def POST(self, title): user_id = cherrypy.session.get(SESSION_USERID) if not storage.user_has_title(user_id, title): raise cherrypy.HTTPError(400, "Current user didn't buy this title") try: content_length = cherrypy.request.headers['Content-Length'] raw_body = cherrypy.request.body.read(int(content_length)) body = json.loads(raw_body) if 'key' not in body: raise Exception() key_val = body['key'] except Exception: raise cherrypy.HTTPError(400, "Current key wasn't provided") user_key = storage.get_user_detail(user_id).userkey next_key = AES.new(user_key, AES.MODE_ECB).encrypt(binascii.unhexlify(key_val)) device_key = cherrypy.session.get(SESSION_DEVICE) storage.policies_valid_update_values(title, user_id, device_key) return next_key
def GET(self, title, seed_only = False): cherrypy.response.headers['Content-Type'] = 'application/json' if seed_only == '1' or seed_only == 'True' or seed_only == 'true': seed_only = True user_id = cherrypy.session.get(SESSION_USERID) if not storage.user_has_title(user_id, title): raise cherrypy.HTTPError(400, "Current user didn't buy this title") file_key = storage.get_file_key(user_id, title) user_key = storage.get_user_detail(user_id).userkey device_key = cherrypy.session.get(SESSION_DEVICE) player_key = '\xb8\x8b\xa6Q)c\xd6\x14/\x9dpxc]\xff\x81L\xd2o&\xc2\xd1\x94l\xbf\xa6\x1d\x8fA\xdee\x9c' # Beyond this point user have bought the title, lets check the policies (valid, message) = check_policies_and_refresh(user_id, title, device_key, cherrypy.request.headers['User-Agent'], cherrypy.request.headers['Remote-Addr']) if not valid: raise cherrypy.HTTPError(400, message) if file_key == None: # first time that a file was requested, must generate seed seed = Random.new().read(BLOCK_SIZE) seed_dev_key = AES.new(device_key, AES.MODE_ECB).encrypt(seed) seed_dev_user_key = AES.new(user_key, AES.MODE_ECB).encrypt(seed_dev_key) # Player key is hardcoded for now, but we want to share it using the certificate file_key = AES.new(player_key, AES.MODE_ECB).encrypt(seed_dev_user_key) file_key = storage.update_file_key(file_key, title, user_id) else: seed_dev_user_key = AES.new(player_key, AES.MODE_ECB).decrypt(file_key) seed_dev_key = AES.new(user_key, AES.MODE_ECB).decrypt(seed_dev_user_key) seed = AES.new(device_key, AES.MODE_ECB).decrypt(seed_dev_key) iv = storage.get_file_iv(user_id, title) #print "Player key", binascii.hexlify(player_key) #print "User key: ", binascii.hexlify(user_key) #print "Device key: ", binascii.hexlify(device_key) #print "File Key: ", binascii.hexlify(file_key) #print "Seed: ", binascii.hexlify(seed) def content(): if seed_only: yield seed + iv return title_file = storage.get_title_details(title) filename = title_file.path f = encfs.mount_encrypted_file(title_file, encfs_mpassword) #f = open("media/" + filename, 'r') aes = AES.new(file_key, AES.MODE_CBC, iv) yield seed + iv channel_fragmentation = BLOCK_SIZE * 1500 data = f.read(channel_fragmentation) while data: if len(data) < channel_fragmentation: data = cipherLib.pkcs7_encode(data, BLOCK_SIZE) dataEncrypted = aes.encrypt(data) yield dataEncrypted dataEncrypted = aes.encrypt(data) yield dataEncrypted data = f.read(channel_fragmentation) #encfs.unmount_encrypted_file(filename) return content()