def POST(self, title):
user_id = cherrypy.session.get(SESSION_USERID)
if not storage.user_has_title(user_id, title):
raise cherrypy.HTTPError(400, "Current user didn't buy this title")
try:
content_length = cherrypy.request.headers['Content-Length']
raw_body = cherrypy.request.body.read(int(content_length))
body = json.loads(raw_body)
if 'key' not in body:
raise Exception()
key_val = body['key']
except Exception:
raise cherrypy.HTTPError(400, "Current key wasn't provided")
user_key = storage.get_user_detail(user_id).userkey
next_key = AES.new(user_key, AES.MODE_ECB).encrypt(binascii.unhexlify(key_val))
device_key = cherrypy.session.get(SESSION_DEVICE)
storage.policies_valid_update_values(title, user_id, device_key)
return next_key
def GET(self, title, seed_only = False):
cherrypy.response.headers['Content-Type'] = 'application/json'
if seed_only == '1' or seed_only == 'True' or seed_only == 'true':
seed_only = True
user_id = cherrypy.session.get(SESSION_USERID)
if not storage.user_has_title(user_id, title):
raise cherrypy.HTTPError(400, "Current user didn't buy this title")
file_key = storage.get_file_key(user_id, title)
user_key = storage.get_user_detail(user_id).userkey
device_key = cherrypy.session.get(SESSION_DEVICE)
player_key = '\xb8\x8b\xa6Q)c\xd6\x14/\x9dpxc]\xff\x81L\xd2o&\xc2\xd1\x94l\xbf\xa6\x1d\x8fA\xdee\x9c'
# Beyond this point user have bought the title, lets check the policies
(valid, message) = check_policies_and_refresh(user_id, title, device_key,
cherrypy.request.headers['User-Agent'],
cherrypy.request.headers['Remote-Addr'])
if not valid:
raise cherrypy.HTTPError(400, message)
if file_key == None:
# first time that a file was requested, must generate seed
seed = Random.new().read(BLOCK_SIZE)
seed_dev_key = AES.new(device_key, AES.MODE_ECB).encrypt(seed)
seed_dev_user_key = AES.new(user_key, AES.MODE_ECB).encrypt(seed_dev_key)
# Player key is hardcoded for now, but we want to share it using the certificate
file_key = AES.new(player_key, AES.MODE_ECB).encrypt(seed_dev_user_key)
file_key = storage.update_file_key(file_key, title, user_id)
else:
seed_dev_user_key = AES.new(player_key, AES.MODE_ECB).decrypt(file_key)
seed_dev_key = AES.new(user_key, AES.MODE_ECB).decrypt(seed_dev_user_key)
seed = AES.new(device_key, AES.MODE_ECB).decrypt(seed_dev_key)
iv = storage.get_file_iv(user_id, title)
#print "Player key", binascii.hexlify(player_key)
#print "User key: ", binascii.hexlify(user_key)
#print "Device key: ", binascii.hexlify(device_key)
#print "File Key: ", binascii.hexlify(file_key)
#print "Seed: ", binascii.hexlify(seed)
def content():
if seed_only:
yield seed + iv
return
title_file = storage.get_title_details(title)
filename = title_file.path
f = encfs.mount_encrypted_file(title_file, encfs_mpassword)
#f = open("media/" + filename, 'r')
aes = AES.new(file_key, AES.MODE_CBC, iv)
yield seed + iv
channel_fragmentation = BLOCK_SIZE * 1500
data = f.read(channel_fragmentation)
while data:
if len(data) < channel_fragmentation:
data = cipherLib.pkcs7_encode(data, BLOCK_SIZE)
dataEncrypted = aes.encrypt(data)
yield dataEncrypted
dataEncrypted = aes.encrypt(data)
yield dataEncrypted
data = f.read(channel_fragmentation)
#encfs.unmount_encrypted_file(filename)
return content()