Add test for matching key for DLNA; fallback to direct; fail if no key matches

Use new method ts::getkey, containing our former key matching code

webif/lib/auto/plugin/decrypt/queue.hook

@@ -94,6 +94,13 @@ proc ::decrypt::dequeue {q ts} {
 	::auto::startclock
 	log "  DECRYPT: $rfile" 0
 
+	if {$mode eq "dlna"} {
+		if {[$ts getkey $mode] eq ""} {
+			::auto::log "system key doesn't match, trying direct"
+			set mode direct
+		}
+	}
+
 	if {$mode eq "dlna"} {
 		log "  DLNA: $url" 0
 		if {[catch {exec wget -O "$tmp/$bfile" $url} msg opts]} {
@@ -104,24 +111,12 @@ proc ::decrypt::dequeue {q ts} {
 		if {$helper} { system dlnahelper -release }
 	} else {
 		log "  Direct decryption" 0
-		set keys {}
-		if {![catch {set fd [open "/mod/boot/cryptokey"]}]} {
-			set bytes [$fd read 16]
-			$fd close
-			binary scan $bytes H* key
-			if {[string length $key] == 32} {
-				lappend keys $key
-			}
-		}
-		lappend keys [string range [system nugget cryptokey -key] 0 31]
-		lappend keys [system encryptionkey]
-		foreach key $keys {
-			::auto::log "Testing key ($key)" 2
-			if {[catch {
-			    set ret [exec /mod/bin/stripts -q/ $key $rfile]
-			}]} continue
-			if {$ret eq "1"} break
+
+		set key [$ts getkey $mode]
+		if {$key eq ""} {
+			return {"FAILED" "No matching key for decryption"}
 		}
+
 		::auto::log "Using key ($key)" 2
 		if {[catch {exec /mod/bin/stripts -@ $key $rfile "$tmp/[\
 		    file rootname $bfile]" } msg opts]} {