
printf("%02x ", res[i]);
printf("\n");
}
@ -371,35 +402,39 @@ void* DRMProcessorClientImpl::zipOpen(const std::string& path)
return handler;
}
std::string DRMProcessorClientImpl::zipReadFile(void* handler, const std::string& path)
void DRMProcessorClientImpl::zipReadFile(void* handler, const std::string& path, gourou::ByteArray& result, bool decompress)
{
std::string res;
unsigned char* buffer;
zip_stat_t sb;
if (zip_stat((zip_t *)handler, path.c_str(), 0, &sb) < 0)
EXCEPTION(gourou::CLIENT_ZIP_ERROR, "Zip error " << zip_strerror((zip_t *)handler));
EXCEPTION(gourou::CLIENT_ZIP_ERROR, "Zip error, no file " << path << ", " << zip_strerror((zip_t *)handler));
if (!(sb.valid & (ZIP_STAT_INDEX|ZIP_STAT_SIZE)))
EXCEPTION(gourou::CLIENT_ZIP_ERROR, "Required fields missing");
buffer = new unsigned char[sb.size];
result.resize(sb.size);
zip_file_t *f = zip_fopen_index((zip_t *)handler, sb.index, ZIP_FL_COMPRESSED);
zip_fread(f, buffer, sb.size);
zip_file_t *f = zip_fopen_index((zip_t *)handler, sb.index, (decompress)?0:ZIP_FL_COMPRESSED);
zip_fread(f, result.data(), sb.size);
zip_fclose(f);
res = std::string((char*)buffer, sb.size);
delete[] buffer;
return res;
}
void DRMProcessorClientImpl::zipWriteFile(void* handler, const std::string& path, const std::string& content)
void DRMProcessorClientImpl::zipWriteFile(void* handler, const std::string& path, gourou::ByteArray& content)
{
zip_source_t* s = zip_source_buffer((zip_t*)handler, content.c_str(), content.length(), 0);
if (zip_file_add((zip_t*)handler, path.c_str(), s, ZIP_FL_OVERWRITE|ZIP_FL_ENC_UTF_8) < 0)
zip_int64_t ret;
zip_source_t* s = zip_source_buffer((zip_t*)handler, content.takeShadowData(), content.length(), 1);
zip_int64_t idx = zip_name_locate((zip_t*)handler, path.c_str(), 0);
// File doesn't exists
if (idx == -1)
ret = zip_file_add((zip_t*)handler, path.c_str(), s, 0);
else
ret = zip_file_replace((zip_t*)handler, idx, s, ZIP_FL_OVERWRITE);
if (ret < 0)
{
zip_source_free(s);
EXCEPTION(gourou::CLIENT_ZIP_ERROR, "Zip error " << zip_strerror((zip_t *)handler));
@ -422,7 +457,7 @@ void DRMProcessorClientImpl::zipClose(void* handler)
zip_close((zip_t*)handler);
}
void DRMProcessorClientImpl::inflate(std::string data, gourou::ByteArray& result,
void DRMProcessorClientImpl::inflate(gourou::ByteArray& data, gourou::ByteArray& result,
int wbits)
{
unsigned int dataSize = data.size()*2;
@ -435,7 +470,7 @@ void DRMProcessorClientImpl::inflate(std::string data, gourou::ByteArray& result
infstream.opaque = Z_NULL;
infstream.avail_in = (uInt)data.size();
infstream.next_in = (Bytef *)data.c_str(); // input char array
infstream.next_in = (Bytef *)data.data(); // input char array
infstream.avail_out = (uInt)dataSize; // size of output
infstream.next_out = (Bytef *)buffer; // output char array
@ -464,7 +499,7 @@ void DRMProcessorClientImpl::inflate(std::string data, gourou::ByteArray& result
EXCEPTION(gourou::CLIENT_ZIP_ERROR, zError(ret));
}
void DRMProcessorClientImpl::deflate(std::string data, gourou::ByteArray& result,
void DRMProcessorClientImpl::deflate(gourou::ByteArray& data, gourou::ByteArray& result,
int wbits, int compressionLevel)
{
unsigned int dataSize = data.size();
@ -476,8 +511,8 @@ void DRMProcessorClientImpl::deflate(std::string data, gourou::ByteArray& result
defstream.zfree = Z_NULL;
defstream.opaque = Z_NULL;
defstream.avail_in = (uInt)data.size();
defstream.next_in = (Bytef *)data.c_str(); // input char array
defstream.avail_in = (uInt)dataSize;
defstream.next_in = (Bytef *)data.data(); // input char array
defstream.avail_out = (uInt)dataSize; // size of output
defstream.next_out = (Bytef *)buffer; // output char array

View File

@ -35,7 +35,7 @@
class DRMProcessorClientImpl : public gourou::DRMProcessorClient
{
public:
public:
/* Digest interface */
virtual void* createDigest(const std::string& digestName);
virtual int digestUpdate(void* handler, unsigned char* data, unsigned int length);
@ -53,6 +53,11 @@ class DRMProcessorClientImpl : public gourou::DRMProcessorClient
const unsigned char* data, unsigned dataLength,
unsigned char* res);
virtual void RSAPrivateDecrypt(const unsigned char* RSAKey, unsigned int RSAKeyLength,
const RSA_KEY_TYPE keyType, const std::string& password,
const unsigned char* data, unsigned dataLength,
unsigned char* res);
virtual void RSAPublicEncrypt(const unsigned char* RSAKey, unsigned int RSAKeyLength,
const RSA_KEY_TYPE keyType,
const unsigned char* data, unsigned dataLength,
@ -100,17 +105,18 @@ class DRMProcessorClientImpl : public gourou::DRMProcessorClient
/* ZIP Interface */
virtual void* zipOpen(const std::string& path);
virtual std::string zipReadFile(void* handler, const std::string& path);
virtual void zipReadFile(void* handler, const std::string& path, gourou::ByteArray& result, bool decompress=true);
virtual void zipWriteFile(void* handler, const std::string& path, const std::string& content);
virtual void zipWriteFile(void* handler, const std::string& path, gourou::ByteArray& content);
virtual void zipDeleteFile(void* handler, const std::string& path);
virtual void zipClose(void* handler);
virtual void inflate(std::string data, gourou::ByteArray& result, int wbits=-15);
virtual void inflate(gourou::ByteArray& data, gourou::ByteArray& result,
int wbits=-15);
virtual void deflate(std::string data, gourou::ByteArray& result,
virtual void deflate(gourou::ByteArray& data, gourou::ByteArray& result,
int wbits=-15, int compressionLevel=8);
};