tem_drm 0.0.1

data/CHANGELOG

@@ -0,0 +1,2 @@
+v0.0.1. Put together a gem from previous code.
+ 

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License
+
+Copyright (c) 2007 Massachusetts Institute of Technology
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/Manifest

@@ -0,0 +1,16 @@
+bin/drm_wrap.rb
+bin/drm_key2proc.rb
+bin/drm_unwrap.rb
+bin/drm_proxy.rb
+LICENSE
+test/kick_vlc.xspf
+lib/drm/unwrapper.rb
+lib/drm/wrapper.rb
+lib/drm/tem.rb
+lib/drm/io_procs.rb
+lib/drm/metadata.rb
+lib/drm/http_procs.rb
+lib/drm/drm.rb
+README
+CHANGELOG
+Manifest

data/README

@@ -0,0 +1,3 @@
+Proof-of-concept DRM (digital rights management) for the TEM.
+
+Commands will be documented soon.

data/bin/drm_key2proc.rb

@@ -0,0 +1,28 @@
+#!/usr/bin/env ruby
+require 'drm'
+
+require 'rubygems'
+gem 'tem_ruby'
+require 'tem_ruby'
+
+unless ARGV.length == 2
+  print "Usage: #{$0} key_file proc_file\n"
+  exit
+end
+
+$terminal = Tem::SCard::JCOPRemoteTerminal.new
+unless $terminal.connect
+  $terminal.disconnect
+  $terminal = Tem::SCard::PCSCTerminal.new
+  $terminal.connect
+end
+$javacard = Tem::SCard::JavaCard.new($terminal)
+$tem = Tem::Session.new($javacard)
+tem_pubek = $tem.pubek
+
+key_fname = ARGV[0]
+proc_fname = ARGV[1]
+
+key = File.open(key_fname, 'rb') { |f| f.read }
+proc = DRM::Tem.tem_proc_for_filekey key, tem_pubek
+File.open(proc_fname, 'wb') { |f| f.write proc.to_yaml_str }

data/bin/drm_proxy.rb

@@ -0,0 +1,219 @@
+#!/usr/bin/env ruby
+require 'socket'
+require 'thread'
+require 'time'
+
+require 'rubygems'
+gem 'tem_ruby'
+require 'tem_ruby'
+
+require 'drm.rb'
+
+class Socket
+  def self.pack_sockaddr_in6(port, address, options = {})
+    raise 'wrong address format' unless address.length == 16
+    [28, Socket::AF_INET6, options[:flowinfo] || 0, port].pack('CCnN') + address.pack('C*') + [0].pack('N')
+  end
+end
+
+class DRM::Proxy
+  def initialize(conf)    
+    @key_prefix = conf[:key_prefix]
+    
+    @tcp4 = Socket.new Socket::AF_INET, Socket::SOCK_STREAM, Socket::PF_UNSPEC
+    @tcp4.setsockopt Socket::SOL_SOCKET, Socket::SO_REUSEADDR, true
+    # @tcp4.setsockopt Socket::IPPROTO_TCP, Socket::TCP_NODELAY, true
+    @tcp4.bind Socket.pack_sockaddr_in(conf[:port], '0.0.0.0')
+    @tcp4.listen 10
+    @tcp4_thread = Thread.new(@tcp4) { |s| sock_loop s }
+    
+    begin
+      @tcp6 = Socket.new Socket::AF_INET6, Socket::SOCK_STREAM, Socket::PF_UNSPEC
+      @tcp6.setsockopt Socket::SOL_SOCKET, Socket::SO_REUSEADDR, true
+      # @tcp6.setsockopt Socket::IPPROTO_TCP, Socket::TCP_NODELAY, true
+      @tcp6.bind Socket.pack_sockaddr_in6(conf[:port], Array.new(16, 0))
+      @tcp6.listen 10
+      @tcp6_thread = Thread.new(@tcp6) { |s| sock_loop s }
+    rescue
+      puts "Borg IPv6 setup failed: #{$!}"
+      @tcp6 = nil
+      @tcp6_thread = nil
+    end
+  end
+  
+  def sock_loop(socket)
+    while true do
+      begin
+        client_sock, client_sockaddr = socket.accept
+        print "Accepted client with address #{client_sockaddr.unpack('C*').join(', ')}\n"
+        Thread.new(client_sock) do |s|
+          begin
+            serve_client s
+          rescue
+            print "Unexpected exception #{$!}\n"
+            print $!.backtrace.join("\n") + "\n"
+          end  
+        end
+      rescue
+        print "Unexpected exception #{$!}\n"
+        print $!.backtrace.join("\n") + "\n"
+      end
+    end
+  end
+  
+  def serve_client(socket)
+    headers_string = ''
+    while true do
+      hdr = socket.recv 4096
+      headers_string += hdr
+      break if headers_string =~ /(\r\n){2}/
+    end
+        
+    headers_array = headers_string.split("\r\n")
+    request = Hash[*([:method, :uri, :protocol].zip(headers_array.shift.split(' ')).reject { |va| va.any? { |vm| vm.nil? }}.flatten)]
+    headers = Hash[*(headers_array.map { |line| line.split(':', 2).map { |e| e.strip } }.flatten)]
+
+    serve_request request, headers, socket
+    socket.close unless socket.closed?    
+  end
+  
+  def serve_request(request, headers, socket)
+    pp request
+    pp headers
+    
+    raise "I don't know how to do #{request[:method]}" unless request[:method] == 'GET'
+    
+    pp request[:uri]
+    match_data = request[:uri].match(/^\/\?url\=(.*)/)
+    unless match_data.nil?
+      real_uri = URI.unescape(match_data[1])
+      drm_uri = URI.escape(real_uri + '.drm-enc')
+      pp [real_uri, drm_uri]
+    else
+      # unencrypted file
+    end
+  
+    begin    
+      read_proc = DRM::HttpProcs.read_proc drm_uri
+
+      unwrapper = DRM::Unwrapper.new read_proc
+      metadata = unwrapper.metadata
+    rescue URI::InvalidURIError
+      metadata = nil
+    end
+  
+    if metadata.nil?
+      send_headers(socket, 404)
+      return
+    end
+    
+    pp metadata
+    
+    key_fname = @key_prefix + File.basename(real_uri) + '.drm-tem'
+    proc = Tem::SecPack.new_from_yaml_str(File.open(key_fname, 'rb') { |f| f.read })
+    subkey_proc = DRM::Tem.subkey_proc_for_tem_proc(proc)
+      
+    data_queue = Queue.new
+    write_proc = Proc.new do |data|
+      data_queue.enq data
+    end
+    
+    length = metadata.length
+    if headers['Range']
+      # parse content range, send in relevant stuff
+      units, ranges_str = *headers['Range'].split('=', 2)
+      if units != 'bytes'
+        send_headers(socket, 416, 0, 'text/html', 'Content-Range' => "0-#{length - 1}/#{length}")
+        return
+      end
+      
+      ranges = ranges_str.split(',').map do |srange|
+        # break up and deal with negative values
+        srange_ends = srange.split('-',2).map! { |s| (s.nil? or s.empty?) ? -1 : s.to_i }
+        if srange_ends[0] < 0
+          srange_ends = [length - srange_ends[1], length - 1]
+        elsif srange_ends[1] < 0
+          srange_ends[1] = length - 1
+        end
+        # clamp
+        srange_ends.map! { |i| (i < length) ? i : length - 1 }
+      end
+      
+      # cheat and reply w/ first range 'cause multi-part responses are hard
+      send_headers(socket, 206, ranges[0][1] + 1 - ranges[0][0], metadata.mime_type, 'Accept-Ranges' => 'bytes', 'ETag' => metadata.etag, 'Content-Range' => "bytes #{ranges[0][0]}-#{ranges[0][1]}/#{length}")
+      Thread.new do
+        
+        unwrapper.unwrap ranges[0][0], ranges[0][1], read_proc, write_proc, subkey_proc
+        data_queue.enq nil
+      end
+    else
+      send_headers(socket, 200,  length, metadata.mime_type, 'Accept-Ranges' => 'bytes', 'ETag' => metadata.etag)
+      Thread.new do
+        unwrapper.unwrap 0, length, read_proc, write_proc, subkey_proc
+        data_queue.enq nil
+      end
+    end
+    
+    loop do
+      data = data_queue.deq
+      break if data.nil?
+      
+      sent_data = 0
+      sent_data += socket.send(data[sent_data..-1], 0) while sent_data < data.length
+    end
+  end 
+   
+  def send_headers(socket, status, length = 0, mime_type = 'text/html', headers = {})
+    reason = headers[:reason] || {200 => 'OK', 404 => 'File not found'}[status]
+    
+    response_line = "HTTP/1.1 #{status} #{reason}\r\n"    
+
+    response_headers = { 'Connection' => 'close', 'Server' => 'Rubylicious/1.0', 'Date' => Time.now.rfc2822,
+      'Content-Type' => mime_type, 'Content-Length' => length }.merge headers
+
+    pp response_headers
+    socket.send response_line, 0
+    socket.send response_headers.to_a.map { |k,v| k.to_s + ': ' + v.to_s }.join("\r\n") + "\r\n\r\n", 0
+  end
+end
+
+STDOUT.sync = true
+if File.exists? 'drm_proxy.yml'
+  conf = File.open('drm_proxy.yml', 'r') { |f| YAML::load f }
+else
+  conf = { :port => 8080, :key_prefix => './files/' }
+  File.open('drm_proxy.yml', 'w') { |f| YAML::dump conf, f }
+end
+
+def connect_tem
+  creation_proc = Kernel.proc { $terminal = Tem::SCard::JCOPRemoteTerminal.new }
+  connect_proc = Kernel.proc { creation_proc.call(); $terminal.connect }
+  
+  unless connect_proc.call()
+    $terminal.disconnect
+    creation_proc = Kernel.proc { $terminal = Tem::SCard::PCSCTerminal.new }
+    connect_proc.call()
+  end
+  $javacard = Tem::SCard::JavaCard.new($terminal)
+  $tem = Tem::Session.new($javacard)
+  class <<$tem
+    def issue_apdu(*args)
+      loop do
+        begin
+          return super(*args)
+        rescue
+          print $! + "\n"
+          print $!.backtrace.join("\n") + "\n"
+          connect_proc.call()
+        end
+      end
+    end
+  end
+end
+
+connect_tem
+
+server = DRM::Proxy.new conf
+
+print "Listening on port #{conf[:port]}\n"
+sleep 1 while true

data/bin/drm_unwrap.rb

@@ -0,0 +1,48 @@
+#!/usr/bin/env ruby
+require 'drm'
+
+require 'rubygems'
+gem 'tem_ruby'
+require 'tem_ruby'
+
+unless ARGV.length == 3
+  print "Usage: #{$0} encrypted_file key_file decrypted_file\n"
+  exit
+end
+
+encrypted_fname = ARGV[0]
+key_fname = ARGV[1]
+decrypted_fname = ARGV[2]
+begin
+  read_proc = DRM::HttpProcs.read_proc encrypted_fname
+  pp 'http ok'
+rescue URI::InvalidURIError
+  read_proc = DRM::IoProcs.read_proc File.open(encrypted_fname, 'rb') 
+end
+
+if key_fname =~ /\.drm\-tem$/
+  proc = Tem::SecPack.new_from_yaml_str(File.open(key_fname, 'rb') { |f| f.read })
+  subkey_proc = DRM::Tem.subkey_proc_for_tem_proc(proc)
+  
+  $terminal = Tem::SCard::JCOPRemoteTerminal.new
+  unless $terminal.connect
+    $terminal.disconnect
+    $terminal = Tem::SCard::PCSCTerminal.new
+    $terminal.connect
+  end
+  $javacard = Tem::SCard::JavaCard.new($terminal)
+  $tem = Tem::Session.new($javacard)
+elsif key_fname =~ /\.drm\-key$/
+  key = File.open(key_fname, 'rb') { |f| f.read }
+  subkey_proc = Proc.new do |metadata, key_index|
+    metadata.subkey_from_filekey key_index, key
+  end
+else
+  print "Unknown key file format in #{key_fname} (need .drm-tem and .drm-key)\n"
+  exit
+end
+
+File.open(decrypted_fname, 'wb') do |outfile|
+  unwrapper = DRM::Unwrapper.new read_proc
+  unwrapper.unwrap 0, unwrapper.metadata.length - 1, read_proc, DRM::IoProcs.write_proc(outfile), subkey_proc
+end

data/bin/drm_wrap.rb

@@ -0,0 +1,22 @@
+#!/usr/bin/env ruby
+require 'drm'
+
+unless ARGV.length == 1
+  print "Usage: #{$0} file\n"
+  exit
+end
+
+original_fname = ARGV[0]
+encrypted_fname = ARGV[0] + '.drm-enc'
+key_fname = ARGV[0] + '.drm-key'
+
+in_length = File.stat(original_fname).size
+wrapper = DRM::Wrapper.new in_length, 'audio/mp3'
+
+File.open(key_fname, 'wb') { |f| f.write wrapper.filekey }
+
+File.open(original_fname, 'rb') do |infile|
+  File.open(encrypted_fname, 'wb') do |outfile|
+    wrapper.wrap DRM::IoProcs.read_proc(infile), DRM::IoProcs.write_proc(outfile)
+  end
+end

data/lib/drm/drm.rb

@@ -0,0 +1,11 @@
+# the DRM namespace
+module DRM
+end
+
+require 'drm/metadata.rb'
+require 'drm/wrapper.rb'
+require 'drm/unwrapper.rb'
+
+require 'drm/io_procs.rb'
+require 'drm/http_procs.rb'
+require 'drm/tem.rb'

data/lib/drm/http_procs.rb

@@ -0,0 +1,17 @@
+require 'net/http'
+require 'uri'
+
+module DRM::HttpProcs
+  # produces a read_proc(length, offset) for the given HTTP +url+
+  def self.read_proc(url)
+    uri = URI.parse url
+    Proc.new do |length, offset|
+      request = Net::HTTP::Get.new uri.path
+      request.set_range(offset, length)
+      response = Net::HTTP.start(uri.host, uri.port) { |http| http.request request }
+      # content_range_str = nil
+      # response.each_header { |key, value| content_range_str = value and break if key.downcase == 'content-range' }
+      response.body
+    end
+  end
+end

data/lib/drm/io_procs.rb

@@ -0,0 +1,16 @@
+module DRM::IoProcs
+  # produces a read_proc(length, offset) for the given +io+ instance of IO
+  def self.read_proc(io)
+    Proc.new do |length, offset|
+      io.seek offset
+      io.read length
+    end    
+  end
+
+  # produces a write_proc(data) for the given +io+ instance of IO
+  def self.write_proc(io)
+    Proc.new do |data|
+      io.write data
+    end    
+  end
+end

data/lib/drm/metadata.rb

@@ -0,0 +1,119 @@
+require 'digest'
+require 'openssl'
+require 'yaml'
+
+class DRM::Metadata
+  # internal constructor; access through new_for_file and new_from_hash
+  def initialize(data_hash)
+    @data = data_hash
+  end
+  
+  # metadata object from a hash obtained using to_hash
+  def self.new_from_hash(data_hash)
+    # TODO: some validation to ensure the hash contains the metadata fields
+    self.new data_hash
+  end
+  
+  # metadata object from a string obtained using to_yaml_str
+  def self.new_from_yaml_str(yaml_str)
+    data_hash = YAML.load yaml_str
+    # TODO: verify we're actually dealing with a hash
+    self.new_from_hash data_hash
+  end
+      
+  # new metadata object for a content file
+  def self.new_for_file(length, mime_type, options = {})
+    # storage strategy
+    data_hash = { :length => length, :mime_type => mime_type }    
+    blocksize = options[:block_size]
+    if blocksize.nil?
+      blocksize = 1 << 16
+      # TODO: adaptive block size
+    end
+    data_hash[:block_size] = blocksize
+    
+    # encryption strategy
+    keys = options[:keys] || 8
+    # TODO: adaptive number of keys
+    data_hash[:keys] = keys
+    data_hash[:blocks] = (length + blocksize - 1) / blocksize
+    data_hash[:blocks_per_key] = (data_hash[:blocks] + keys - 1) / keys
+    
+    # serial number
+    data_hash[:etag] = Digest::SHA1.hexdigest((0...32).map { |i| rand(256) }.pack('C*')) 
+    
+    self.new data_hash
+  end
+  
+  # creates a new file key
+  def self.new_filekey
+    (0...32).map { |i| rand * 256 }.pack('C*')
+  end
+  
+  # converts the metadata to an easy-to-serialize hash
+  def to_hash
+    @data
+  end
+  
+  # converts the metadata to an easy-to-serialize to_yaml_str
+  def to_yaml_str
+    self.to_hash.to_yaml.to_s
+  end
+
+  # computes the index of the subkey to be used for decoding a block
+  def subkey_index(block_index)
+    block_index / @data[:blocks_per_key]
+  end
+  
+  # computers a subkey from a file key (this will usually happen on a TEM)
+  def subkey_from_filekey(subkey_index, filekey)
+    Digest::SHA1.digest(filekey + [subkey_index].pack('N'))        
+  end
+  
+  # the number of blocks in the content file
+  def blocks
+    @data[:blocks]
+  end
+  
+  # the size of a content block
+  def block_size
+    @data[:block_size]
+  end
+  
+  # the length of the content
+  def length
+    @data[:length]
+  end
+  
+  # the MIME type of the content
+  def mime_type
+    @data[:mime_type]
+  end
+  
+  # the ETag of the document
+  def etag
+    @data[:etag]
+  end
+  
+  # encrypts a content block
+  def encrypt_block(block_data, block_index, subkey)
+    cipher = OpenSSL::Cipher::Cipher.new 'aes-128-ecb'
+    cipher.encrypt
+    cipher.key = subkey
+    cipher.iv = [block_index].pack('N') * 4
+    eblock = cipher.update(block_data)
+    return eblock
+  end
+  
+  # decrypts a content block
+  def decrypt_block(crypted_data, block_index, subkey)
+      cipher = OpenSSL::Cipher::Cipher.new 'aes-128-ecb'
+      cipher.decrypt
+      cipher.key = subkey
+      cipher.iv = [block_index].pack('N') * 4      
+      dblock = cipher.update(crypted_data)
+      # compensate for openssl being retarded
+      dblock += cipher.update([0].pack('C') * 16)      
+      return dblock
+  end
+end

data/lib/drm/tem.rb

@@ -0,0 +1,37 @@
+require 'rubygems'
+gem 'tem_ruby'
+require 'tem_ruby'
+
+module DRM::Tem
+  # produces a TEM procedure which yields the subkeys for +filekey+
+  # the procedure is sealed with the TEM public key +pubek+
+  def self.tem_proc_for_filekey(filekey, pubek)
+    key_proc = Tem::Session.assemble do |p|
+      p.ldbc filekey.length + 4
+      p.outnew
+      p.mdfxb :from => :filekey, :size => filekey.length + 4, :to => (1 << 16) - 1
+      p.halt
+      p.label :filekey
+      p.immed :ubyte, filekey.unpack('C*')
+      p.label :key_index
+      p.filler :ubyte, 2
+      p.filler :ushort, 2
+      p.label :end_of_hash
+      p.stack
+      p.extra 8
+    end
+    key_proc.seal pubek, :filekey, :key_index
+    return key_proc
+  end
+  
+  # produces a subkey_proc(metadata, index) that works by calling a TEM with +tem_proc+
+  # +tem_proc+ must be obtained by calling tem_proc_for_filekey
+  def self.subkey_proc_for_tem_proc(tem_proc)
+    Proc.new do |metadata, index|
+      index_str = [0, 0] + Tem::Session.to_tem_ushort(index)
+      tem_proc.body[tem_proc.label_address(:key_index), index_str.length] = index_str
+      # TODO: more elegant solution than $tem
+      $tem.execute(tem_proc).pack('C*')
+    end
+  end
+end

data/lib/drm/unwrapper.rb

@@ -0,0 +1,40 @@
+class DRM::Unwrapper
+  # new unwrapper for a DRM-wrapped file
+  # read_proc(length, offset) reads length bytes at offset from the DRM-wrapped file
+  def initialize(read_proc)
+    @data_offset = [0].pack('N').length
+    metadata_lenstr = read_proc.call @data_offset, 0
+    metadata_str = read_proc.call metadata_lenstr.unpack('N').first, @data_offset
+    @data_offset += metadata_str.length
+    @metadata = DRM::Metadata.new_from_yaml_str metadata_str
+  end
+  
+  # the DRM metadata for the wrapped file 
+  attr_reader :metadata
+  
+  # unwraps bytes +start_byte+..+end_byte+ from the content of a DRM-wrapped file
+  # read_proc(length, offset) reads length bytes at offset from the file to be wrapped
+  # write_proc(data) appends the given data to the file containing the wrapped content
+  # subkey_proc(metadata, index) produces the +index+th DRM subkey for the contents identified by +metadata+ 
+  def unwrap(start_byte, end_byte, read_proc, write_proc, subkey_proc)
+    block_size = @metadata.block_size
+    start_block = start_byte / block_size
+    end_block = end_byte / block_size
+
+    in_offset = @data_offset + start_block * block_size
+    old_ski = nil
+    subkey = nil
+    start_block.upto(end_block) do |block_index|
+      # read
+      crypted_data = read_proc.call block_size, in_offset
+      in_offset += crypted_data.length
+      # decrypt
+      ski = @metadata.subkey_index(block_index)
+      subkey = subkey_proc.call @metadata, ski unless ski == old_ski
+      old_ski = ski
+      block_data = @metadata.decrypt_block crypted_data, block_index, subkey
+      # write
+      write_proc.call block_data[((block_index == start_block) ? start_byte % block_size : 0)..((block_index == end_block) ? end_byte % block_size : block_size - 1)]
+    end
+  end  
+end

data/lib/drm/wrapper.rb

@@ -0,0 +1,40 @@
+class DRM::Wrapper
+  # new wrapper for a contents file
+  # the file has +length+ bytes and its MIME type is +mime_type+
+  def initialize(length, mime_type)
+    @filekey = DRM::Metadata.new_filekey
+    @metadata = DRM::Metadata.new_for_file length, mime_type
+  end
+  
+  # the key used to wrap the file
+  attr_reader :filekey
+  # the DRM metadata for the wrapped file 
+  attr_reader :metadata
+  
+  # wraps a content file with DRM protection
+  # read_proc(length, offset) reads length bytes at offset from the file to be wrapped
+  # write_proc(data) appends the given data to the file containing the wrapped content
+  def wrap(read_proc, write_proc)
+    # push the metadata
+    metadata_str = @metadata.to_yaml_str
+    metadata_lenstr = [metadata_str.length].pack('N')
+    write_proc.call metadata_lenstr
+    write_proc.call metadata_str
+    
+    # push the data
+    block_size = @metadata.block_size
+    length = @metadata.length
+    in_offset = 0    
+    0.upto(@metadata.blocks - 1) do |block_index|
+      # read
+      read_size = (block_size <= length - in_offset) ? block_size : length - in_offset
+      block_data = read_proc.call read_size, in_offset
+      in_offset += read_size
+      # encrypt
+      subkey = @metadata.subkey_from_filekey(metadata.subkey_index(block_index), @filekey)
+      crypted_data = @metadata.encrypt_block block_data, block_index, subkey
+      # write
+      write_proc.call crypted_data
+    end
+  end
+end

data/tem_drm.gemspec

@@ -0,0 +1,53 @@
+
+# Gem::Specification for Tem_drm-0.0.1
+# Originally generated by Echoe
+
+Gem::Specification.new do |s|
+  s.name = %q{tem_drm}
+  s.version = "0.0.1"
+
+  s.specification_version = 2 if s.respond_to? :specification_version=
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Victor Costan"]
+  s.date = %q{2008-06-11}
+  s.description = %q{Personal DRM (Digital Rights Management) relying on the TEM.}
+  s.email = %q{victor@costan.us}
+  s.executables = ["drm_wrap.rb", "drm_key2proc.rb", "drm_unwrap.rb", "drm_proxy.rb"]
+  s.extra_rdoc_files = ["bin/drm_wrap.rb", "bin/drm_key2proc.rb", "bin/drm_unwrap.rb", "bin/drm_proxy.rb", "LICENSE", "lib/drm/unwrapper.rb", "lib/drm/wrapper.rb", "lib/drm/tem.rb", "lib/drm/io_procs.rb", "lib/drm/metadata.rb", "lib/drm/http_procs.rb", "lib/drm/drm.rb", "README", "CHANGELOG"]
+  s.files = ["bin/drm_wrap.rb", "bin/drm_key2proc.rb", "bin/drm_unwrap.rb", "bin/drm_proxy.rb", "LICENSE", "test/kick_vlc.xspf", "lib/drm/unwrapper.rb", "lib/drm/wrapper.rb", "lib/drm/tem.rb", "lib/drm/io_procs.rb", "lib/drm/metadata.rb", "lib/drm/http_procs.rb", "lib/drm/drm.rb", "README", "CHANGELOG", "Manifest", "tem_drm.gemspec"]
+  s.has_rdoc = true
+  s.homepage = %q{http://tem.rubyforge.org}
+  s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Tem_drm", "--main", "README"]
+  s.require_paths = ["lib"]
+  s.rubyforge_project = %q{tem}
+  s.rubygems_version = %q{1.1.1}
+  s.summary = %q{Personal DRM (Digital Rights Management) relying on the TEM.}
+
+  s.add_dependency(%q<tem_ruby>, [">= 0.9.0"])
+end
+
+
+# # Original Rakefile source (requires the Echoe gem):
+# 
+# require 'rubygems'
+# gem 'echoe'
+# require 'echoe'
+# 
+# Echoe.new('tem_drm') do |p|
+#   p.project = 'tem' # rubyforge project
+#   
+#   p.author = 'Victor Costan'
+#   p.email = 'victor@costan.us'
+#   p.summary = 'Personal DRM (Digital Rights Management) relying on the TEM.'
+#   p.url = 'http://tem.rubyforge.org'
+#   p.dependencies = ['tem_ruby >=0.9.0']
+#   
+#   p.need_tar_gz = false
+#   p.rdoc_pattern = /^(lib|bin|tasks|ext)|^BUILD|^README|^CHANGELOG|^TODO|^LICENSE|^COPYING$/  
+# end
+# 
+# if $0 == __FILE__
+#   Rake.application = Rake::Application.new
+#   Rake.application.run
+# end

data/test/kick_vlc.xspf

@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<playlist version="0" xmlns="http://xspf.org/ns/0/">
+	<title>kick_vlc.xspf</title>
+	<location>file:///Users/victor/Documents/workspace/tem_drm/kick_vlc.xspf</location>
+	<trackList>
+		<track>
+			<location>http://localhost:8080/?url=http:%252F%252Fweb.mit.edu%252Fcostan%252Fwww%252Fbooks%252FTocarte.Toa.mp3</location>
+			<title>Tocarte Toa</title>
+		</track>
+	</trackList>
+</playlist>

metadata

@@ -0,0 +1,98 @@
+--- !ruby/object:Gem::Specification 
+name: tem_drm
+version: !ruby/object:Gem::Version 
+  version: 0.0.1
+platform: ruby
+authors: 
+- Victor Costan
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2008-06-11 00:00:00 -04:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: tem_ruby
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.9.0
+    version: 
+description: Personal DRM (Digital Rights Management) relying on the TEM.
+email: victor@costan.us
+executables: 
+- drm_wrap.rb
+- drm_key2proc.rb
+- drm_unwrap.rb
+- drm_proxy.rb
+extensions: []
+
+extra_rdoc_files: 
+- bin/drm_wrap.rb
+- bin/drm_key2proc.rb
+- bin/drm_unwrap.rb
+- bin/drm_proxy.rb
+- LICENSE
+- lib/drm/unwrapper.rb
+- lib/drm/wrapper.rb
+- lib/drm/tem.rb
+- lib/drm/io_procs.rb
+- lib/drm/metadata.rb
+- lib/drm/http_procs.rb
+- lib/drm/drm.rb
+- README
+- CHANGELOG
+files: 
+- bin/drm_wrap.rb
+- bin/drm_key2proc.rb
+- bin/drm_unwrap.rb
+- bin/drm_proxy.rb
+- LICENSE
+- test/kick_vlc.xspf
+- lib/drm/unwrapper.rb
+- lib/drm/wrapper.rb
+- lib/drm/tem.rb
+- lib/drm/io_procs.rb
+- lib/drm/metadata.rb
+- lib/drm/http_procs.rb
+- lib/drm/drm.rb
+- README
+- CHANGELOG
+- Manifest
+- tem_drm.gemspec
+has_rdoc: true
+homepage: http://tem.rubyforge.org
+post_install_message: 
+rdoc_options: 
+- --line-numbers
+- --inline-source
+- --title
+- Tem_drm
+- --main
+- README
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: tem
+rubygems_version: 1.1.1
+signing_key: 
+specification_version: 2
+summary: Personal DRM (Digital Rights Management) relying on the TEM.
+test_files: []
+