librespot_core/
authentication.rs1use std::io::{self, Read};
2
3use aes::Aes192;
4use base64::engine::Engine as _;
5use base64::engine::general_purpose::STANDARD as BASE64;
6use byteorder::{BigEndian, ByteOrder};
7use pbkdf2::pbkdf2_hmac;
8use protobuf::Enum;
9use serde::{Deserialize, Serialize};
10use sha1::{Digest, Sha1};
11use thiserror::Error;
12
13use crate::{Error, protocol::authentication::AuthenticationType};
14
15#[derive(Debug, Error)]
16pub enum AuthenticationError {
17 #[error("unknown authentication type {0}")]
18 AuthType(u32),
19 #[error("invalid key")]
20 Key,
21}
22
23impl From<AuthenticationError> for Error {
24 fn from(err: AuthenticationError) -> Self {
25 Error::invalid_argument(err)
26 }
27}
28
29#[derive(Debug, Clone, Default, Serialize, Deserialize, PartialEq)]
31pub struct Credentials {
32 pub username: Option<String>,
33
34 #[serde(serialize_with = "serialize_protobuf_enum")]
35 #[serde(deserialize_with = "deserialize_protobuf_enum")]
36 pub auth_type: AuthenticationType,
37
38 #[serde(alias = "encoded_auth_blob")]
39 #[serde(serialize_with = "serialize_base64")]
40 #[serde(deserialize_with = "deserialize_base64")]
41 pub auth_data: Vec<u8>,
42}
43
44impl Credentials {
45 pub fn with_password(username: impl Into<String>, password: impl Into<String>) -> Self {
54 Self {
55 username: Some(username.into()),
56 auth_type: AuthenticationType::AUTHENTICATION_USER_PASS,
57 auth_data: password.into().into_bytes(),
58 }
59 }
60
61 pub fn with_access_token(token: impl Into<String>) -> Self {
62 Self {
63 username: None,
64 auth_type: AuthenticationType::AUTHENTICATION_SPOTIFY_TOKEN,
65 auth_data: token.into().into_bytes(),
66 }
67 }
68
69 pub fn with_blob(
70 username: impl Into<String>,
71 encrypted_blob: impl AsRef<[u8]>,
72 device_id: impl AsRef<[u8]>,
73 ) -> Result<Self, Error> {
74 fn read_u8<R: Read>(stream: &mut R) -> io::Result<u8> {
75 let mut data = [0u8];
76 stream.read_exact(&mut data)?;
77 Ok(data[0])
78 }
79
80 fn read_int<R: Read>(stream: &mut R) -> io::Result<u32> {
81 let lo = read_u8(stream)? as u32;
82 if lo & 0x80 == 0 {
83 return Ok(lo);
84 }
85
86 let hi = read_u8(stream)? as u32;
87 Ok(lo & 0x7f | (hi << 7))
88 }
89
90 fn read_bytes<R: Read>(stream: &mut R) -> io::Result<Vec<u8>> {
91 let length = read_int(stream)?;
92 let mut data = vec![0u8; length as usize];
93 stream.read_exact(&mut data)?;
94
95 Ok(data)
96 }
97
98 let username = username.into();
99
100 let secret = Sha1::digest(device_id.as_ref());
101
102 let key = {
103 let mut key = [0u8; 24];
104 if key.len() < 20 {
105 return Err(AuthenticationError::Key.into());
106 }
107
108 pbkdf2_hmac::<Sha1>(&secret, username.as_bytes(), 0x100, &mut key[0..20]);
109
110 let hash = &Sha1::digest(&key[..20]);
111 key[..20].copy_from_slice(hash);
112 BigEndian::write_u32(&mut key[20..], 20);
113 key
114 };
115
116 let blob = {
118 use aes::cipher::generic_array::GenericArray;
119 use aes::cipher::{BlockDecrypt, BlockSizeUser, KeyInit};
120
121 let mut data = BASE64.decode(encrypted_blob)?;
122 let cipher = Aes192::new(GenericArray::from_slice(&key));
123 let block_size = Aes192::block_size();
124
125 for chunk in data.chunks_exact_mut(block_size) {
126 cipher.decrypt_block(GenericArray::from_mut_slice(chunk));
127 }
128
129 let l = data.len();
130 for i in 0..l - 0x10 {
131 data[l - i - 1] ^= data[l - i - 0x11];
132 }
133
134 data
135 };
136
137 let mut cursor = io::Cursor::new(blob.as_slice());
138 read_u8(&mut cursor)?;
139 read_bytes(&mut cursor)?;
140 read_u8(&mut cursor)?;
141 let auth_type = read_int(&mut cursor)?;
142 let auth_type = AuthenticationType::from_i32(auth_type as i32)
143 .ok_or(AuthenticationError::AuthType(auth_type))?;
144 read_u8(&mut cursor)?;
145 let auth_data = read_bytes(&mut cursor)?;
146
147 Ok(Self {
148 username: Some(username),
149 auth_type,
150 auth_data,
151 })
152 }
153}
154
155fn serialize_protobuf_enum<T, S>(v: &T, ser: S) -> Result<S::Ok, S::Error>
156where
157 T: Enum,
158 S: serde::Serializer,
159{
160 serde::Serialize::serialize(&v.value(), ser)
161}
162
163fn deserialize_protobuf_enum<'de, T, D>(de: D) -> Result<T, D::Error>
164where
165 T: Enum,
166 D: serde::Deserializer<'de>,
167{
168 let v: i32 = serde::Deserialize::deserialize(de)?;
169 T::from_i32(v).ok_or_else(|| serde::de::Error::custom("Invalid enum value"))
170}
171
172fn serialize_base64<T, S>(v: &T, ser: S) -> Result<S::Ok, S::Error>
173where
174 T: AsRef<[u8]>,
175 S: serde::Serializer,
176{
177 serde::Serialize::serialize(&BASE64.encode(v.as_ref()), ser)
178}
179
180fn deserialize_base64<'de, D>(de: D) -> Result<Vec<u8>, D::Error>
181where
182 D: serde::Deserializer<'de>,
183{
184 let v: String = serde::Deserialize::deserialize(de)?;
185 BASE64
186 .decode(v)
187 .map_err(|e| serde::de::Error::custom(e.to_string()))
188}