Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Jean-Baptiste Kempf
libaacs
Commits
07e540c9
Commit
07e540c9
authored
Oct 15, 2013
by
npzacs
Browse files
Improved error logging when drive and certificate are incompatible
parent
8564b415
Changes
3
Hide whitespace changes
Inline
Side-by-side
src/libaacs/aacs.c
View file @
07e540c9
...
...
@@ -288,6 +288,7 @@ static int _read_vid(AACS *aacs, cert_list *hcl)
int
error_code
=
AACS_ERROR_NO_CERT
;
MKB
*
hrl_mkb
=
_get_hrl_mkb
(
mmc
);
const
uint8_t
*
drive_cert
=
mmc_get_drive_cert
(
mmc
);
for
(;
hcl
&&
hcl
->
host_priv_key
&&
hcl
->
host_cert
;
hcl
=
hcl
->
next
)
{
...
...
@@ -302,13 +303,19 @@ static int _read_vid(AACS *aacs, cert_list *hcl)
continue
;
}
if
(
mkb_host_cert_is_revoked
(
hrl_mkb
,
cert
+
4
))
{
if
(
mkb_host_cert_is_revoked
(
hrl_mkb
,
cert
+
4
)
>
0
)
{
DEBUG
(
DBG_AACS
|
DBG_CRIT
,
"Host certificate %s has been revoked.
\n
"
,
print_hex
(
tmp_str
,
cert
+
4
,
6
));
error_code
=
AACS_ERROR_CERT_REVOKED
;
//continue;
}
if
(
drive_cert
&&
(
drive_cert
[
1
]
&
0x01
)
&&
!
(
cert
[
1
]
&
0x01
))
{
DEBUG
(
DBG_AACS
,
"Certificate (id 0x%s) does not support bus encryption
\n
"
,
print_hex
(
tmp_str
,
cert
+
4
,
6
));
//continue;
}
DEBUG
(
DBG_AACS
,
"Trying host certificate (id 0x%s)...
\n
"
,
print_hex
(
tmp_str
,
cert
+
4
,
6
));
...
...
@@ -392,6 +399,7 @@ static int _read_pmsn(AACS *aacs, cert_list *hcl)
}
int
error_code
=
AACS_ERROR_NO_CERT
;
const
uint8_t
*
drive_cert
=
mmc_get_drive_cert
(
mmc
);
for
(;
hcl
&&
hcl
->
host_priv_key
&&
hcl
->
host_cert
;
hcl
=
hcl
->
next
)
{
...
...
@@ -406,6 +414,12 @@ static int _read_pmsn(AACS *aacs, cert_list *hcl)
continue
;
}
if
(
drive_cert
&&
(
drive_cert
[
1
]
&
0x01
)
&&
!
(
cert
[
1
]
&
0x01
))
{
DEBUG
(
DBG_AACS
,
"Certificate (id 0x%s) does not support bus encryption
\n
"
,
print_hex
(
tmp_str
,
cert
+
4
,
6
));
//continue;
}
DEBUG
(
DBG_AACS
,
"Trying host certificate (id 0x%s)...
\n
"
,
print_hex
(
tmp_str
,
cert
+
4
,
6
));
...
...
src/libaacs/mmc.c
View file @
07e540c9
...
...
@@ -1040,7 +1040,13 @@ static int _mmc_aacs_auth(MMC *mmc, uint8_t agid, const uint8_t *host_priv_key,
// send host cert + nonce
if
(
!
_mmc_send_host_cert
(
mmc
,
agid
,
mmc
->
host_nonce
,
host_cert
))
{
DEBUG
(
DBG_MMC
|
DBG_CRIT
,
"Host key / Certificate has been revoked by your drive ?
\n
"
);
if
((
mmc
->
drive_cert
[
1
]
&
0x01
)
&&
!
(
host_cert
[
1
]
&
0x01
))
{
DEBUG
(
DBG_MMC
|
DBG_CRIT
,
"Certificate (id 0x%s) can not be used with bus encryption capable drive
\n
"
,
print_hex
(
str
,
host_cert
+
4
,
6
));
}
else
{
DEBUG
(
DBG_MMC
|
DBG_CRIT
,
"Host key / Certificate has been revoked by your drive ?
\n
"
);
}
return
MMC_ERROR_CERT_REVOKED
;
}
...
...
@@ -1280,6 +1286,14 @@ int mmc_read_drive_cert(MMC *mmc, uint8_t *drive_cert)
return
MMC_SUCCESS
;
}
const
uint8_t
*
mmc_get_drive_cert
(
MMC
*
mmc
)
{
if
(
mmc
->
drive_cert
[
0
]
==
0x01
)
{
return
mmc
->
drive_cert
;
}
return
NULL
;
}
uint8_t
*
mmc_read_mkb
(
MMC
*
mmc
,
int
address
,
int
*
size
)
{
uint8_t
agid
=
0
;
...
...
src/libaacs/mmc.h
View file @
07e540c9
...
...
@@ -40,6 +40,7 @@ AACS_PRIVATE int mmc_read_pmsn(MMC *mmc, const uint8_t *host_priv_key, const ui
AACS_PRIVATE
int
mmc_read_data_keys
(
MMC
*
mmc
,
const
uint8_t
*
host_priv_key
,
const
uint8_t
*
host_cert
,
uint8_t
*
read_data_key
,
uint8_t
*
write_data_key
);
AACS_PRIVATE
int
mmc_read_drive_cert
(
MMC
*
mmc
,
uint8_t
*
drive_cert
);
AACS_PRIVATE
const
uint8_t
*
mmc_get_drive_cert
(
MMC
*
mmc
);
/* read partial MKB */
AACS_PRIVATE
uint8_t
*
mmc_read_mkb
(
MMC
*
mmc
,
int
address
,
int
*
size
);
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment