libaacs | branch: master | npzacs <[email protected]> | Sun May 6 21:56:05 2012 +0300| [ec918064cdc8f3d0101ee741293b4a5d8fa26ec6] | committer: npzacs
Added mkb_host_cert_is_revoked() and mkb_drive_cert_is_revoked() > http://git.videolan.org/gitweb.cgi/libaacs.git/?a=commit;h=ec918064cdc8f3d0101ee741293b4a5d8fa26ec6 --- src/libaacs/mkb.c | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++--- src/libaacs/mkb.h | 3 ++ src/util/macro.h | 3 ++ 3 files changed, 73 insertions(+), 4 deletions(-) diff --git a/src/libaacs/mkb.c b/src/libaacs/mkb.c index 2bb7957..fa7d2c9 100644 --- a/src/libaacs/mkb.c +++ b/src/libaacs/mkb.c @@ -151,17 +151,25 @@ const uint8_t *mkb_type_and_version_record(MKB *mkb) const uint8_t *mkb_host_revokation_entries(MKB *mkb, size_t *len) { const uint8_t *rec = _record(mkb, 0x21, len); - *len -= 4; - return rec + 4; + if (rec) { + rec += 4; + *len -= 4; + } + + return rec; } const uint8_t *mkb_drive_revokation_entries(MKB *mkb, size_t *len) { const uint8_t *rec = _record(mkb, 0x20, len); - *len -= 4; - return rec + 4; + if (rec) { + rec += 4; + *len -= 4; + } + + return rec; } const uint8_t *mkb_subdiff_records(MKB *mkb, size_t *len) @@ -193,3 +201,58 @@ const uint8_t *mkb_signature(MKB *mkb, size_t *len) return rec + 4; } + +static int _cert_is_revoked(const uint8_t *rl, size_t rl_size, const uint8_t *cert_id_bin) +{ + if (rl) { + uint64_t cert_id = MKINT_BE48(cert_id_bin); + /*int total = MKINT_BE32(rl);*/ + int entries = MKINT_BE32(rl + 4); + int ii; + + size_t len = 4 + 4 + 8 * entries + 40; + if (len > rl_size) { + DEBUG(DBG_MKB, "revocation list size mismatch\n"); + return -1; + } + + rl += 8; + for (ii=0; ii < entries; ii++) { + uint16_t len = MKINT_BE16(rl); + uint64_t id = MKINT_BE48(rl + 2); + if (cert_id >= id && cert_id <= id + len) { + DEBUG(DBG_MKB, "Certificate %12llx has been revoked\n", (unsigned long long)cert_id); + return 1; + } + rl += 8; + } + } + + return 0; +} + +int mkb_host_cert_is_revoked(MKB *mkb, const uint8_t *cert_id) +{ + if (mkb) { + size_t rl_size = 0; + const uint8_t *rl = mkb_host_revokation_entries(mkb, &rl_size); + if (rl) { + return _cert_is_revoked(rl, rl_size, cert_id); + } + } + + return -1; +} + +int mkb_drive_cert_is_revoked(MKB *mkb, const uint8_t *cert_id) +{ + if (mkb) { + size_t rl_size = 0; + const uint8_t *rl = mkb_drive_revokation_entries(mkb, &rl_size); + if (rl) { + return _cert_is_revoked(rl, rl_size, cert_id); + } + } + + return -1; +} diff --git a/src/libaacs/mkb.h b/src/libaacs/mkb.h index 4b2e08f..44d494e 100644 --- a/src/libaacs/mkb.h +++ b/src/libaacs/mkb.h @@ -55,6 +55,9 @@ AACS_PRIVATE const uint8_t *mkb_mk_dv(MKB *mkb); // returns MKB signature AACS_PRIVATE const uint8_t *mkb_signature(MKB *mkb, size_t *len); +AACS_PRIVATE int mkb_host_cert_is_revoked(MKB *mkb, const uint8_t *cert_id); +AACS_PRIVATE int mkb_drive_cert_is_revoked(MKB *mkb, const uint8_t *cert_id); + /* The Media Key block is of variable size but must be a multiple of 4 * MKB Structure: * Type and Version record (12 bytes) diff --git a/src/util/macro.h b/src/util/macro.h index ccb152a..d40885c 100644 --- a/src/util/macro.h +++ b/src/util/macro.h @@ -30,6 +30,9 @@ #define MKINT_BE16(X) ( (X)[0] << 8 | (X)[1] ) #define MKINT_BE24(X) ( (X)[0] << 16 | (X)[1] << 8 | (X)[2] ) #define MKINT_BE32(X) ( (X)[0] << 24 | (X)[1] << 16 | (X)[2] << 8 | (X)[3] ) +#define MKINT_BE48(X) ( (uint64_t)((X)[0]) << 40 | (uint64_t)((X)[1]) << 32 | (uint64_t)((X)[2]) << 24 | \ + (uint64_t)((X)[3]) << 16 | (uint64_t)((X)[4]) << 8 | (uint64_t)((X)[5]) ) + #define X_FREE(X) do { if (X) free(X); X = NULL; } while(0) #endif /* MACRO_H_ */ _______________________________________________ libaacs-devel mailing list [email protected] http://mailman.videolan.org/listinfo/libaacs-devel
