libaacs | branch: refs/tags/0.3.0 | npzacs <[email protected]> | Sat Sep 24 16:54:44 2011 +0300| [c2340fad1170c2be918d8a7e0ab70f76fd7a6a47] | committer: Ano Nymous
Verify host certificate before using it > http://git.videolan.org/gitweb.cgi/libaacs.git/?a=commit;h=c2340fad1170c2be918d8a7e0ab70f76fd7a6a47 --- src/libaacs/aacs.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/src/libaacs/aacs.c b/src/libaacs/aacs.c index 0800006..a5e87ae 100644 --- a/src/libaacs/aacs.c +++ b/src/libaacs/aacs.c @@ -190,6 +190,19 @@ static int _calc_vuk(AACS *aacs, const char *path) hccursor->host_priv_key); hexstring_to_hex_array(cert, sizeof(cert), hccursor->host_cert); + if (!crypto_aacs_verify_host_cert(cert)) { + char str[2*92+1]; + DEBUG(DBG_AACS, "Not using invalid host certificate %s.\n", + print_hex(str, cert, 92)); + + hccursor = hccursor->next; + continue; + } + + char id_str[20]; + DEBUG(DBG_AACS, "Trying host certificate (id 0x%s)...\n", + print_hex(id_str, cert + 4, 6)); + if ((mmc = mmc_open(path, priv_key, cert))) { if (mmc_read_vid(mmc, aacs->vid)) { gcry_cipher_hd_t gcry_h; _______________________________________________ libaacs-devel mailing list [email protected] http://mailman.videolan.org/listinfo/libaacs-devel
