harden deezer auth and lyrics tagging behavior

2026-06-17 15:05:39 +02:00 · 2026-04-21 11:14:57 +02:00
parent 26c9d50fac
commit 9ebddc8316
8 changed files with 1224 additions and 23 deletions
--- a/internal/download/downloader_test.go
+++ b/internal/download/downloader_test.go
@@ -84,3 +84,39 @@ func TestDecryptDeezerBFCBCStripe(t *testing.T) {
 		t.Fatalf("decrypted data mismatch")
 	}
 }
+
+func TestFileDeezerEncrypted(t *testing.T) {
+	trackID := "3135556"
+	plain := make([]byte, deezerBFChunkSize+777)
+	for i := range plain {
+		plain[i] = byte((i * 7) % 251)
+	}
+	enc := make([]byte, len(plain))
+	copy(enc, plain)
+
+	block, err := blowfish.NewCipher(deriveDeezerBlowfishKey(trackID))
+	if err != nil {
+		t.Fatalf("cipher error: %v", err)
+	}
+	cbc := cipher.NewCBCEncrypter(block, deezerBFIV)
+	cbc.CryptBlocks(enc[:deezerBFChunkSize], enc[:deezerBFChunkSize])
+
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
+		_, _ = w.Write(enc)
+	}))
+	defer ts.Close()
+
+	d := NewWithOptions(true, false)
+	out := filepath.Join(t.TempDir(), "x", "a.flac")
+	if err = d.FileDeezerEncrypted(context.Background(), ts.URL, out, trackID); err != nil {
+		t.Fatalf("FileDeezerEncrypted() error = %v", err)
+	}
+
+	got, err := os.ReadFile(out)
+	if err != nil {
+		t.Fatalf("ReadFile() error = %v", err)
+	}
+	if string(got) != string(plain) {
+		t.Fatalf("decrypted file mismatch")
+	}
+}