libaacs | branch: master | npzacs <[email protected]> | Sat Sep 24 16:54:44 2011 +0300| [eaf3b10dc62587cf31c1e0860ae6a0ead097ef9a] | committer: npzacs
Verify host certificate before using it > http://git.videolan.org/gitweb.cgi/libaacs.git/?a=commit;h=eaf3b10dc62587cf31c1e0860ae6a0ead097ef9a --- src/libaacs/aacs.c | 13 +++++++++++++ 1 files changed, 13 insertions(+), 0 deletions(-) diff --git a/src/libaacs/aacs.c b/src/libaacs/aacs.c index 0800006..a5e87ae 100644 --- a/src/libaacs/aacs.c +++ b/src/libaacs/aacs.c @@ -190,6 +190,19 @@ static int _calc_vuk(AACS *aacs, const char *path) hccursor->host_priv_key); hexstring_to_hex_array(cert, sizeof(cert), hccursor->host_cert); + if (!crypto_aacs_verify_host_cert(cert)) { + char str[2*92+1]; + DEBUG(DBG_AACS, "Not using invalid host certificate %s.\n", + print_hex(str, cert, 92)); + + hccursor = hccursor->next; + continue; + } + + char id_str[20]; + DEBUG(DBG_AACS, "Trying host certificate (id 0x%s)...\n", + print_hex(id_str, cert + 4, 6)); + if ((mmc = mmc_open(path, priv_key, cert))) { if (mmc_read_vid(mmc, aacs->vid)) { gcry_cipher_hd_t gcry_h; _______________________________________________ libaacs-devel mailing list [email protected] http://mailman.videolan.org/listinfo/libaacs-devel
