Esempio n. 1
0
    def POST(self, title):
        user_id = cherrypy.session.get(SESSION_USERID)
        if not storage.user_has_title(user_id, title):
            raise cherrypy.HTTPError(400, "Current user didn't buy this title")

        try:
            content_length = cherrypy.request.headers['Content-Length']
            raw_body = cherrypy.request.body.read(int(content_length))
            body = json.loads(raw_body)
            if 'key' not in body:
                raise Exception()
            key_val = body['key']
        except Exception:
            raise cherrypy.HTTPError(400, "Current key wasn't provided")

        user_key = storage.get_user_detail(user_id).userkey
        next_key = AES.new(user_key, AES.MODE_ECB).encrypt(binascii.unhexlify(key_val))

        device_key = cherrypy.session.get(SESSION_DEVICE)
        storage.policies_valid_update_values(title, user_id, device_key)
        return next_key
Esempio n. 2
0
    def GET(self, title, seed_only = False):
        cherrypy.response.headers['Content-Type'] = 'application/json'
        if seed_only == '1' or seed_only == 'True' or seed_only == 'true':
            seed_only = True
        user_id = cherrypy.session.get(SESSION_USERID)
        if not storage.user_has_title(user_id, title):
            raise cherrypy.HTTPError(400, "Current user didn't buy this title")
        file_key = storage.get_file_key(user_id, title)
        user_key = storage.get_user_detail(user_id).userkey
        device_key = cherrypy.session.get(SESSION_DEVICE)
        player_key = '\xb8\x8b\xa6Q)c\xd6\x14/\x9dpxc]\xff\x81L\xd2o&\xc2\xd1\x94l\xbf\xa6\x1d\x8fA\xdee\x9c'

        # Beyond this point user have bought the title, lets check the policies
        (valid, message) = check_policies_and_refresh(user_id, title, device_key,
                                   cherrypy.request.headers['User-Agent'],
                                   cherrypy.request.headers['Remote-Addr'])
        if not valid:
            raise cherrypy.HTTPError(400, message)
        if file_key == None:
            # first time that a file was requested, must generate seed
            seed = Random.new().read(BLOCK_SIZE)
            seed_dev_key = AES.new(device_key, AES.MODE_ECB).encrypt(seed)
            seed_dev_user_key = AES.new(user_key, AES.MODE_ECB).encrypt(seed_dev_key)
            # Player key is hardcoded for now, but we want to share it using the certificate
            file_key = AES.new(player_key, AES.MODE_ECB).encrypt(seed_dev_user_key)
            file_key = storage.update_file_key(file_key, title, user_id)
        else:
            seed_dev_user_key = AES.new(player_key, AES.MODE_ECB).decrypt(file_key)
            seed_dev_key = AES.new(user_key, AES.MODE_ECB).decrypt(seed_dev_user_key)
            seed = AES.new(device_key, AES.MODE_ECB).decrypt(seed_dev_key)

        iv = storage.get_file_iv(user_id, title)
        #print "Player key", binascii.hexlify(player_key)
        #print "User key: ", binascii.hexlify(user_key)
        #print "Device key: ", binascii.hexlify(device_key)
        #print "File Key: ", binascii.hexlify(file_key)
        #print "Seed: ", binascii.hexlify(seed)
        def content():
            if seed_only:
                yield seed + iv
                return

            title_file = storage.get_title_details(title)
            filename = title_file.path
            f = encfs.mount_encrypted_file(title_file, encfs_mpassword)
            #f = open("media/" + filename, 'r')
            aes = AES.new(file_key, AES.MODE_CBC, iv)

            yield seed + iv

            channel_fragmentation = BLOCK_SIZE * 1500
            data = f.read(channel_fragmentation)
            while data:
                if len(data) < channel_fragmentation:
                    data = cipherLib.pkcs7_encode(data, BLOCK_SIZE)
                    dataEncrypted = aes.encrypt(data)
                    yield dataEncrypted
                dataEncrypted = aes.encrypt(data)
                yield dataEncrypted
                data = f.read(channel_fragmentation)
            #encfs.unmount_encrypted_file(filename)
        return content()