diff --git a/requirements.txt b/requirements.txt
index 51ade2c..8b69ddf 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,5 +1,5 @@
pycryptodomex==3.17
-oscrypto==1.3.0
+cryptography==41.0.1
lxml==4.9.2
-requests
-charset-normalizer
\ No newline at end of file
+requests==2.31.0
+charset-normalizer==3.1.0
\ No newline at end of file
diff --git a/setup/libadobe.py b/setup/libadobe.py
index 1d4b75a..a02a368 100644
--- a/setup/libadobe.py
+++ b/setup/libadobe.py
@@ -30,12 +30,10 @@ except ImportError:
#@@CALIBRE_COMPAT_CODE@@
-
from setup.customRSA import CustomRSA
-from oscrypto import keys
-from oscrypto.asymmetric import dump_certificate, dump_private_key
-
+from cryptography.hazmat.primitives.serialization.pkcs12 import load_key_and_certificates
+from cryptography.hazmat.primitives import serialization
VAR_ACS_SERVER_HTTP = "http://adeactivate.adobe.com/adept"
VAR_ACS_SERVER_HTTPS = "https://adeactivate.adobe.com/adept"
@@ -79,7 +77,6 @@ VAR_VER_USE_DIFFERENT_NOTIFICATION_XML_ORDER = 123281
VAR_VER_DEFAULT_BUILD_ID = 78765
-
def are_ade_version_lists_valid():
# These five lists MUST all have the same amount of elements.
# Otherwise that will cause all kinds of issues.
@@ -105,7 +102,6 @@ def are_ade_version_lists_valid():
devkey_bytes = None
-
def get_devkey_path():
global FILE_DEVICEKEY
return FILE_DEVICEKEY
@@ -138,6 +134,7 @@ def createDeviceKeyFile():
f.write(devkey_bytes)
f.close()
+
def int_to_bytes(value, length, big_endian = True):
# Helper function for Python2 only (big endian)
# Python3 uses int.to_bytes()
@@ -151,6 +148,7 @@ def int_to_bytes(value, length, big_endian = True):
return result
+
def get_mac_address():
mac1 = getnode()
mac2 = getnode()
@@ -166,9 +164,6 @@ def get_mac_address():
return int_to_bytes(mac1, 6)
-
-
-
def makeSerial(random):
# type: (bool) -> str
@@ -207,6 +202,7 @@ def makeSerial(random):
return sha_out
+
def makeFingerprint(serial):
# type: (str) -> str
@@ -278,6 +274,7 @@ def sendHTTPRequest_DL2FILE(URL, outputfile):
return 200
+
def sendHTTPRequest_getSimple(URL):
# type: (str) -> str
@@ -311,6 +308,7 @@ def sendHTTPRequest_getSimple(URL):
return content
+
def sendPOSTHTTPRequest(URL, document, type, returnRC = False):
# type: (str, bytes, str, bool) -> str
@@ -388,6 +386,7 @@ def sendRequestDocu(document, URL):
# type: (str, str) -> str
return sendPOSTHTTPRequest(URL, document.encode("utf-8"), "application/vnd.adobe.adept+xml", False)
+
def sendRequestDocuRC(document, URL):
# type: (str, str) -> str
return sendPOSTHTTPRequest(URL, document.encode("utf-8"), "application/vnd.adobe.adept+xml", True)
@@ -486,10 +485,8 @@ def addNonce():
def get_cert_from_pkcs12(_pkcs12, _key):
- _, cert, _ = keys.parse_pkcs12(_pkcs12, _key)
- return dump_certificate(cert, encoding="der")
-
-
+ _, cert, _ = load_key_and_certificates(_pkcs12, _key)
+ return cert.public_bytes(encoding=serialization.Encoding.DER)
def sign_node(node):
@@ -517,22 +514,23 @@ def sign_node(node):
return None
my_pkcs12 = base64.b64decode(pkcs12)
- my_priv_key, _, _ = keys.parse_pkcs12(my_pkcs12, base64.b64encode(devkey_bytes))
- my_priv_key = dump_private_key(my_priv_key, None, "der")
+ my_priv_key, _, _ = load_key_and_certificates(my_pkcs12, base64.b64encode(devkey_bytes))
+ my_priv_key = my_priv_key.private_bytes(
+ encoding=serialization.Encoding.DER,
+ format=serialization.PrivateFormat.PKCS8,
+ encryption_algorithm=serialization.NoEncryption()
+ )
+
# textbook RSA with that private key
-
block = CustomRSA.encrypt_for_adobe_signature(my_priv_key, sha_hash)
signature = base64.b64encode(block).decode()
# Debug
# print("sig is %s\n" % block.hex())
-
return signature
-
-
def hash_node(node):
hash_ctx = SHA.new()
@@ -540,7 +538,6 @@ def hash_node(node):
return hash_ctx
-
ASN_NONE = 0
ASN_NS_TAG = 1 # aka "BEGIN_ELEMENT"
ASN_CHILD = 2 # aka "END_ATTRIBUTES"
@@ -629,12 +626,9 @@ def hash_node_ctx(node, hash_ctx):
# If there's child nodes, hash these as well.
hash_node_ctx(child, hash_ctx)
-
-
hash_do_append_tag(hash_ctx, ASN_END_TAG)
-
def hash_do_append_string(hash_ctx, string):
# type: (SHA.SHA1Hash, str) -> None
@@ -650,6 +644,7 @@ def hash_do_append_string(hash_ctx, string):
hash_do_append_raw_bytes(hash_ctx, [len_upper, len_lower])
hash_do_append_raw_bytes(hash_ctx, str_bytes)
+
def hash_do_append_tag(hash_ctx, tag):
# type: (SHA.SHA1Hash, int) -> None
@@ -658,6 +653,7 @@ def hash_do_append_tag(hash_ctx, tag):
hash_do_append_raw_bytes(hash_ctx, [tag])
+
def hash_do_append_raw_bytes(hash_ctx, data):
# type: (SHA.SHA1Hash, bytes) -> None
hash_ctx.update(bytearray(data))
diff --git a/setup/libadobeFulfill.py b/setup/libadobeFulfill.py
index b636288..2d2c57e 100644
--- a/setup/libadobeFulfill.py
+++ b/setup/libadobeFulfill.py
@@ -14,12 +14,10 @@ from setup.libadobe import VAR_VER_BUILD_IDS, VAR_VER_USE_DIFFERENT_NOTIFICATION
def buildFulfillRequest(acsm):
adNS = lambda tag: '{%s}%s' % ('http://ns.adobe.com/adept', tag)
-
activationxml = etree.parse(get_activation_xml_path())
devicexml = etree.parse(get_device_path())
-
user_uuid = activationxml.find("./%s/%s" % (adNS("credentials"), adNS("user"))).text
device_uuid = activationxml.find("./%s/%s" % (adNS("activationToken"), adNS("device"))).text
try:
@@ -36,8 +34,6 @@ def buildFulfillRequest(acsm):
fingerprint = devicexml.find("./%s" % (adNS("fingerprint"))).text
device_type = devicexml.find("./%s" % (adNS("deviceType"))).text
-
-
version = None
clientOS = None
clientLocale = None
@@ -101,11 +97,8 @@ def buildFulfillRequest(acsm):
request += ""
request += ""
return request, True
-
-
-
def buildInitLicenseServiceRequest(authURL):
# type: (str) -> str
@@ -166,6 +159,7 @@ def getDecryptedCert(pkcs12_b64_string = None):
except:
return None
+
def buildAuthRequest():
activationxml = etree.parse(get_activation_xml_path())
@@ -185,7 +179,6 @@ def buildAuthRequest():
ret += "%s\n" % (activationxml.find("./%s/%s" % (adNS("credentials"), adNS("authenticationCertificate"))).text)
ret += ""
-
return ret
@@ -197,12 +190,10 @@ def doOperatorAuth(operatorURL):
if auth_req is None:
return "Failed to create auth request"
-
authURL = operatorURL
if authURL.endswith("Fulfill"):
authURL = authURL.replace("/Fulfill", "")
-
replyData = sendRequestDocu(auth_req, authURL + "/Auth").decode("utf-8")
if not " str
@@ -250,7 +239,6 @@ def operatorAuth(operatorURL):
except:
pass
-
ret = doOperatorAuth(operatorURL)
if (ret is not None):
return "doOperatorAuth error: %s" % ret
@@ -276,7 +264,6 @@ def operatorAuth(operatorURL):
return None
-
def buildRights(license_token_node):
ret = "\n"
ret += "\n"
@@ -488,7 +475,6 @@ def fulfill(acsm_file, do_notify = False):
return True, replyData
-
def updateLoanReturnData(fulfillmentResultToken, forceTestBehaviour=False):
NSMAP = { "adept" : "http://ns.adobe.com/adept" }
@@ -558,8 +544,6 @@ def updateLoanReturnData(fulfillmentResultToken, forceTestBehaviour=False):
return True
-
-
def addLoanRecordToConfigFile(new_loan_record):
@@ -570,7 +554,6 @@ def addLoanRecordToConfigFile(new_loan_record):
print("Exception while reading config file")
return False
-
error_counter = 0
last_token = None
random_identifier = None
@@ -646,7 +629,6 @@ def addLoanRecordToConfigFile(new_loan_record):
def tryReturnBook(bookData):
-
verbose_logging = False
try:
import calibre_plugins.deacsm.prefs as prefs
@@ -655,7 +637,6 @@ def tryReturnBook(bookData):
except:
pass
-
try:
user = bookData["user"]
loanID = bookData["loanID"]
@@ -711,7 +692,6 @@ def tryReturnBook(bookData):
return False, retval
-
def performFulfillmentNotification(fulfillmentResultToken, forceOptional = False, user = None, device = None):
verbose_logging = False
@@ -894,8 +874,6 @@ def performFulfillmentNotification(fulfillmentResultToken, forceOptional = False
return False, errmsg
-
-
def fetchLicenseServiceCertificate(licenseURL, operatorURL):
# Check if we already have a cert for this URL:
@@ -956,6 +934,3 @@ def fetchLicenseServiceCertificate(licenseURL, operatorURL):
f.close()
return True, "Done"
-
-
-