source: trunk/reader-seca.c@ 109

Last change on this file since 109 was 96, checked in by polo, 11 years ago

Add card info logging when log file reach MaxLogSize

File size: 13.3 KB
Line 
1#include "globals.h"
2#include "reader-common.h"
3
4extern uchar cta_cmd[], cta_res[];
5extern ushort cta_lr;
6static unsigned short pmap=0; // provider-maptable
7unsigned long long serial ;
8char *card;
9
10#define CMD_LEN 5
11
12static int card_write(uchar *cmd, uchar *data, int wflag)
13{
14 int l;
15 uchar buf[256];
16 memcpy(buf, cmd, CMD_LEN);
17 l=wflag ? cmd[4] : 0;
18 if (l && data) memcpy(buf+CMD_LEN, data, l);
19 l=reader_cmd2icc(buf, CMD_LEN+l);
20 return(l);
21}
22
23#define write_cmd(cmd, data) \
24{ \
25 if (card_write(cmd, data, 1)) return(0); \
26}
27
28#define read_cmd(cmd, data) \
29{ \
30 if (card_write(cmd, data, 0)) return(0); \
31}
32
33int set_provider_info(int i)
34{
35 static uchar ins12[] = { 0xc1, 0x12, 0x00, 0x00, 0x19 }; // get provider info
36 int year, month, day;
37 struct tm *lt;
38 time_t t;
39 int valid=0;//0=false, 1=true
40 char l_name[16+8+1]=", name: ";
41
42 ins12[2]=i;//select provider
43 read_cmd(ins12, NULL); // show provider properties
44 cs_debug("hexdump:%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x.",cta_res[0],cta_res[1],cta_res[2],cta_res[3],cta_res[4],cta_res[5],cta_res[6],cta_res[7],cta_res[8],cta_res[9],cta_res[10],cta_res[11],cta_res[12],cta_res[13],cta_res[14],cta_res[15],cta_res[16],cta_res[17],cta_res[18],cta_res[19],cta_res[20],cta_res[21],cta_res[22],cta_res[23],cta_res[24],cta_res[25],cta_res[26]);
45
46 if ((cta_res[25] != 0x90) || (cta_res[26] != 0x00)) return (0);
47 reader[ridx].prid[i][0]=0;
48 reader[ridx].prid[i][1]=0;//blanken high byte provider code
49 memcpy(&reader[ridx].prid[i][2], cta_res, 2);
50// sprintf(buf+strlen(buf), ",%06X", b2i(3, &reader[ridx].prid[i][1]));
51
52 year = (cta_res[22]>>1) + 1990;
53 month = ((cta_res[22]&0x1)*256 + (cta_res[23]&0xe0))>>5;
54 day = (cta_res[23]&0x1f);
55 t=time(NULL);
56 lt=localtime(&t);
57 if (lt->tm_year+1900 != year)
58 if (lt->tm_year+1900 < year)
59 valid=1;
60 else
61 valid=0;
62 else
63 if (lt->tm_mon+1 != month)
64 if (lt->tm_mon+1 < month)
65 valid=1;
66 else
67 valid=0;
68 else
69 if (lt->tm_mday != day)
70 if (lt->tm_mday < day)
71 valid=1;
72 else
73 valid=0;
74 memcpy(l_name+8, cta_res+2, 16);
75 l_name[sizeof(l_name)]=0;
76 trim(l_name+8);
77 l_name[0]=(l_name[8]) ? ',' : 0;
78 reader[ridx].availkeys[i][0]=valid; //misusing availkeys to register validity of provider
79 cs_log("provider: %d, valid: %i%s, expiry date: %4d/%02d/%02d",
80 i+1, valid,l_name, year, month, day);
81 memcpy(&reader[ridx].sa[i][0], cta_res+18, 4);
82 if (valid==1) //if not expired
83 cs_log("SA: %s", cs_hexdump(0, cta_res+18, 4));
84// cs_log("SA:%02X%02X%02X%02X.",cta_res[18],cta_res[19],cta_res[20],cta_res[21]);
85 return(1);
86}
87
88int seca_card_init(uchar *atr, int atrsize)
89{
90 uchar buf[256];
91 static uchar ins0e[] = { 0xc1, 0x0e, 0x00, 0x00, 0x08 }; // get serial number (UA)
92 static uchar ins16[] = { 0xc1, 0x16, 0x00, 0x00, 0x07 }; // get nr. of prividers
93 int i;
94
95// Unlock parental control
96// c1 30 00 01 09
97// 00 00 00 00 00 00 00 00 ff
98 static uchar ins30[] = { 0xc1, 0x30, 0x00, 0x01, 0x09 };
99 static uchar ins30data[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff };
100
101 buf[0]=0x00;
102 if ((atr[10]!=0x0e) || (atr[11]!=0x6c) || (atr[12]!=0xb6) || (atr[13]!=0xd6)) return(0);
103 switch(atr[7]<<8|atr[8])
104 {
105 case 0x5084: card="Generic"; break;
106 case 0x5384: card="Philips"; break;
107 case 0x5130:
108 case 0x5430:
109 case 0x5760: card="Thompson"; break;
110 case 0x5284:
111 case 0x5842:
112 case 0x6060: card="Siemens"; break;
113 case 0x7070: card="Canal+ NL"; break;
114 default: card="Unknown"; break;
115 }
116 reader[ridx].caid[0]=0x0100;
117 memset(reader[ridx].prid, 0xff, sizeof(reader[ridx].prid));
118 read_cmd(ins0e, NULL); // read unique id
119 reader[ridx].hexserial[0]=0;
120 reader[ridx].hexserial[1]=0;
121 memcpy(reader[ridx].hexserial+2, cta_res+2, 6);
122 serial = b2ll(5, cta_res+3) ;
123 cs_ri_log("type: seca, caid: %04X, serial: %llu, card: %s v%d.%d",
124 reader[ridx].caid[0], serial, card, atr[9]&0x0F, atr[9]>>4);
125 read_cmd(ins16, NULL); // read nr of providers
126 pmap=cta_res[2]<<8|cta_res[3];
127 for (reader[ridx].nprov=0, i=pmap; i; i>>=1)
128 reader[ridx].nprov+=i&1;
129// i=cta_res[2]*256+cta_res[3];
130// do { n+=i&1; i>>=1; } while(i);
131// reader[ridx].nprov=n;
132
133 for (i=0; i<16; i++)
134 if (pmap&(1<<i))
135 {
136 if (!set_provider_info(i))
137 return(0);
138 else
139 sprintf((char *) buf+strlen((char *)buf), ",%04lX", b2i(2, &reader[ridx].prid[i][2]));
140 }
141
142 cs_ri_log("providers: %d (%s)", reader[ridx].nprov, buf+1);
143// Unlock parental control
144 if( cfg->ulparent != 0 ){
145 write_cmd(ins30, ins30data);
146 cs_log("ins30_answer: %02x%02x",cta_res[0], cta_res[1]);
147 }else {
148 cs_log("parental locked");
149 }
150 cs_log("ready for requests");
151 return(1);
152}
153
154// static int get_prov_index (uchar providhigh, uchar providlow)//returns provider id or -1 if not found
155static int get_prov_index(char *provid) //returns provider id or -1 if not found
156{
157 int prov;
158 for (prov=0; prov<reader[ridx].nprov; prov++) //search for provider index
159 if (!memcmp(provid, &reader[ridx].prid[prov][2], 2))
160 return(prov);
161// for (prov=0; prov<reader[ridx].nprov; prov++) //search for provider index
162// if ( (providhigh == reader[ridx].prid[prov][2]) &&
163// (providlow == reader[ridx].prid[prov][3]) )
164// {
165// return(prov);
166// }
167 return(-1);
168}
169
170
171int seca_do_ecm(ECM_REQUEST *er)
172{
173 static unsigned char ins3c[] = { 0xc1,0x3c,0x00,0x00,0x00 }; // coding cw
174 static unsigned char ins3a[] = { 0xc1,0x3a,0x00,0x00,0x10 }; // decoding cw
175 uchar ins3cdata[256];
176 int i;
177
178// i=get_prov_index(er->ecm[3],er->ecm[4]);
179 i=get_prov_index((char *) er->ecm+3);
180 if ((i == -1) || (reader[ridx].availkeys[i][0] == 0)) //if provider not found or expired
181 return (0);
182 ins3c[2]=i;
183 ins3c[3]=er->ecm[7]; //key nr
184 ins3c[4]=(((er->ecm[1]&0x0f)*256)+er->ecm[2])-0x05;
185
186 memcpy(ins3cdata,er->ecm+8,256-8);
187 cs_debug("do_ecm:ins3c=%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x.",ins3c[0],ins3c[1],ins3c[2],ins3c[3],ins3c[4],ins3cdata[0],ins3cdata[1],ins3cdata[2],ins3cdata[3],ins3cdata[4],ins3cdata[5],ins3cdata[6],ins3cdata[7],ins3cdata[8],ins3cdata[9]);
188 write_cmd(ins3c, ins3cdata); //ecm request
189 cs_debug("do_ecm_answer:%02x%02x",cta_res[0], cta_res[1]);
190
191 static unsigned char ins30[] = { 0xC1, 0x30, 0x00, 0x02, 0x09 };
192 static unsigned char ins30data[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF };
193 /* We need to use a token */
194 if (cta_res[0] == 0x90 && cta_res[1] == 0x1a) {
195 write_cmd(ins30, ins30data);
196 cs_debug("do_ins30_answer:%02x%02x",cta_res[0], cta_res[1]);
197 write_cmd(ins3c, ins3cdata); //ecm request
198 cs_debug("do_ecm_answer2:%02x%02x",cta_res[0], cta_res[1]);
199 }
200
201 if ((cta_res[0] != 0x90) || (cta_res[1] != 0x00)) return (0);
202 read_cmd(ins3a, NULL); //get cw's
203 cs_debug("cwdump:%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x.",cta_res[0],cta_res[1],cta_res[2],cta_res[3],cta_res[4],cta_res[5],cta_res[6],cta_res[7],cta_res[8],cta_res[9],cta_res[10],cta_res[11],cta_res[12],cta_res[13],cta_res[14],cta_res[15],cta_res[16],cta_res[17]);
204 if ((cta_res[16] != 0x90) || (cta_res[17] != 0x00)) return (0);//exit if response is not 90 00 //TODO: if response is 9027 ppv mode is possible!
205 memcpy(er->cw,cta_res,16);
206 return(1);
207
208}
209
210int seca_do_emm(EMM_PACKET *ep)
211{
212 static unsigned char ins40[] = { 0xc1,0x40,0x00,0x00,0x00 };
213 uchar ins40data[256];
214 int i;
215 cs_debug("EMM:%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x.",ep->emm[0],ep->emm[1],ep->emm[2],ep->emm[3],ep->emm[4],ep->emm[5],ep->emm[6],ep->emm[7],ep->emm[8],ep->emm[9],ep->emm[10],ep->emm[11],ep->emm[12],ep->emm[13],ep->emm[14],ep->emm[15],ep->emm[16],ep->emm[17],ep->emm[18],ep->emm[19],ep->emm[20],ep->emm[21],ep->emm[22],ep->emm[23],ep->emm[24],ep->emm[25],ep->emm[26]);
216 if (ep->emm[0] == 0x84) { //shared EMM
217 //to test if SA matches
218 //first find out prov id
219// i=get_prov_index(ep->emm[3],ep->emm[4]);
220 i=get_prov_index((char *) ep->emm+3);
221 if (i == -1)
222 return(0);
223 else //prov id found, now test for SA (only first 3 bytes, custom byte does not count)
224 if ((ep->emm[5] != reader[ridx].sa[i][0]) ||
225 (ep->emm[6] != reader[ridx].sa[i][1]) ||
226 (ep->emm[7] != reader[ridx].sa[i][2])) {
227 cs_log("EMM: Shared update did not match; EMM SA:%02X%02X%02X, Reader SA:%02X,%02X,%02X.",ep->emm[5],ep->emm[6],ep->emm[7],reader[ridx].sa[i][0],reader[ridx].sa[i][1],reader[ridx].sa[i][2]);
228 return(0);
229 }
230 else {
231 cs_log("EMM: Shared update matched for EMM SA %02X%02X%02X.",ep->emm[5],ep->emm[6],ep->emm[7]);
232 ins40[3]=ep->emm[9];
233 ins40[4]=(ep->emm[1]&0x0f)*256+ep->emm[2]-0x07;
234 memcpy(ins40data,ep->emm+10,256-10);
235 }
236
237 }//end shared EMM
238 else
239 if (ep->emm[0] == 0x82) { //unique EMM
240 //first test if UA matches
241 if ((reader[ridx].hexserial[2] != ep->emm[3]) ||
242 (reader[ridx].hexserial[3] != ep->emm[4]) ||
243 (reader[ridx].hexserial[4] != ep->emm[5]) ||
244 (reader[ridx].hexserial[5] != ep->emm[6]) ||
245 (reader[ridx].hexserial[6] != ep->emm[7]) ||
246 (reader[ridx].hexserial[7] != ep->emm[8])) {
247 cs_log("EMM: Unique update did not match; EMM Serial:%02X%02X%02X%02X%02X%02X, Reader Serial:%02X%02X%02X%02X%02X%02X.", ep->emm[3], ep->emm[4], ep->emm[5], ep->emm[6], ep->emm[7], ep->emm[8], reader[ridx].hexserial[2], reader[ridx].hexserial[3], reader[ridx].hexserial[4], reader[ridx].hexserial[5], reader[ridx].hexserial[6], reader[ridx].hexserial[7]);
248 return(0);
249 }
250 else {
251 cs_log("EMM: Unique update matched EMM Serial:%02X%02X%02X%02X%02X.", ep->emm[3], ep->emm[4], ep->emm[5], ep->emm[6], ep->emm[7], ep->emm[8]);
252 //first find out prov id
253// i=get_prov_index(ep->emm[9],ep->emm[10]);
254 i=get_prov_index((char *) ep->emm+9);
255 if (i==-1)
256 return(0);
257 ins40[3]=ep->emm[12];
258 ins40[4]=(ep->emm[1]&0x0f)*256+ep->emm[2]-0x0A;
259 memcpy(ins40data,ep->emm+13,256-13);
260 }
261 } //end unique EMM
262 else
263 return(0); //geen 0x84 en geen 0x82
264
265 ins40[2]=i;
266// length = ((er->ecm[1]<<8 || er->ecm[2])&0x0fff);
267 cs_debug("do_emm:ins40=%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x.",ins40[0],ins40[1],ins40[2],ins40[3],ins40[4],ins40data[0],ins40data[1],ins40data[2],ins40data[3],ins40data[4],ins40data[5],ins40data[6],ins40data[7],ins40data[8],ins40data[9]);
268 write_cmd(ins40, ins40data); //emm request
269 cs_debug("emmdump:%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x.",cta_res[0],cta_res[1],cta_res[2],cta_res[3],cta_res[4],cta_res[5],cta_res[6],cta_res[7],cta_res[8],cta_res[9],cta_res[10],cta_res[11],cta_res[12],cta_res[13],cta_res[14],cta_res[15],cta_res[16],cta_res[17]);
270//TODO if ((cta_res[16] != 0x90) || (cta_res[17] != 0x00)) return (0);
271// if ((cta_res[16] != 0x90) || (cta_res[17] != 0x19))
272// seca_card_init(); //if return code = 90 19 then PPUA changed. //untested!!
273// else
274 if (cta_res[0] == 0x97) {
275 cs_log("EMM: Update not necessary.");
276 return(1); //Update not necessary
277 }
278 if ((cta_res[0] == 0x90) && ((cta_res[1] == 0x00) || (cta_res[1] == 0x19)))
279 if (set_provider_info(i) != 0) //after successfull EMM, print new provider info
280 return(1);
281 return(0);
282
283}
284#ifndef LALL
285int seca_card_info(void)
286{
287int i;
288 cs_log("card detected");
289 cs_ri_log("type: seca, caid: %04X, serial: %llu, card: %s ",
290 reader[ridx].caid[0], serial , card);
291 for (i=0; i<16; i++)
292 if (pmap&(1<<i))
293 {
294 if (!set_provider_info(i))
295 return(0);
296 }
297
298 reader[ridx].online = 1;
299
300 return 1;
301}
302#endif
303#ifdef LALL
304int seca_card_info(void)
305{
306 static uchar ins12[] = { 0xc1, 0x12, 0x00, 0x00, 0x19 }; // get provider info
307 int year, month, day;
308 struct tm *lt;
309 time_t t;
310 int valid=0;//0=false, 1=true
311 char l_name[16+8+1]=", name: ";
312
313 ins12[2]=i;//select provider
314 read_cmd(ins12, NULL); // show provider properties
315 cs_debug("hexdump:%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x,%x.",cta_res[0],cta_res[1],cta_res[2],cta_res[3],cta_res[4],cta_res[5],cta_res[6],cta_res[7],cta_res[8],cta_res[9],cta_res[10],cta_res[11],cta_res[12],cta_res[13],cta_res[14],cta_res[15],cta_res[16],cta_res[17],cta_res[18],cta_res[19],cta_res[20],cta_res[21],cta_res[22],cta_res[23],cta_res[24],cta_res[25],cta_res[26]);
316
317 if ((cta_res[25] != 0x90) || (cta_res[26] != 0x00)) return (0);
318 reader[ridx].prid[i][0]=0;
319 reader[ridx].prid[i][1]=0;//blanken high byte provider code
320 memcpy(&reader[ridx].prid[i][2], cta_res, 2);
321// sprintf(buf+strlen(buf), ",%06X", b2i(3, &reader[ridx].prid[i][1]));
322
323 year = (cta_res[22]>>1) + 1990;
324 month = ((cta_res[22]&0x1)*256 + (cta_res[23]&0xe0))>>5;
325 day = (cta_res[23]&0x1f);
326 t=time(NULL);
327 lt=localtime(&t);
328 if (lt->tm_year+1900 != year)
329 if (lt->tm_year+1900 < year)
330 valid=1;
331 else
332 valid=0;
333 else
334 if (lt->tm_mon+1 != month)
335 if (lt->tm_mon+1 < month)
336 valid=1;
337 else
338 valid=0;
339 else
340 if (lt->tm_mday != day)
341 if (lt->tm_mday < day)
342 valid=1;
343 else
344 valid=0;
345 memcpy(l_name+8, cta_res+2, 16);
346 l_name[sizeof(l_name)]=0;
347 trim(l_name+8);
348 l_name[0]=(l_name[8]) ? ',' : 0;
349 reader[ridx].availkeys[i][0]=valid; //misusing availkeys to register validity of provider
350 cs_log("provider: %d, valid: %i, expiry date: %i/%i/%i%s",i+1,valid,year,month,day,l_name);
351 memcpy(&reader[ridx].sa[i][0], cta_res+18, 4);
352 if (valid==1) //if not expired
353 cs_log("SA:%02X%02X%02X%02X.",cta_res[18],cta_res[19],cta_res[20],cta_res[21]);
354
355 reader[ridx].online = 1;
356
357 return(1);
358}
359#endif
Note: See TracBrowser for help on using the repository browser.