Merge ad33aea18d into e509b7d520

The Kobo Desktop program will (when running under Wine on Linux) put all
of its data in the current working directory. This means that there
may be more than one Kobo.sqlite floating around by the user, which
leads to Obok showing an outdated list of books and the user being
confused by Obok cannot find the full list of books.

Solving this completely appears to be a bit too complicated, so this
patch is a best-effort improvement for the worst cases which can be
caused by this:

 1. If the user deletes the files but Obok has already cached the path,
    previously Obok would just error out rather than trying to search
    for a new Kobo.sqlite path and updating the cache.

 2. We search $HOME before searching /, which speeds up initial usage of
    Obok in the common case (usually Kobo Desktop will be installed in
    ~/.wine/drive_c) and also ensures that we correctly preference the
    current user's Kobo Desktop installation.

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>

CHANGELOG.md

@@ -99,4 +99,6 @@ This is v10.0.9, a release candidate for v10.1.0. I don't expect there to be maj
 
 ## Fixes on master (not yet released):
 
-- (none)
+- Fix a bug where decrypting a 40-bit RC4 pdf with R=2 didn't work.
+- Fix a bug where decrypting a 256-bit AES pdf with V=5 didn't work.
+- Fix bugs in kgenpids.py and kindlekey.py that caused it to fail on Python 2 (#380).

DeDRM_plugin/ineptpdf.py

@@ -1366,14 +1366,14 @@ class PDFDocument(object):
 
     def process_with_aes(self, key, encrypt, data, repetitions = 1, iv = None):
         if iv is None:
-            keylen = len(key)
-            iv = bytes([0x00]*keylen)
+            iv = bytes(bytearray(16))
+
+        aes = AES.new(key, AES.MODE_CBC, iv)
 
         if not encrypt:
-            plaintext = AES.new(key,AES.MODE_CBC,iv, True).decrypt(data)
+            plaintext = aes.decrypt(data)
             return plaintext
         else:
-            aes = AES.new(key, AES.MODE_CBC, iv, False)
             new_data = bytes(data * repetitions)
             crypt = aes.encrypt(new_data)
             return crypt
@@ -1394,10 +1394,18 @@ class PDFDocument(object):
                     raise Exception("K1 < 32 ...")
                 #def process_with_aes(self, key: bytes, encrypt: bool, data: bytes, repetitions: int = 1, iv: bytes = None):
                 E = self.process_with_aes(K[:16], True, K1, 64, K[16:32])
-                K = (hashlib.sha256, hashlib.sha384, hashlib.sha512)[sum(E) % 3](E).digest()
+                E = bytearray(E)
+
+                E_mod_3 = 0
+                for i in range(16):
+                    E_mod_3 += E[i]
+
+                E_mod_3 %= 3
+
+                K = (hashlib.sha256, hashlib.sha384, hashlib.sha512)[E_mod_3](E).digest()
 
                 if round_number >= 64:
-                    ch = int.from_bytes(E[-1:], "big", signed=False)
+                    ch = E[-1:][0]  # get last byte
                     if ch <= round_number - 32:
                         done = True
 
@@ -1478,14 +1486,23 @@ class PDFDocument(object):
             EncMetadata = b'True'
         if (EncMetadata == ('False' or 'false') or V < 4) and R >= 4:
             hash.update(codecs.decode(b'ffffffff','hex'))
+
+        # Finish hash:
+        hash = hash.digest()
+        
         if R >= 3:
             # 8
             for _ in range(50):
-                hash = hashlib.md5(hash.digest()[:length//8])
-        key = hash.digest()[:length//8]
+                hash = hashlib.md5(hash[:length//8]).digest()
+        if R == 2:
+            # R=2 only uses first five bytes.
+            key = hash[:5]
+        else:
+            key = hash[:length//8]
+
         if R == 2:
             # Algorithm 3.4
-            u1 = ARC4.new(key).decrypt(password)
+            u1 = ARC4.new(key).decrypt(self.PASSWORD_PADDING)
         elif R >= 3:
             # Algorithm 3.5
             hash = hashlib.md5(self.PASSWORD_PADDING) # 2
@@ -1498,6 +1515,7 @@ class PDFDocument(object):
                     k = b''.join(bytes([c ^ i]) for c in key )
                 x = ARC4.new(k).decrypt(x)
             u1 = x+x # 32bytes total
+        
         if R == 2:
             is_authenticated = (u1 == U)
         else:

DeDRM_plugin/kgenpids.py

@@ -53,11 +53,17 @@ def SHA1(message):
 def encode(data, map):
     result = b''
     for char in data:
-        value = char
+        if sys.version_info[0] == 2:
+            value = ord(char)
+        else:
+            value = char
+
         Q = (value ^ 0x80) // len(map)
         R = value % len(map)
-        result += bytes([map[Q]])
-        result += bytes([map[R]])
+
+        result += bytes(bytearray([map[Q]]))
+        result += bytes(bytearray([map[R]]))
+
     return result
 
 # Hash the bytes in data and then encode the digest with the characters in map
@@ -84,8 +90,11 @@ def decode(data,map):
 def getTwoBitsFromBitField(bitField,offset):
     byteNumber = offset // 4
     bitPosition = 6 - 2*(offset % 4)
-    return bitField[byteNumber] >> bitPosition & 3
-
+    if sys.version_info[0] == 2:
+        return ord(bitField[byteNumber]) >> bitPosition & 3
+    else:
+        return bitField[byteNumber] >> bitPosition & 3
+    
 # Returns the six bits at offset from a bit field
 def getSixBitsFromBitField(bitField,offset):
     offset *= 3
@@ -97,7 +106,8 @@ def encodePID(hash):
     global charMap3
     PID = b''
     for position in range (0,8):
-        PID += bytes([charMap3[getSixBitsFromBitField(hash,position)]])
+        PID += bytes(bytearray([charMap3[getSixBitsFromBitField(hash,position)]]))
+        
     return PID
 
 # Encryption table used to generate the device PID
@@ -134,7 +144,7 @@ def generateDevicePID(table,dsn,nbRoll):
         index = (index+1) %8
     for counter in range (0,8):
         index = ((((pid[counter] >>5) & 3) ^ pid[counter]) & 0x1f) + (pid[counter] >> 7)
-        pidAscii += bytes([charMap4[index]])
+        pidAscii += bytes(bytearray([charMap4[index]]))
     return pidAscii
 
 def crc32(s):
@@ -150,7 +160,7 @@ def checksumPid(s):
     for i in (0,1):
         b = crc & 0xff
         pos = (b // l) ^ (b % l)
-        res += bytes([charMap4[pos%l]])
+        res += bytes(bytearray([charMap4[pos%l]]))
         crc >>= 8
     return res
 
@@ -161,14 +171,17 @@ def pidFromSerial(s, l):
     crc = crc32(s)
     arr1 = [0]*l
     for i in range(len(s)):
-        arr1[i%l] ^= s[i]
+        if sys.version_info[0] == 2:
+            arr1[i%l] ^= ord(s[i])
+        else: 
+            arr1[i%l] ^= s[i]
     crc_bytes = [crc >> 24 & 0xff, crc >> 16 & 0xff, crc >> 8 & 0xff, crc & 0xff]
     for i in range(l):
         arr1[i] ^= crc_bytes[i&3]
     pid = b""
     for i in range(l):
         b = arr1[i] & 0xff
-        pid += bytes([charMap4[(b >> 7) + ((b >> 5 & 3) ^ (b & 0x1f))]])
+        pid += bytes(bytearray([charMap4[(b >> 7) + ((b >> 5 & 3) ^ (b & 0x1f))]]))
     return pid
 
 

DeDRM_plugin/kindlekey.py

@@ -115,11 +115,17 @@ def primes(n):
 def encode(data, map):
     result = b''
     for char in data:
-        value = char
+        if sys.version_info[0] == 2:
+            value = ord(char)
+        else:
+            value = char
+
         Q = (value ^ 0x80) // len(map)
         R = value % len(map)
-        result += bytes([map[Q]])
-        result += bytes([map[R]])
+
+        result += bytes(bytearray([map[Q]]))
+        result += bytes(bytearray([map[R]]))
+
     return result
 
 # Hash the bytes in data and then encode the digest with the characters in map

Obok_plugin/obok/obok.py

@@ -327,36 +327,50 @@ class KoboLibrary(object):
                 elif sys.platform.startswith('darwin'):
                     self.kobodir = os.path.join(os.environ['HOME'], "Library", "Application Support", "Kobo", "Kobo Desktop Edition")
                 elif sys.platform.startswith('linux'):
+                    # Since on Linux, you have to run Kobo Desktop within Wine,
+                    # there is no guarantee where Kobo.sqlite (and the rest of
+                    # the kobo directory) might be.
+                    #
+                    # It should also be noted that Kobo Desktop will store all
+                    # of it files in the current directory where you run it,
+                    # meaning that a user might accidentally create several
+                    # Kobo.sqlite files which are all separate and then be
+                    # confused why Obok can't find any of the new books. Sadly
+                    # there isn't a trivial way to deal with this.
 
-                    #sets ~/.config/calibre as the location to store the kobodir location info file and creates this directory if necessary
-                    kobodir_cache_dir = os.path.join(os.environ['HOME'], ".config", "calibre")
+                    # We cache the kobodir we find in ~/.config/calibre.
+                    kobodir_cache_dir = os.path.join(os.environ['HOME'], ".config", "calibre", "plugins", "obok")
                     if not os.path.isdir(kobodir_cache_dir):
                         os.mkdir(kobodir_cache_dir)
-                    
-                    #appends the name of the file we're storing the kobodir location info to the above path
-                    kobodir_cache_file = str(kobodir_cache_dir) + "/" + "kobo location"
-                    
-                    """if the above file does not exist, recursively searches from the root
-                    of the filesystem until kobodir is found and stores the location of kobodir
-                    in that file so this loop can be skipped in the future"""
-                    original_stdout = sys.stdout
-                    if not os.path.isfile(kobodir_cache_file):
-                        for root, dirs, files in os.walk('/'):
-                            for file in files:
-                                if file == 'Kobo.sqlite':
-                                    kobo_linux_path = str(root)
-                                    with open(kobodir_cache_file, 'w') as f:
-                                        sys.stdout = f
-                                        print(kobo_linux_path, end='')
-                                        sys.stdout = original_stdout
+                    kobodir_cache_file = os.path.join(kobodir_cache_dir, "kobo-location")
 
-                    f = open(kobodir_cache_file, 'r' )
-                    self.kobodir = f.read()
+                    try:
+                        # If the cached version exists and the path does really
+                        # contain Kobo.sqlite, use that.
+                        with open(kobodir_cache_file, "r") as f:
+                            cached_kobodir = f.read().strip()
+                            assert os.path.isfile(os.path.join(cached_kobodir, "Kobo.sqlite"))
+                            self.kobodir = cached_kobodir
+                    except (AssertionError, FileNotFoundError):
+                        # If there was no cached version, search the entire
+                        # filesystem tree for a directory containing
+                        # "Kobo.sqlite".
+                        #
+                        # We first search $HOME to avoid picking another user's
+                        # Kobo.sqlite file, but then fallback to / if there was
+                        # nothing in $HOME.
+                        for candidate_root in (os.environ["HOME"], "/"):
+                            for root, _, files in os.walk(candidate_root):
+                                if "Kobo.sqlite" in files:
+                                    with open(kobodir_cache_file, "w") as f:
+                                        f.write("%s/\n" % (root,))
+                                    self.kobodir = root
+                                    break
 
-            # desktop versions use Kobo.sqlite
+            # Desktop versions use Kobo.sqlite.
             kobodb = os.path.join(self.kobodir, "Kobo.sqlite")
             # check for existence of file
-            if (not(os.path.isfile(kobodb))):
+            if not os.path.isfile(kobodb):
                 # give up here, we haven't found anything useful
                 self.kobodir = u""
                 kobodb  = u""
@@ -430,7 +444,7 @@ class KoboLibrary(object):
         macaddrs = []
         if sys.platform.startswith('win'):
             c = re.compile('\s?(' + '[0-9a-f]{2}[:\-]' * 5 + '[0-9a-f]{2})(\s|$)', re.IGNORECASE)
-            try: 
+            try:
                 output = subprocess.Popen('ipconfig /all', shell=True, stdout=subprocess.PIPE, text=True).stdout
                 for line in output:
                     m = c.search(line)