Doesn't seem to function with Vivlio-2.2.1?
Prentio opened this issue · 9 comments
Hi,
LinuxMint here, with Vivlio-2.2.1.appimage (the latest available on website). After struggling quite a bit with instructions (I am FAR from being an expert at computing…), I received what I assume is the userkey (image attached).
So I typed the command
./lcp-decrypt -userKey 308201c83081b102010 […] 09b2f6432 avec.epub ohne.epub
Error message was
error: error getting content key: error decrypting key check
Is it simply because I did not identify the userkey properly?
- As a matter of fact, the epub was still in the process of opening when I identified the key (it is a 64Mo textbook with many images though).
- Also, mitmproxy reported several times
warn: 127.0.0.1:48320: Client TLS handshake failed. The client does not trust the proxy's certificate for www.google-analytics.com (OpenSSL Error([('SSLroutines', '', 'sslv3 alert certificate unknown')]))
Would be happy to provide any other info you require to help (provided I can understand it :-/ )
Cheers for this great programme all the same!
Hey hey,
yeah the instructions are a bit lacking...
The error reporting code was broken in case the key check would fail to decrypt :-/ I pushed a fix, can you try again and tell me if the error message is a bit more informative?
Also, the screenshot that you show does not seem to be the user key call, it's just a call retrieving a CRL file (which is a public certificate revocation list, not related to your account at all). The mitmproxy line that gives your user key probably has lcp/keys?deviceId=... in there (but maybe don't paste it here in clear text, it's supposed to be private 🙃 ). Your user key should be 64 characters long.
Also, how did you manage to download the encrypted epub file? At least for the shop where I'm buying, it's a pretty convoluted process (which I could try to document/automate more).
I've had success using both versions 2.2.1 and 3.3.0 of the Vivlio app.
Hey, sorry I kept you waiting, but I lost hours trying to get to launch Vivlio. Lesson learnt: for the “first” launch of Vivlio (after you deleted all related files on your comp), you must start vivlio without the “--proxy-server=127.0.0.1:8080” bit… Or you'll wait for nothing (sigh).
The error message I get with your new version is
error: error getting content key: error decrypting key check: error creating cipher: crypto/aes: invalid key size 460
But this normal since obviously I'm not using the proper key.
When Vivlio opens I add my book, then I click it and am asked to type my password for the book. I don't have a Vivlio account.
Then the first page appears with an endless spinning wheel for hours.
So I go back to my list of books, and reclick the book, then the book opens fine… Only I still have only one flow in mitmproxy …
… and this flow is the one I pasted a screenshot in my previous message, so no means of finding my key!
Can you think of something I get wrong?
Cheers!
Hmm OK you seem to be going through a slightly different flow than mine. In my case, I open Vivlio, log into the shop where I purchased the book, and it takes care of downloading the epub. I see this download call in mitmproxy and can "replay" it to get the epub file locally. In your case, you already have the epub file and only open it with Vivlio? Could it be than that your book password is the key we should be using, is it 64 character long?
I wonder if the delays you're observing might be linked to not having the mitmproxy CA correctly installed, actually the only call you see if HTTP, not HTTPS. Do you remember copying mitmproxy-ca-cert.pem to /etc/pki/ca-trust/source/anchors/?
Hey: yes, I bought the book from an editor, and it can only be read online, or through vivlio. The password is my email address, so no luck here (I converted it to hex \0/ doubled it up to 64 char, and, weirdly enough… It was not it!!)
As to the mitmproxy CA, er… I just downloaded the file, and I am just running ~/Download/mitmproxy . Had never copied anything.
Now I just did, copied all the mitmproxy-ca-cert*.* I could find to the file you name. Note, I manually created '/ca-trust/source/anchors/', but it didn't change anything either ¿is that how it should be (or is it tantamount to trying to speak Italian when all you have is a Portuguese grammar)?
If you believe that this certificate aspects could be part of the reason mitmproxy doesn't see all that it could see, and still have some patience, go ahead…!
Cheers,
Hey hey, apologies for the late answer
Hmm if you manually created /ca-trust/source/anchors/ then maybe this is not the right way to install CA certs on Linux Mint (I use Fedora here)... Maybe the folder is /usr/share/ca-certificates instead there? Also, you might need to run sudo update-ca-certificates after copying the file. One test you could do to check the configuration is run curl -x 127.0.0.1:8080 https://example.com (assuming mitmproxy is running on port 8080). mitmproxy should display the request correctly. If it doesn't, then we first need to configure mitmproxy correctly before figuring out what else might be wrong :)
Hi, bad news:
I copied all the /home/Prentio/.mitmproxy/ files to all the folders that looked like they contained certificates files, including the one that appeared upon typing sudo update-ca-certificates.
It appears changing the files permissions to 644 (as I found on some Ubuntu help pages) did the trick: after that, curl -x 127.0.0.1:8080 https://example.com (or curl -x 127.0.0.1:8080 https://hotmail.com) returned… nothing, and no longer an error message.
I deleted all vivlio files (otherwise mitmproxy reports no exchanges at all, restarted Vivlio, and, alas, still handshake error message, and still one GET request… and not the one we want. 8080 is the port mitmproxy is listening to.
Would it be a very very silly idea to send you the file privately?
Hmm ok so at this stage it's really a problem with you setting up mitmproxy, there's not much I can do 😬
An alternative might be to try using the Electron dev tools instead (docs: https://www.electronjs.org/docs/latest/tutorial/application-debugging/ , https://www.electronjs.org/docs/latest/tutorial/debugging-main-process ), though I haven't tried this myself. The network inspector there should display all the requests done by the app (no idea if they use the main or web process for that, I'd bet on the web one).
Hey hey, dropping this in case it helps: I bought a book again today, and this time I didn't even have to use the Vivlio app: I could go to my.vivlio.com and download the epub directly from there. Once logged in, open the developer tools (for example with right click->inspect), go to the network tab, and reload the page. You should see the request for the user key somewhere (the one that has a "deviceId=xxxx" parameter).
Hey there, I’m sorry I’d not seen your answer earlier.
No chance here again. I've used the inspect function before. There was no “deviceid” or even no relevant “device” field.
The most interesting file was license.lcpl (below).
I passed all of those possible keys, and others, in lcp-decrypt, including those who couldn’t match (I know nowt at computing but at least I’m persistent…) To no avail, of course: if the key is there, the key is encrypted, and the w3c.org link did not provide any help.
Do you want to continue playing, or are you tired ;-)?
Many thanks for your persistence, anyway!
