Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- AACS 2.0 uses different public keys than AACS 1.0. While public by
- definition, they are not known. Skip content certificate signature
- validation so that AACS 2.0 media can be played under certain
- conditions:
- - "UHD friendly" drive is used, those are AACS 1.0 drives that can
- read UHD media
- - non-revoked AACS 1.0 host certificate is available
- - disc VUK is available
- Official UHD drives, that implement AACS 2.0 will not work. Special
- drive is needed because AACS 2.0 mandates bus encryption. With bus
- encryption, even with valid disc VUK data is still encrypted by the
- drive on the fly. The so called UHD friendly drives bypass that.
- ---
- src/libaacs/content_cert.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
- diff --git a/src/libaacs/content_cert.c b/src/libaacs/content_cert.c
- index 5618ac0..ec0d46d 100644
- --- a/src/libaacs/content_cert.c
- +++ b/src/libaacs/content_cert.c
- @@ -40,7 +40,7 @@ CONTENT_CERT *cc_parse(const void *data, size_t len)
- BD_DEBUG(DBG_AACS | DBG_CRIT, "Invalid content certificate (length %zd < 87)\n", len);
- return NULL;
- }
- - if (p[0] != 0) {
- + if (p[0] != 0 && p[0] != 0x10) {
- BD_DEBUG(DBG_AACS | DBG_CRIT, "Invalid content certificate type 0x%02x\n", p[0]);
- return NULL;
- }
- @@ -58,9 +58,9 @@ CONTENT_CERT *cc_parse(const void *data, size_t len)
- return NULL;
- }
- - /* check signature */
- + /* check signature only for AACS 1.0 content certificates */
- - if (!crypto_aacs_verify_aacscc(p + cert_data_len, p, cert_data_len)) {
- + if (p[0] == 0 && !crypto_aacs_verify_aacscc(p + cert_data_len, p, cert_data_len)) {
- BD_DEBUG(DBG_AACS | DBG_CRIT, "Invalid content certificate signature\n");
- return NULL;
- }
- --
- 2.15.1
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
