Merge branch 'develop'

diegojfer · Dec 18, 2019 · 869dddf · 869dddf
2 parents 45e7aba + a69d54c
commit 869dddf
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 6 deletions.
diff --git a/src/FPProvider.cs b/src/FPProvider.cs
@@ -1,3 +1,4 @@
+using System;
 using System.Security.Cryptography;
 using System.Security.Cryptography.X509Certificates;
 
@@ -15,15 +16,23 @@ public sealed class FPProvider
         public string Name { get => this.Certificate.Subject; }
         public byte[] Hash { get => this.Certificate.GetCertHash(); }
 
-        public FPProvider(X509Certificate certificate, RSAParameters key, byte[] ask)
+        public FPProvider(byte[] certificate, string password, byte[] ask) 
         {
             ArgumentThrow.IfNull(certificate, "Invalid FairPlay Certificate. Certificate can not be null.", nameof(certificate));
-            ArgumentThrow.IfNull(key, "Invalid FairPlay Certificate Key. RSAParameters can not be null.", nameof(key));
+            ArgumentThrow.IfNull(password, "Invalid FairPlay Certificate passphrase. Passphrase can not be null.", nameof(password));
             ArgumentThrow.IfLengthNot(ask, 16, "Invalid Application Secret Key. ASK buffer should be 16 bytes.", nameof(ask));
 
-            this.Certificate = certificate;
-            this.RSAKey = key;
-            this.ASKey = ask;
+            try {
+                X509Certificate2 X509 = new X509Certificate2(certificate, password, X509KeyStorageFlags.Exportable);
+
+                using (var rsa = X509.GetRSAPrivateKey()) {
+                    this.Certificate = X509;
+                    this.RSAKey = rsa.ExportParameters(true);
+                    this.ASKey = ask;
+                }
+            } catch (Exception ex) {
+                throw new ArgumentException("Invalid FairPlay Certificate. Certificate can not be read.", nameof(certificate), ex);
+            }
         }
     }
 }
diff --git a/src/FPServer.cs b/src/FPServer.cs
@@ -207,7 +207,7 @@ private async Task<IEnumerable<TLLVSlab>> GenerateCKC(DFunction derivator, IEnum
                 catch (Exception ex) { throw new FPInvalidContextException("EXC_0027", "Unable to process SPC. See 'innerException' for more information.", ex); }
 
                 if (MediaPlaybackPayload.CreationDate < DateTime.UtcNow.AddHours(-6)) throw new FPContextDateViolatedException("EXC_0036", "Unable to process SPC. Date range violated.");
-                if (MediaPlaybackPayload.CreationDate > DateTime.UtcNow.AddHours(-6)) throw new FPContextDateViolatedException("EXC_0037", "Unable to process SPC. Date range violated.");
+                if (MediaPlaybackPayload.CreationDate > DateTime.UtcNow.AddHours(6))  throw new FPContextDateViolatedException("EXC_0037", "Unable to process SPC. Date range violated.");
 
                 DurationCKPayload DurationContentKeyPayload = null;
                 try { DurationContentKeyPayload = new DurationCKPayload((UInt32)this.LicenseDuration, 0, DurationCKType.Rental); }