1 | #include "globals.h"
|
---|
2 | #include "oscam-aes.h"
|
---|
3 | #include "oscam-garbage.h"
|
---|
4 | #include "oscam-string.h"
|
---|
5 |
|
---|
6 | void aes_set_key(struct s_client *cl, char *key)
|
---|
7 | {
|
---|
8 | AES_set_decrypt_key((const unsigned char *)key, 128, &cl->aeskey_decrypt);
|
---|
9 | AES_set_encrypt_key((const unsigned char *)key, 128, &cl->aeskey);
|
---|
10 | }
|
---|
11 |
|
---|
12 | void aes_decrypt(struct s_client *cl, uchar *buf, int32_t n)
|
---|
13 | {
|
---|
14 | int32_t i;
|
---|
15 | for (i=0; i<n; i+=16) {
|
---|
16 | AES_decrypt(buf+i, buf+i, &cl->aeskey_decrypt);
|
---|
17 | }
|
---|
18 | }
|
---|
19 |
|
---|
20 | void aes_encrypt_idx(struct s_client *cl, uchar *buf, int32_t n)
|
---|
21 | {
|
---|
22 | int32_t i;
|
---|
23 | for (i=0; i<n; i+=16) {
|
---|
24 | AES_encrypt(buf+i, buf+i, &cl->aeskey);
|
---|
25 | }
|
---|
26 | }
|
---|
27 |
|
---|
28 | /* Creates an AES_ENTRY and adds it to the given linked list. */
|
---|
29 | void add_aes_entry(AES_ENTRY **list, uint16_t caid, uint32_t ident, int32_t keyid, uchar *aesKey)
|
---|
30 | {
|
---|
31 | AES_ENTRY *new_entry, *next,*current;
|
---|
32 |
|
---|
33 | // create the AES key entry for the linked list
|
---|
34 | if (!cs_malloc(&new_entry, sizeof(AES_ENTRY)))
|
---|
35 | return;
|
---|
36 |
|
---|
37 | memcpy(new_entry->plainkey, aesKey, 16);
|
---|
38 | new_entry->caid=caid;
|
---|
39 | new_entry->ident=ident;
|
---|
40 | new_entry->keyid=keyid;
|
---|
41 | if(memcmp(aesKey,"\xFF\xFF",2)) {
|
---|
42 | AES_set_decrypt_key((const unsigned char *)aesKey, 128, &(new_entry->key));
|
---|
43 | // cs_log("adding key : %s",cs_hexdump(1,aesKey,16, tmp, sizeof(tmp)));
|
---|
44 | } else {
|
---|
45 | memset(&new_entry->key,0,sizeof(AES_KEY));
|
---|
46 | // cs_log("adding fake key");
|
---|
47 | }
|
---|
48 | new_entry->next=NULL;
|
---|
49 |
|
---|
50 | //if list is empty, new_entry is the new head
|
---|
51 | if (!*list) {
|
---|
52 | *list = new_entry;
|
---|
53 | return;
|
---|
54 | }
|
---|
55 |
|
---|
56 | //append it to the list
|
---|
57 | current = *list;
|
---|
58 | next = current->next;
|
---|
59 | while(next) {
|
---|
60 | current = next;
|
---|
61 | next = current->next;
|
---|
62 | }
|
---|
63 | current->next = new_entry;
|
---|
64 | }
|
---|
65 |
|
---|
66 | /* Parses a single AES_KEYS entry and assigns it to the given list.
|
---|
67 | The expected format for value is caid1@ident1:key0,key1 */
|
---|
68 | void parse_aes_entry(AES_ENTRY **list, char *label, char *value) {
|
---|
69 | uint16_t caid, dummy;
|
---|
70 | uint32_t ident;
|
---|
71 | int32_t len;
|
---|
72 | char *tmp;
|
---|
73 | int32_t nb_keys,key_id;
|
---|
74 | uchar aes_key[16];
|
---|
75 | char *save = NULL;
|
---|
76 |
|
---|
77 | tmp = strtok_r(value,"@",&save);
|
---|
78 |
|
---|
79 | //if we got error caid
|
---|
80 | len = strlen(tmp);
|
---|
81 | if (len == 0 || len > 4) return;
|
---|
82 |
|
---|
83 | //if there is not value after @
|
---|
84 | len = strlen(save);
|
---|
85 | if(len == 0) return;
|
---|
86 |
|
---|
87 | caid = a2i(tmp,2);
|
---|
88 | tmp = strtok_r(NULL,":",&save);
|
---|
89 |
|
---|
90 | //if we got error ident
|
---|
91 | len = strlen(tmp);
|
---|
92 | if(len == 0 || len > 6) return;
|
---|
93 |
|
---|
94 | ident = a2i(tmp,3);
|
---|
95 |
|
---|
96 | // now we need to split the key and add the entry to the reader.
|
---|
97 | nb_keys = 0;
|
---|
98 | key_id = 0;
|
---|
99 | while ((tmp = strtok_r(NULL,",",&save))) {
|
---|
100 | dummy = 0;
|
---|
101 | len = strlen(tmp);
|
---|
102 | if (len != 32) {
|
---|
103 | dummy=a2i(tmp,1);
|
---|
104 | // FF means the card will do the AES decrypt
|
---|
105 | // 00 means we don't have the aes.
|
---|
106 | if ((dummy != 0xFF && dummy != 0x00) || len > 2) {
|
---|
107 | key_id++;
|
---|
108 | cs_log("AES key length error .. not adding");
|
---|
109 | continue;
|
---|
110 | }
|
---|
111 | if (dummy==0x00) {
|
---|
112 | key_id++;
|
---|
113 | continue;
|
---|
114 | }
|
---|
115 | }
|
---|
116 | nb_keys++;
|
---|
117 | if (dummy)
|
---|
118 | memset(aes_key, 0xFF, 16);
|
---|
119 | else
|
---|
120 | key_atob_l(tmp, aes_key, 32);
|
---|
121 | // now add the key to the reader... TBD
|
---|
122 | add_aes_entry(list,caid,ident,key_id,aes_key);
|
---|
123 | key_id++;
|
---|
124 | }
|
---|
125 |
|
---|
126 | cs_log("%d AES key(s) added on reader %s for %04x:%06x", nb_keys, label, caid, ident);
|
---|
127 | }
|
---|
128 |
|
---|
129 | /* Clears all entries from an AES list*/
|
---|
130 | void aes_clear_entries(AES_ENTRY **list)
|
---|
131 | {
|
---|
132 | AES_ENTRY *current, *next;
|
---|
133 | current = NULL;
|
---|
134 | next = *list;
|
---|
135 | while (next) {
|
---|
136 | current = next;
|
---|
137 | next = current->next;
|
---|
138 | add_garbage(current);
|
---|
139 | }
|
---|
140 | *list = NULL;
|
---|
141 | }
|
---|
142 |
|
---|
143 | /* Parses multiple AES_KEYS entrys in a reader section and assigns them to the reader.
|
---|
144 | The expected format for value is caid1@ident1:key0,key1;caid2@ident2:key0,key1 */
|
---|
145 | void parse_aes_keys(struct s_reader *rdr, char *value)
|
---|
146 | {
|
---|
147 | char *entry;
|
---|
148 | char *save=NULL;
|
---|
149 | AES_ENTRY *newlist = NULL, *savelist = rdr->aes_list;
|
---|
150 |
|
---|
151 | for (entry=strtok_r(value, ";",&save); entry; entry=strtok_r(NULL, ";",&save)) {
|
---|
152 | parse_aes_entry(&newlist, rdr->label, entry);
|
---|
153 | }
|
---|
154 | rdr->aes_list = newlist;
|
---|
155 | aes_clear_entries(&savelist);
|
---|
156 |
|
---|
157 | /*
|
---|
158 | AES_ENTRY *current;
|
---|
159 | current=rdr->aes_list;
|
---|
160 | while(current) {
|
---|
161 | cs_log("**************************");
|
---|
162 | cs_log("current = %p",current);
|
---|
163 | cs_log("CAID = %04x",current->caid);
|
---|
164 | cs_log("IDENT = %06x",current->ident);
|
---|
165 | cs_log("keyID = %d",current->keyid);
|
---|
166 | cs_log("next = %p",current->next);
|
---|
167 | cs_log("**************************");
|
---|
168 | current=current->next;
|
---|
169 | }
|
---|
170 | */
|
---|
171 | }
|
---|
172 |
|
---|
173 | static AES_ENTRY *aes_list_find(AES_ENTRY *list, uint16_t caid, uint32_t provid, int32_t keyid)
|
---|
174 | {
|
---|
175 | AES_ENTRY *current = list;
|
---|
176 | while (current) {
|
---|
177 | if (current->caid == caid && current->ident == provid && current->keyid == keyid)
|
---|
178 | break;
|
---|
179 | current = current->next;
|
---|
180 | }
|
---|
181 | if (!current) {
|
---|
182 | cs_log("AES Decrypt : key id %d not found for CAID %04X , provider %06x", keyid, caid, provid);
|
---|
183 | return NULL;
|
---|
184 | }
|
---|
185 | return current;
|
---|
186 | }
|
---|
187 |
|
---|
188 |
|
---|
189 | int32_t aes_decrypt_from_list(AES_ENTRY *list, uint16_t caid, uint32_t provid, int32_t keyid, uchar *buf, int32_t n)
|
---|
190 | {
|
---|
191 | AES_ENTRY *current = aes_list_find(list, caid, provid, keyid);
|
---|
192 | if (!current)
|
---|
193 | return 0;
|
---|
194 | AES_KEY dummy;
|
---|
195 | int32_t i;
|
---|
196 | // hack for card that do the AES decrypt themsleves
|
---|
197 | memset(&dummy, 0, sizeof(AES_KEY));
|
---|
198 | if (!memcmp(¤t->key, &dummy, sizeof(AES_KEY))) {
|
---|
199 | return 1;
|
---|
200 | }
|
---|
201 | // decode the key
|
---|
202 | for (i = 0; i < n; i += 16)
|
---|
203 | AES_decrypt(buf + i, buf + i, &(current->key));
|
---|
204 | return 1; // all ok, key decoded.
|
---|
205 | }
|
---|
206 |
|
---|
207 | int32_t aes_present(AES_ENTRY *list, uint16_t caid, uint32_t provid, int32_t keyid)
|
---|
208 | {
|
---|
209 | return aes_list_find(list, caid, provid, keyid) != NULL;
|
---|
210 | }
|
---|