source: trunk/reader-seca.c@ 1

Last change on this file since 1 was 1, checked in by root, 14 years ago

initial import

File size: 12.4 KB
Line 
1#include "globals.h"
2#include "reader-common.h"
3
4extern uchar cta_cmd[], cta_res[];
5extern ushort cta_lr;
6static unsigned short pmap=0; // provider-maptable
7
8#define CMD_LEN 5
9
10static int card_write(uchar *cmd, uchar *data, int wflag)
11{
12 int l;
13 uchar buf[256];
14 memcpy(buf, cmd, CMD_LEN);
15 l=wflag ? cmd[4] : 0;
16 if (l && data) memcpy(buf+CMD_LEN, data, l);
17 l=reader_cmd2icc(buf, CMD_LEN+l);
18 return(l);
19}
20
21#define write_cmd(cmd, data) \
22{ \
23 if (card_write(cmd, data, 1)) return(0); \
24}
25
26#define read_cmd(cmd, data) \
27{ \
28 if (card_write(cmd, data, 0)) return(0); \
29}
30
31int set_provider_info(int i)
32{
33 static uchar ins12[] = { 0xc1, 0x12, 0x00, 0x00, 0x19 }; // get provider info
34 int year, month, day;
35 struct tm *lt;
36 time_t t;
37 int valid=0;//0=false, 1=true
38 char l_name[16+8+1]=", name: ";
39
40 ins12[2]=i;//select provider
41 read_cmd(ins12, NULL); // show provider properties
42 cs_debug("hexdump:%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x.",cta_res[0],cta_res[1],cta_res[2],cta_res[3],cta_res[4],cta_res[5],cta_res[6],cta_res[7],cta_res[8],cta_res[9],cta_res[10],cta_res[11],cta_res[12],cta_res[13],cta_res[14],cta_res[15],cta_res[16],cta_res[17],cta_res[18],cta_res[19],cta_res[20],cta_res[21],cta_res[22],cta_res[23],cta_res[24],cta_res[25],cta_res[26]);
43
44 if ((cta_res[25] != 0x90) || (cta_res[26] != 0x00)) return (0);
45 reader[ridx].prid[i][0]=0;
46 reader[ridx].prid[i][1]=0;//blanken high byte provider code
47 memcpy(&reader[ridx].prid[i][2], cta_res, 2);
48// sprintf(buf+strlen(buf), ",%06X", b2i(3, &reader[ridx].prid[i][1]));
49
50 year = (cta_res[22]>>1) + 1990;
51 month = ((cta_res[22]&0x1)*256 + (cta_res[23]&0xe0))>>5;
52 day = (cta_res[23]&0x1f);
53 t=time(NULL);
54 lt=localtime(&t);
55 if (lt->tm_year+1900 != year)
56 if (lt->tm_year+1900 < year)
57 valid=1;
58 else
59 valid=0;
60 else
61 if (lt->tm_mon+1 != month)
62 if (lt->tm_mon+1 < month)
63 valid=1;
64 else
65 valid=0;
66 else
67 if (lt->tm_mday != day)
68 if (lt->tm_mday < day)
69 valid=1;
70 else
71 valid=0;
72 memcpy(l_name+8, cta_res+2, 16);
73 l_name[sizeof(l_name)]=0;
74 trim(l_name+8);
75 l_name[0]=(l_name[8]) ? ',' : 0;
76 reader[ridx].availkeys[i][0]=valid; //misusing availkeys to register validity of provider
77 cs_log("provider: %d, valid: %i%s, expiry date: %4d/%02d/%02d",
78 i+1, valid,l_name, year, month, day);
79 memcpy(&reader[ridx].sa[i][0], cta_res+18, 4);
80 if (valid==1) //if not expired
81 cs_log("SA: %s", cs_hexdump(0, cta_res+18, 4));
82// cs_log("SA:%02X%02X%02X%02X.",cta_res[18],cta_res[19],cta_res[20],cta_res[21]);
83 return(1);
84}
85
86int seca_card_init(uchar *atr, int atrsize)
87{
88 uchar buf[256];
89 char *card;
90 static uchar ins0e[] = { 0xc1, 0x0e, 0x00, 0x00, 0x08 }; // get serial number (UA)
91 static uchar ins16[] = { 0xc1, 0x16, 0x00, 0x00, 0x07 }; // get nr. of prividers
92 int i;
93
94 buf[0]=0x00;
95 if ((atr[10]!=0x0e) || (atr[11]!=0x6c) || (atr[12]!=0xb6) || (atr[13]!=0xd6)) return(0);
96 switch(atr[7]<<8|atr[8])
97 {
98 case 0x5084: card="Generic"; break;
99 case 0x5384: card="Philips"; break;
100 case 0x5130:
101 case 0x5430:
102 case 0x5760: card="Thompson"; break;
103 case 0x5284:
104 case 0x5842:
105 case 0x6060: card="Siemens"; break;
106 case 0x7070: card="Canal+ NL"; break;
107 default: card="Unknown"; break;
108 }
109 reader[ridx].caid[0]=0x0100;
110 memset(reader[ridx].prid, 0xff, sizeof(reader[ridx].prid));
111 read_cmd(ins0e, NULL); // read unique id
112 reader[ridx].hexserial[0]=0;
113 reader[ridx].hexserial[1]=0;
114 memcpy(reader[ridx].hexserial+2, cta_res+2, 6);
115 cs_ri_log("type: seca, caid: %04X, serial: %llu, card: %s v%d.%d",
116 reader[ridx].caid[0], b2ll(5, cta_res+3), card, atr[9]&0x0F, atr[9]>>4);
117 read_cmd(ins16, NULL); // read nr of providers
118 pmap=cta_res[2]<<8|cta_res[3];
119 for (reader[ridx].nprov=0, i=pmap; i; i>>=1)
120 reader[ridx].nprov+=i&1;
121// i=cta_res[2]*256+cta_res[3];
122// do { n+=i&1; i>>=1; } while(i);
123// reader[ridx].nprov=n;
124
125 for (i=0; i<16; i++)
126 if (pmap&(1<<i))
127 {
128 if (!set_provider_info(i))
129 return(0);
130 else
131 sprintf(buf+strlen(buf), ",%04X", b2i(2, &reader[ridx].prid[i][2]));
132 }
133
134 cs_ri_log("providers: %d (%s)", reader[ridx].nprov, buf+1);
135 cs_log("ready for requests");
136 return(1);
137}
138
139// static int get_prov_index (uchar providhigh, uchar providlow)//returns provider id or -1 if not found
140static int get_prov_index(char *provid) //returns provider id or -1 if not found
141{
142 int prov;
143 for (prov=0; prov<reader[ridx].nprov; prov++) //search for provider index
144 if (!memcmp(provid, &reader[ridx].prid[prov][2], 2))
145 return(prov);
146// for (prov=0; prov<reader[ridx].nprov; prov++) //search for provider index
147// if ( (providhigh == reader[ridx].prid[prov][2]) &&
148// (providlow == reader[ridx].prid[prov][3]) )
149// {
150// return(prov);
151// }
152 return(-1);
153}
154
155
156int seca_do_ecm(ECM_REQUEST *er)
157{
158 static unsigned char ins3c[] = { 0xc1,0x3c,0x00,0x00,0x00 }; // coding cw
159 static unsigned char ins3a[] = { 0xc1,0x3a,0x00,0x00,0x10 }; // decoding cw
160 uchar ins3cdata[256];
161 int i;
162
163// i=get_prov_index(er->ecm[3],er->ecm[4]);
164 i=get_prov_index(er->ecm+3);
165 if ((i == -1) || (reader[ridx].availkeys[i][0] == 0)) //if provider not found or expired
166 return (0);
167 ins3c[2]=i;
168 ins3c[3]=er->ecm[7]; //key nr
169 ins3c[4]=(((er->ecm[1]&0x0f)*256)+er->ecm[2])-0x05;
170
171 memcpy(ins3cdata,er->ecm+8,256-8);
172 cs_debug("do_ecm:ins3c=%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x.",ins3c[0],ins3c[1],ins3c[2],ins3c[3],ins3c[4],ins3cdata[0],ins3cdata[1],ins3cdata[2],ins3cdata[3],ins3cdata[4],ins3cdata[5],ins3cdata[6],ins3cdata[7],ins3cdata[8],ins3cdata[9]);
173 write_cmd(ins3c, ins3cdata); //ecm request
174 cs_debug("do_ecm_answer:%02x%02x",cta_res[0], cta_res[1]);
175
176 static unsigned char ins30[] = { 0xC1, 0x30, 0x00, 0x02, 0x09 };
177 static unsigned char ins30data[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF };
178 /* We need to use a token */
179 if (cta_res[0] == 0x90 && cta_res[1] == 0x1a) {
180 write_cmd(ins30, ins30data);
181 cs_debug("do_ins30_answer:%02x%02x",cta_res[0], cta_res[1]);
182 write_cmd(ins3c, ins3cdata); //ecm request
183 cs_debug("do_ecm_answer2:%02x%02x",cta_res[0], cta_res[1]);
184 }
185
186 if ((cta_res[0] != 0x90) || (cta_res[1] != 0x00)) return (0);
187 read_cmd(ins3a, NULL); //get cw's
188 cs_debug("cwdump:%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x.",cta_res[0],cta_res[1],cta_res[2],cta_res[3],cta_res[4],cta_res[5],cta_res[6],cta_res[7],cta_res[8],cta_res[9],cta_res[10],cta_res[11],cta_res[12],cta_res[13],cta_res[14],cta_res[15],cta_res[16],cta_res[17]);
189 if ((cta_res[16] != 0x90) || (cta_res[17] != 0x00)) return (0);//exit if response is not 90 00 //TODO: if response is 9027 ppv mode is possible!
190 memcpy(er->cw,cta_res,16);
191 return(1);
192
193}
194
195int seca_do_emm(EMM_PACKET *ep)
196{
197 static unsigned char ins40[] = { 0xc1,0x40,0x00,0x00,0x00 };
198 uchar ins40data[256];
199 int i;
200 cs_debug("EMM:%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x.",ep->emm[0],ep->emm[1],ep->emm[2],ep->emm[3],ep->emm[4],ep->emm[5],ep->emm[6],ep->emm[7],ep->emm[8],ep->emm[9],ep->emm[10],ep->emm[11],ep->emm[12],ep->emm[13],ep->emm[14],ep->emm[15],ep->emm[16],ep->emm[17],ep->emm[18],ep->emm[19],ep->emm[20],ep->emm[21],ep->emm[22],ep->emm[23],ep->emm[24],ep->emm[25],ep->emm[26]);
201 if (ep->emm[0] == 0x84) { //shared EMM
202 //to test if SA matches
203 //first find out prov id
204// i=get_prov_index(ep->emm[3],ep->emm[4]);
205 i=get_prov_index(ep->emm+3);
206 if (i == -1)
207 return(0);
208 else //prov id found, now test for SA (only first 3 bytes, custom byte does not count)
209 if ((ep->emm[5] != reader[ridx].sa[i][0]) ||
210 (ep->emm[6] != reader[ridx].sa[i][1]) ||
211 (ep->emm[7] != reader[ridx].sa[i][2])) {
212 cs_log("EMM: Shared update did not match; EMM SA:%02X%02X%02X, Reader SA:%02X,%02X,%02X.",ep->emm[5],ep->emm[6],ep->emm[7],reader[ridx].sa[i][0],reader[ridx].sa[i][1],reader[ridx].sa[i][2]);
213 return(0);
214 }
215 else {
216 cs_log("EMM: Shared update matched for EMM SA %02X%02X%02X.",ep->emm[5],ep->emm[6],ep->emm[7]);
217 ins40[3]=ep->emm[9];
218 ins40[4]=(ep->emm[1]&0x0f)*256+ep->emm[2]-0x07;
219 memcpy(ins40data,ep->emm+10,256-10);
220 }
221
222 }//end shared EMM
223 else
224 if (ep->emm[0] == 0x82) { //unique EMM
225 //first test if UA matches
226 if ((reader[ridx].hexserial[2] != ep->emm[3]) ||
227 (reader[ridx].hexserial[3] != ep->emm[4]) ||
228 (reader[ridx].hexserial[4] != ep->emm[5]) ||
229 (reader[ridx].hexserial[5] != ep->emm[6]) ||
230 (reader[ridx].hexserial[6] != ep->emm[7]) ||
231 (reader[ridx].hexserial[7] != ep->emm[8])) {
232 cs_log("EMM: Unique update did not match; EMM Serial:%02X%02X%02X%02X%02X%02X, Reader Serial:%02X%02X%02X%02X%02X%02X.", ep->emm[3], ep->emm[4], ep->emm[5], ep->emm[6], ep->emm[7], ep->emm[8], reader[ridx].hexserial[2], reader[ridx].hexserial[3], reader[ridx].hexserial[4], reader[ridx].hexserial[5], reader[ridx].hexserial[6], reader[ridx].hexserial[7]);
233 return(0);
234 }
235 else {
236 cs_log("EMM: Unique update matched EMM Serial:%02X%02X%02X%02X%02X.", ep->emm[3], ep->emm[4], ep->emm[5], ep->emm[6], ep->emm[7], ep->emm[8]);
237 //first find out prov id
238// i=get_prov_index(ep->emm[9],ep->emm[10]);
239 i=get_prov_index(ep->emm+9);
240 if (i==-1)
241 return(0);
242 ins40[3]=ep->emm[12];
243 ins40[4]=(ep->emm[1]&0x0f)*256+ep->emm[2]-0x0A;
244 memcpy(ins40data,ep->emm+13,256-13);
245 }
246 } //end unique EMM
247 else
248 return(0); //geen 0x84 en geen 0x82
249
250 ins40[2]=i;
251// length = ((er->ecm[1]<<8 || er->ecm[2])&0x0fff);
252 cs_debug("do_emm:ins40=%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x.",ins40[0],ins40[1],ins40[2],ins40[3],ins40[4],ins40data[0],ins40data[1],ins40data[2],ins40data[3],ins40data[4],ins40data[5],ins40data[6],ins40data[7],ins40data[8],ins40data[9]);
253 write_cmd(ins40, ins40data); //emm request
254 cs_debug("emmdump:%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x.",cta_res[0],cta_res[1],cta_res[2],cta_res[3],cta_res[4],cta_res[5],cta_res[6],cta_res[7],cta_res[8],cta_res[9],cta_res[10],cta_res[11],cta_res[12],cta_res[13],cta_res[14],cta_res[15],cta_res[16],cta_res[17]);
255//TODO if ((cta_res[16] != 0x90) || (cta_res[17] != 0x00)) return (0);
256// if ((cta_res[16] != 0x90) || (cta_res[17] != 0x19))
257// seca_card_init(); //if return code = 90 19 then PPUA changed. //untested!!
258// else
259 if (cta_res[0] == 0x97) {
260 cs_log("EMM: Update not necessary.");
261 return(1); //Update not necessary
262 }
263 if ((cta_res[0] == 0x90) && ((cta_res[1] == 0x00) || (cta_res[1] == 0x19)))
264 if (set_provider_info(i) != 0) //after successfull EMM, print new provider info
265 return(1);
266 return(0);
267
268}
269#ifdef LALL
270int seca_card_info(void)
271{
272 static uchar ins12[] = { 0xc1, 0x12, 0x00, 0x00, 0x19 }; // get provider info
273 int year, month, day;
274 struct tm *lt;
275 time_t t;
276 int valid=0;//0=false, 1=true
277 char l_name[16+8+1]=", name: ";
278
279 ins12[2]=i;//select provider
280 read_cmd(ins12, NULL); // show provider properties
281 cs_debug("hexdump:%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x.",cta_res[0],cta_res[1],cta_res[2],cta_res[3],cta_res[4],cta_res[5],cta_res[6],cta_res[7],cta_res[8],cta_res[9],cta_res[10],cta_res[11],cta_res[12],cta_res[13],cta_res[14],cta_res[15],cta_res[16],cta_res[17],cta_res[18],cta_res[19],cta_res[20],cta_res[21],cta_res[22],cta_res[23],cta_res[24],cta_res[25],cta_res[26]);
282
283 if ((cta_res[25] != 0x90) || (cta_res[26] != 0x00)) return (0);
284 reader[ridx].prid[i][0]=0;
285 reader[ridx].prid[i][1]=0;//blanken high byte provider code
286 memcpy(&reader[ridx].prid[i][2], cta_res, 2);
287// sprintf(buf+strlen(buf), ",%06X", b2i(3, &reader[ridx].prid[i][1]));
288
289 year = (cta_res[22]>>1) + 1990;
290 month = ((cta_res[22]&0x1)*256 + (cta_res[23]&0xe0))>>5;
291 day = (cta_res[23]&0x1f);
292 t=time(NULL);
293 lt=localtime(&t);
294 if (lt->tm_year+1900 != year)
295 if (lt->tm_year+1900 < year)
296 valid=1;
297 else
298 valid=0;
299 else
300 if (lt->tm_mon+1 != month)
301 if (lt->tm_mon+1 < month)
302 valid=1;
303 else
304 valid=0;
305 else
306 if (lt->tm_mday != day)
307 if (lt->tm_mday < day)
308 valid=1;
309 else
310 valid=0;
311 memcpy(l_name+8, cta_res+2, 16);
312 l_name[sizeof(l_name)]=0;
313 trim(l_name+8);
314 l_name[0]=(l_name[8]) ? ',' : 0;
315 reader[ridx].availkeys[i][0]=valid; //misusing availkeys to register validity of provider
316 cs_log("provider: %d, valid: %i, expiry date: %i/%i/%i%s",i+1,valid,year,month,day,l_name);
317 memcpy(&reader[ridx].sa[i][0], cta_res+18, 4);
318 if (valid==1) //if not expired
319 cs_log("SA:%02X%02X%02X%02X.",cta_res[18],cta_res[19],cta_res[20],cta_res[21]);
320 return(1);
321}
322#endif
Note: See TracBrowser for help on using the repository browser.