Petri Hintukainen pushed to branch master at VideoLAN / libaacs
Commits:
c42a4f49 by npzacs at 2021-05-05T18:17:54+03:00
Return error code from crypto_aacs_verify_host_cert()
- - - - -
3f006c7a by npzacs at 2021-05-17T17:04:28+03:00
Return error code from crypto_aacs_verify_drive_cert()
- - - - -
3 changed files:
- src/libaacs/aacs.c
- src/libaacs/crypto.c
- src/libaacs/mmc.c
Changes:
=====================================
src/libaacs/aacs.c
=====================================
@@ -691,8 +691,11 @@ static int _mmc_read_auth(AACS *aacs, cert_list *hcl, int
type, uint8_t *p1, uin
for (; hcl ; hcl = hcl->next) {
char tmp_str[2*92+1];
+ int crypto_error;
- if (!crypto_aacs_verify_host_cert(hcl->host_cert)) {
+ crypto_error = crypto_aacs_verify_host_cert(hcl->host_cert);
+ if (crypto_error) {
+ LOG_CRYPTO_ERROR(DBG_AACS, "host certificate signature
verification failed", crypto_error);
BD_DEBUG(DBG_AACS, "Not using invalid host certificate %s.\n",
str_print_hex(tmp_str, hcl->host_cert, 92));
continue;
=====================================
src/libaacs/crypto.c
=====================================
@@ -715,13 +715,12 @@ int crypto_aacs_verify_aacscc(const uint8_t *signature,
const uint8_t *data, ui
static int _aacs_verify_cert(const uint8_t *cert)
{
+ /* check length byte */
if (MKINT_BE16(cert+2) != 0x5c) {
- BD_DEBUG(DBG_AACS, "Certificate length is invalid (0x%04x), expected
0x005c\n",
- MKINT_BE16(cert+2));
- return 0;
+ return GPG_ERR_UNSUPPORTED_CERT;
}
- return !crypto_aacs_verify_aacsla(cert + 52, cert, 52);
+ return crypto_aacs_verify_aacsla(cert + 52, cert, 52);
}
int crypto_aacs_verify_host_cert(const uint8_t *cert)
@@ -731,19 +730,13 @@ int crypto_aacs_verify_host_cert(const uint8_t *cert)
break;
case 0x12:
// XXX checking the signature would cause buffer overread (certificate
is truncated in config file)
- BD_DEBUG(DBG_AACS | DBG_CRIT, "AACS 2.0 host certificate not
supported\n");
- return 0;
+ /* BD_DEBUG(DBG_AACS | DBG_CRIT, "AACS 2.0 host certificate not
supported\n"); */
+ return GPG_ERR_UNSUPPORTED_CERT;
default:
- BD_DEBUG(DBG_AACS, "Host certificate type is invalid (0x%02x)\n",
cert[0]);
- return 0;
+ return GPG_ERR_UNSUPPORTED_CERT;
}
- if (!_aacs_verify_cert(cert)) {
- BD_DEBUG(DBG_AACS, "Host certificate signature is invalid\n");
- return 0;
- }
-
- return 1;
+ return _aacs_verify_cert(cert);
}
int crypto_aacs_verify_drive_cert(const uint8_t *cert)
@@ -752,20 +745,14 @@ int crypto_aacs_verify_drive_cert(const uint8_t *cert)
case 0x01:
break;
case 0x11:
- BD_DEBUG(DBG_AACS | DBG_CRIT, "WARNING: Drive is using AACS 2.0
certificate\n");
+ /* BD_DEBUG(DBG_AACS | DBG_CRIT, "WARNING: Drive is using AACS 2.0
certificate\n"); */
// XXX checking the signature would cause buffer overread (certificate
is truncated at MMC layer)
- return 0;
+ return GPG_ERR_UNSUPPORTED_CERT;
default:
- BD_DEBUG(DBG_AACS, "Drive certificate type is invalid (0x%02x)\n",
cert[0]);
- return 0;
- }
-
- if (!_aacs_verify_cert(cert)) {
- BD_DEBUG(DBG_AACS, "Drive certificate signature is invalid\n");
- return 0;
+ return GPG_ERR_UNSUPPORTED_CERT;
}
- return 1;
+ return _aacs_verify_cert(cert);
}
void crypto_aacs_title_hash(const uint8_t *ukf, uint64_t len, uint8_t *hash)
=====================================
src/libaacs/mmc.c
=====================================
@@ -487,9 +487,15 @@ static int _mmc_aacs_auth(MMC *mmc, uint8_t agid, const
uint8_t *host_priv_key,
BD_DEBUG(DBG_MMC, "Drive nonce : %s\n", str_print_hex(str, dn,
20));
}
+ if (mmc->drive_cert[0] == 0x11) {
+ BD_DEBUG(DBG_AACS | DBG_CRIT, "WARNING: Drive is using AACS 2.0
certificate\n");
+ return MMC_ERROR;
+ }
+
// verify drive certificate
- if (!crypto_aacs_verify_drive_cert(mmc->drive_cert)) {
- BD_DEBUG(DBG_MMC | DBG_CRIT, "Drive certificate is invalid\n");
+ crypto_error = crypto_aacs_verify_drive_cert(mmc->drive_cert);
+ if (crypto_error) {
+ LOG_CRYPTO_ERROR(DBG_MMC, "drive certificate signature verification
failed", crypto_error);
return MMC_ERROR;
}
@@ -702,6 +708,7 @@ int mmc_read_auth(MMC *mmc, const uint8_t *host_priv_key,
const uint8_t *host_ce
int mmc_read_drive_cert(MMC *mmc, uint8_t *drive_cert)
{
uint8_t buf[116];
+ int crypto_error;
if (mmc->drive_cert[0] == 0x01) {
memcpy(drive_cert, mmc->drive_cert, 92);
@@ -719,8 +726,9 @@ int mmc_read_drive_cert(MMC *mmc, uint8_t *drive_cert)
return MMC_ERROR;
}
- if (!crypto_aacs_verify_drive_cert(buf + 4)) {
- BD_DEBUG(DBG_MMC | DBG_CRIT, "Drive certificate is invalid\n");
+ crypto_error = crypto_aacs_verify_drive_cert(buf + 4);
+ if (crypto_error) {
+ LOG_CRYPTO_ERROR(DBG_MMC, "drive certificate signature verification
failed", crypto_error);
return MMC_ERROR;
}
View it on GitLab:
https://code.videolan.org/videolan/libaacs/-/compare/1812614a53fc6971cdf55e8da68232b329fef877...3f006c7add1e0cad2d10a8539fd035998f89d326
--
View it on GitLab:
https://code.videolan.org/videolan/libaacs/-/compare/1812614a53fc6971cdf55e8da68232b329fef877...3f006c7add1e0cad2d10a8539fd035998f89d326
You're receiving this email because of your account on code.videolan.org.
_______________________________________________
libaacs-devel mailing list
libaacs-devel@videolan.org
https://mailman.videolan.org/listinfo/libaacs-devel
