soutade
/
libgourou
2
4
Fork 2
Code Issues Pull Requests Packages Releases 4 Activity

Check for target user before trying to decrypt a file

This commit is contained in:
Grégory Soutadé 2022-12-21 21:06:03 +01:00
parent 24bae89095
commit f65e8cd9eb
2 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
include/libgourou_common.h
View File

@ -129,7 +129,8 @@ namespace gourou
DRM_IN_OUT_EQUALS,
DRM_MISSING_PARAMETER,
DRM_INVALID_KEY_SIZE,
DRM_ERR_ENCRYPTION_KEY_FP
DRM_ERR_ENCRYPTION_KEY_FP,
DRM_INVALID_USER
};
#ifndef _NOEXCEPT

9
src/libgourou.cpp
View File

@ -1028,6 +1028,13 @@ namespace gourou
{
unsigned char rsaKey[RSA_KEY_SIZE];
std::string user = extractTextElem(rightsDoc, "/adept:rights/licenseToken/user");
if (this->user->getUUID() != user)
{
EXCEPTION(DRM_INVALID_USER, "This book has been downloaded for another user (" << user << ")");
}
if (!encryptionKey)
{
std::string encryptedKey = extractTextElem(rightsDoc, "/adept:rights/licenseToken/encryptedKey");
@ -1041,7 +1048,7 @@ namespace gourou
ByteArray arrayEncryptedKey = ByteArray::fromBase64(encryptedKey);
std::string privateKeyData = user->getPrivateLicenseKey();
std::string privateKeyData = this->user->getPrivateLicenseKey();
ByteArray privateRSAKey = ByteArray::fromBase64(privateKeyData);
dumpBuffer(gourou::LG_LOG_DEBUG, "To decrypt : ", arrayEncryptedKey.data(), arrayEncryptedKey.length());