By way of a concrete reverse-engineering contribution, I have successfully circumvented Adobe's ADEPT DRM scheme for EPUB files. The same circumvention probably also allows decryption of ADEPT-encrypted PDF files, although I haven't looked into it yet.
ADEPT is pretty close to faultless as a crypto system -- a per-user RSA key encrypts a per-book AES key which encrypts the content. It uses AES in CBC mode with a random IV. It uses RSA with PKCS#1 v1.5 padding, which is perfectly adequate for this case. Unfortunately for Adobe, this isn't a crypto system, but a DRM system. DRM systems ultimately depend not on the strength of their cryptography, but the complexity of their obfuscation. There is very little obfuscation in how Adobe Digital Editions hides and encrypts the per-user RSA key, allowing fairly simple duplication of exactly the same process Digital Editions uses to retrieve it.
In practical terms, this breaks ADEPT circumvention into two components: key retrieval and decryption. Key retrieval depends only on the details of Digital Editions and can change seamlessly with an update to the same. Decryption however is a property of the architecture of the system as a whole. Preventing circumventing decryption with previously retrieved keys would require changes to both DE and Adobe Content Server and would take quite some time to propagate to all ACS customers. The upshot being that if you want to decrypt ADEPT books in the future, grab your key now -- no garauntees that you'll be able to do so in the future, but a previously-retrieved key should keep on working.
Here are the scripts:
Key-retrieval script: http://pastebin.com/f26972321 (version 3)
Decryption script: http://pastebin.com/f28fdd6b3 (version 2)
To use, install Python 2.6 and PyCrypto, run the key-retrieval script, then run the decryption script using the retrieved key.
And on a preachy note, please don't be a jerk with these. DRM is bad, but piracy is wrong kids, and only validates the opinions of those who think they need DRM in the first place.
Edit: script links will change reflect dropped pastebins and new versions.
Wednesday, February 18, 2009
Subscribe to:
Post Comments (Atom)
50 comments:
This is very cool. What needs to be done to get it to work with encrypted PDF files as well? That would be awesome.
More interesting discussion on this at:
http://www.mobileread.com/forums/showthread.php?t=39423
Thank you! Excellent work.
Especiallyfor releasing Python code and not some worrysome .exe (which I would never run).
I have a fairly long email address and I am sick to death of typing it in to view encrypted e-books that I have legitimately purchased.
Here's hoping this will free me from that burden. Going to give your scripts a try.
I understand that this does/may also work for ADEPT-encrypted PDF files. But Adobe also encrypt pdf files using Adobe Policy Server - Is that the same system and does this therfore also work for them?
Any suggestions on how to use these scripts under Mac OS X? :)
I have used your scripts with great success. I recently ran into two library books that it didn't decrypt. I was able to decrypt books by the same publisher. Any idea what this could be?
Dude, you're my hero!!!!!
I wanted to use this for an epub-Book that I had bought and couldn't convert to .prc for my Kindle 2. I followed the instructions but get an error running the .pyw file. Where did I make a mistake?
Traceback (most recent call last):
File "C:\Users\HGS\Desktop\DRM key\ineptkey.pyw", line 198, in main
retrieve_key(keypath)
File "C:\Users\HGS\Desktop\DRM key\ineptkey.pyw", line 140, in retrieve_key
vendor = cpuid0()
File "C:\Users\HGS\Desktop\DRM key\ineptkey.pyw", line 103, in cpuid0
cpuid0__(buffer)
WindowsError: exception: access violation writing 0x01B37F08
I encountered the same problem as Hans did when running the ineptkey script:
Traceback (most recent call last):
File "C:\Python26\ineptkey.pyw", line 198, in main
retrieve_key(keypath)
File "C:\Python26\ineptkey.pyw", line 140, in retrieve_key
vendor = cpuid0()
File "C:\Python26\ineptkey.pyw", line 103, in cpuid0
cpuid0__(buffer)
WindowsError: exception: access violation writing 0x0197B400
Anybody reading / editing this blog?
I had similar errors and via debugging realized that this python script is generating a short chunk of 32-bit x86 assembly code and executing it to call the cpuid opcode of the processor. I was running python AMD64 version, so I switched to the 32-bit python and it worked.
Don
I must confess that goes over my head.
I have a Pentium DualCore D805. But that is all I know, I just followed the instructions.
1. Uninstall whatever version of python you have instealled.
2. Download 32-bit python from here: http://www.python.org/ftp/python/2.6.2/python-2.6.2.msi.
3. Install it.
4. Now try running the script.
5. Report back the results.
Same thing. I assume the book with the DRM should be in the same directory as the ineptkey.pyw. Or doesn't it matter?
Traceback (most recent call last):
File "C:\Users\HGS\Desktop\Kindle\DRM key\ineptkey.pyw", line 198, in main
retrieve_key(keypath)
File "C:\Users\HGS\Desktop\Kindle\DRM key\ineptkey.pyw", line 140, in retrieve_key
vendor = cpuid0()
File "C:\Users\HGS\Desktop\Kindle\DRM key\ineptkey.pyw", line 103, in cpuid0
cpuid0__(buffer)
WindowsError: exception: access violation writing 0x01BF7F08
I have an adobe digital editions encrypted PDF file that this is not working on. It says "Error: it is not a zip file" and then crashes out.
HELP!!!
Hi! Wanted to give this a try so I could then convert my epub book to pdf but the scripts seem to be down...
They are up for me. Have to copy the second script, not the one with the numbers on the lines.
Hello, I am still not clear about this.
Does this work on PDF ebook downloaded from Amazon?
I have some PDF ebooks that I cant read now because of I have formatted my laptop, and when I try to activate, it says that I could never do that, ever!
Any help with OS X users?
Thanks, you just made my life easier. The drm-free book works perfectly on my ereader now.
clear instructions, installed, but when experimenting with a freebie from the Adobe Digital Editions (v1.7.1) Library - it returns... "not an ADEPT EPUB"
-
does this mean that the arms race continues?
Thank you for this, I appreciate it greatly!
I would also like to get a word on possible command-line usage under Mac OS X.
I can finally read my adobe protected epubs on my irex Iliad!
Thanks you, you made my month.
I have exported the key and am getting an error when I attempt to decrypt the file.
"Error: File is not a zip file"... any ideas?
I am trying to decrypt an Adobe Digital Editions file so that I can move it from my old computer to my new one...
Hi there - any chance of altering the links to the scripts or re-posting etc as the pastebin links are now inactive?
Many Thanks in advance
Andy
I agree with Andy. Where can we now find the scripts? Hopefully they're still available. Jim A.
update if anyone's interested the scripts are now here after this site recieved a takedown notice:
rs770.rapidshare.com/files/207513969/adobe.adept.original_post.7z
Like Nexus I also got the message "not an ADEPT EPUB". The reason is in my case that the ePub archive no longer contains the file "rights.xml". But since I have no other ePub that contains a "rights.xml" file, I don't know how to proceed. Is there anyone who has a "rights.xml" file ?
"error unexpected eof" is the message I get when I try to run the ineptpdf decryptor on an epub document...I have the keys generated am I using the correct script for an epub file....clueless
Same error as Dreamweaver :
1) I get the key with ineptkey.pyw
2) Then I try to remove the DRM from the epub file with ineptpdf.pyw
3) And it fails with the error : "Error : Unexpected EOF"
The script only proposes to list PDF files, not the epub ones. Is this the normal behavior ?
Additional information on the error :
The ebook is 970.691 bytes long.
The message occurs on nextline() function with linepos variable value 970630
I hope it can help discovering what is going wrong ...
Some informations on the ebook :
- I bought it 2 days ago from a French retailer
- and I can read it both on my PC and on my MAC with ADE 1.7.1
- I don't want to activate my ebook device, so I can't read it on the device
The answer is to use the ineptepub.pyw (v2) instead of the ineptpdf.pyw (v2)
To find the script, just look for ineptepub.pyw on Google
Scripts work great, i decrypted some ebooks and it works great, the DRM is REMOVED!!
Thou the script fail to decrypt some ebooks, the decrypted ebook seems to be corrupted when i try to open it in my reader.
i've dl-ed all necessary software (plus numerous others before i came across this piece), but i'm not sure i'm even half successful. >.< this is driving me insane!
please advise, is there a new script arn or am i doing this wrong? i've to confess that although i read each word dutifully, all the tech terms and discussion passes through me like water -__-
i run Python (command line) and type in the script as available on this post.. and it comes up "SyntaxError: invalid syntax"
any help will be much appreciated.
Does anybody know of a solution for OS X users please?
Works great for most books, thanks!
Last book I tried didn't work though: I got a "root object missing" error when I tried to open it. Is there any solution for this?
Rumor has it that the privateLicense key on OS X is not obfuscated, but lives in a file called activation.dat in base64 format. In theory, openssl could be used to convert it to der format for use with the python scripts.
In theory, of course.
THIS. IS. GREAT!
1. Installed Adobe Digital Editions and registered the machine.
2. Installed Python and PyCrypto (links above)
3. Downloaded and renamed original Scripts (link in comments).
4. Ran ineptkey.pyw.
Key was fetched and saved.
Hooray. No problems in the future with DRM anymore.
Fuzzy warm feelings inside...
5. Googled and Downloaded ineptepub.pyw (since I wanted to decrypt an epub, not a pdf).
6. Ran ineptepub.pyw.
epub was decrypted and saved.
Testes with Stanza and works *just great* on iPhone.
You guys are the best!!!!
Hey there. Sorry to be such a dork, but how do I operate all those tools? Is there a command string? How do I "run" ineptkey??
> How do I "run" ineptkey??
You double click on it???
I've made myself a little manual.
Maybe it helps somebody else: http://know-how.posterous.com/free-epubs-from-adobe-adept-drm
well, nothing happens when I do that
I mean, I copy all the files (the Crypto folder, the two scripts, and the PDF) into the Python folder on my C drive (we're talking windows XP now). I doubleclick ineptkey - and nothing happens - the script is apparently hyper-quickly run in the background, but no adeptkey file appears.
Dude thank you for this, you are an absolute life saver.
Scripts are no longer available at pastebin.com and rapidshare is requiring a premium membership to access them there. Can somebody point me in another...preferrably free direction to obtain them?
http://www.gorissen.info/Pierre/item/2009/8/26/maak-een-backup-van-je-bol-com-boeken
This is a website in the Dutch language.
Look under "Stap 6)" and hit "deze scripts"
Good luck
Post a Comment