This ebook system uses Adobe Flash to display. It has dedicated clients, per publisher (in this case Pascal Press) but the base technology and infrastructure is provided by Yudu.
Running the application and tracing the communications shows that the login user/pass is send in XML in cleartext. Hmmm. It then downloads the available books to display thumbnails and descriptions.
Downloading a specific, pre-purchased, file results in a manifest, multiple content files, and a text index file (presumably for full text search results). The content comes down as low-res jpegs, 1 per page, and CWF (Compressed Flash Data) files, also one per page. The files are served off AWS S3.
The ebook files are stored ~/Library/Application\ Support/com.yudu.ReaderAIR/Local\ Store/editions/
Under that directory, you get the following files (and one dir):
content manifest preview.jpg thumbnail.jpg
The content dir (where n is the page number):
n.low (which is jpeg 818x1090 but intentionally fuzzy) n.high (flash CWF file, compressed) n.thumb (guess) n.wordpos (tbd)
also one file: wordIndexAndPlaintext<magic hex>
flasm reports:
movie '1.high' // flash 6, total frames: 1, frame rate: 0.25 fps, 595x793 px
So each high res page, where "high res is...not high" seems to be a 1 frame movie.
Actual commands and responses:
Login
Sends XML over HTTP (not S) including the password in cleartext.
POST /Yudu/xmlServices/android/ugc/1-0/<7digitversion> HTTP/1.1\r\n
<?xml version="1.0" ?><request>
<credentials username="<email>" password="<password>" deviceUID="<uuid>"/>
<requestedEditions/>
<ugc/>
</request>
gets response
<?xml version="1.0"?>
<response><authenticationResult userId="<9 digit numeric>" /><editions /><ugc /></response>
Available Books
POST http://android.yudu.com/Yudu/xmlServices/android/editionList/<7 digit version>
deviceUID=<device UUID>&username=<email addr>&password=<pass>
gets response
<?xml><list>loginResult><result>SUCCESS</result><info><id><9 digit numeric></id></info></loginResult><edition id="7digitid">...<too big to post>
Getting a blob of XML that defines that available books. Books that are free seem to have plaintext manifests (see the Edition section), those that are not but have been purchased have a section with the RC4 key (less the nonce) to decrypt the related manifest file.
The XML gives the URL for downloading the manifest, and (it seems) the base url for all the rest of the book too.
Edition aka Book
Each edition has a URL. The manifest file can be downloaded from this URL, and the file is optionally encrypted with RC4 and compressed. It's XML, but I've not yet decrypted and decompressed one. I assume it contains the structure and filenames of the pages of the book. Encrypted files have a YUDU header, and the nonce (suffix on key) is "*Copyright Yudu* jie1ohmoh3eloi7aG6in"
Pages
Each page seems to have a n.low file (low quality jpeg, lower than the res would imply). n.high (a 0.25 fps flash movie of the page...) and an n.words file (word index? not sure)
GET http://content.yudu.com/android/<16 char mixed-case edition id>/content/1.high
The n.low file is a bit useless. The n.high file has a low-quality jpeg embedded, but also the text and diagrams of the book.
It's possible to use swfrender to generate these into normal pages, sometimes with some artefacts (rainbow fringing). Try
swfrender 1.high -X2000 -o 1.png (-X is undocumented)
Fulltext index
TBD