search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Timeout patch
[oscam.git] / reader-cryptoworks.c
blob458dfda1668e49f1072b81f482a56809efd5f32a
1 #include "globals.h"
2 #include "reader-common.h"
3
4 static uchar ISK[0x40];
5 static uchar cwexp[] = { 1, 0 , 1};
6 static BIGNUM exp, ucpk;
7 static int ucpk_valid = 0;
8
9 extern uchar cta_cmd[], cta_res[];
10 extern ushort cta_lr;
11
12 #define CMD_LEN 5
13
14 void RotateBytes1(unsigned char *out, unsigned char *in, int n)
15 {
16 // loop is executed atleast once, so it's not a good idea to
17 // call with n=0 !!
18 out+=n;
19 do { *(--out)=*(in++); } while(--n);
20 }
21
22 void RotateBytes2(unsigned char *in, int n)
23 {
24 // loop is executed atleast once, so it's not a good idea to
25 // call with n=0 !!
26 unsigned char *e=in+n-1;
27 do
28 {
29 unsigned char temp=*in;
30 *in++=*e;
31 *e-- =temp;
32 } while(in<e);
33 }
34
35 int Input(BIGNUM *d, unsigned char *in, int n, int LE)
36 {
37 if (LE)
38 {
39 unsigned char tmp[n];
40 RotateBytes1(tmp,in,n);
41 return(BN_bin2bn(tmp,n,d)!=0);
42 }
43 else
44 return(BN_bin2bn(in,n,d)!=0);
45 }
46
47 int Output(unsigned char *out, int n, BIGNUM *r, int LE)
48 {
49 int s=BN_num_bytes(r);
50 if (s>n)
51 {
52 unsigned char buff[s];
53 cs_debug("rsa: RSA len %d > %d, truncating", s, n);
54 BN_bn2bin(r,buff);
55 memcpy(out,buff+s-n,n);
56 }
57 else if (s<n)
58 {
59 int l=n-s;
60 cs_debug("rsa: RSA len %d < %d, padding", s, n);
61 memset(out,0,l);
62 BN_bn2bin(r,out+l);
63 }
64 else
65 BN_bn2bin(r,out);
66 if (LE)
67 RotateBytes2(out,n);
68 return(s);
69 }
70
71 int RSA(unsigned char *out, unsigned char *in, int n, BIGNUM *exp, BIGNUM *mod, int LE)
72 {
73 int rc=0;
74 BN_CTX *ctx;
75 BIGNUM *r, *d;
76 ctx=BN_CTX_new();
77 r=BN_new();
78 d=BN_new();
79 if (Input(d,in,n,LE))
80 {
81 if(BN_mod_exp(r,d,exp,mod,ctx))
82 rc=Output(out,n,r,LE);
83 else
84 cs_log("rsa: mod-exp failed");
85 }
86 BN_CTX_free(ctx);
87 BN_free(d);
88 BN_free(r);
89 return(rc);
90 }
91
92 int CheckSctLen(const uchar *data, int off)
93 {
94 int l=SCT_LEN(data);
95 if (l+off > MAX_LEN)
96 {
97 cs_debug("smartcard: section too long %d > %d", l, MAX_LEN-off);
98 l=-1;
99 }
100 return(l);
101 }
102
103 static int card_write(uchar *cmd, uchar *data, int wflag)
104 {
105 int l;
106 uchar buf[MAX_LEN];
107 memcpy(buf, cmd, CMD_LEN);
108 l=wflag ? cmd[4] : 0;
109 if (l && data)
110 memcpy(buf+CMD_LEN, data, l);
111 l=reader_cmd2icc(buf, CMD_LEN+l);
112 return(l);
113 }
114
115 #define write_cmd(cmd, data) \
116 { \
117 if (card_write(cmd, data, 1)) return(0); \
118 }
119
120 #define read_cmd(cmd, data) \
121 { \
122 if (card_write(cmd, data, 0)) return(0); \
123 }
124
125 static char *chid_date(uchar *ptr, char *buf, int l)
126 {
127 if (buf)
128 {
129 snprintf(buf, l, "%04d/%02d/%02d",
130 1990+(ptr[0]>>1), ((ptr[0]&1)<<3)|(ptr[1]>>5), ptr[1]&0x1f);
131 }
132 return(buf);
133 }
134
135 static int select_file(uchar f1, uchar f2)
136 {
137 uchar insA4[] = {0xA4, 0xA4, 0x00, 0x00, 0x02, 0x00, 0x00};
138 insA4[5]=f1;
139 insA4[6]=f2;
140 write_cmd(insA4, insA4+5); // select file
141 return((cta_res[0]==0x9f)&&(cta_res[1]==0x11));
142 }
143
144 static int read_record(uchar rec)
145 {
146 uchar insA2[] = {0xA4, 0xA2, 0x00, 0x00, 0x01, 0x00};
147 uchar insB2[] = {0xA4, 0xB2, 0x00, 0x00, 0x00};
148
149 insA2[5]=rec;
150 write_cmd(insA2, insA2+5); // select record
151 if (cta_res[0]!=0x9f)
152 return(-1);
153 insB2[4]=cta_res[1]; // get len
154 read_cmd(insB2, NULL); // read record
155 if ((cta_res[cta_lr-2]!=0x90) || (cta_res[cta_lr-1]))
156 return(-1);
157 return(cta_lr-2);
158 }
159
160 int cryptoworks_card_init(uchar *atr, int atrsize)
161 {
162 int i;
163 unsigned int mfid=0x3F20;
164 uchar insA4C[]= {0xA4, 0xC0, 0x00, 0x00, 0x11};
165 uchar insB8[] = {0xA4, 0xB8, 0x00, 0x00, 0x0c};
166 uchar issuerid=0;
167 char issuer[20]={0};
168 char *unknown="unknown", *pin=unknown, ptxt[CS_MAXPROV<<2]={0};
169
170 if ((atr[6]!=0xC4) || (atr[9]!=0x8F) || (atr[10]!=0xF1)) return(0);
171
172 reader[ridx].caid[0]=0xD00;
173 reader[ridx].nprov=0;
174 memset(reader[ridx].prid, 0, sizeof(reader[ridx].prid));
175
176 read_cmd(insA4C, NULL); // read masterfile-ID
177 if ((cta_res[0]==0xDF) && (cta_res[1]>=6))
178 mfid=(cta_res[6]<<8)|cta_res[7];
179
180 select_file(0x3f, 0x20);
181 insB8[2]=insB8[3]=0; // first
182 for(cta_res[0]=0xdf; cta_res[0]==0xdf;)
183 {
184 read_cmd(insB8, NULL); // read provider id's
185 if (cta_res[0]!=0xdf) break;
186 if (((cta_res[4]&0x1f)==0x1f) && (reader[ridx].nprov<CS_MAXPROV))
187 {
188 sprintf(ptxt+strlen(ptxt), ",%02X", cta_res[5]);
189 reader[ridx].prid[reader[ridx].nprov++][3]=cta_res[5];
190 }
191 insB8[2]=insB8[3]=0xff; // next
192 }
193 for (i=reader[ridx].nprov; i<CS_MAXPROV; i++)
194 memset(&reader[ridx].prid[i][0], 0xff, 4);
195
196 select_file(0x2f, 0x01); // read caid
197 if (read_record(0xD1)>=4)
198 reader[ridx].caid[0]=(cta_res[2]<<8)|cta_res[3];
199
200 if (read_record(0x80)>=7) // read serial
201 memcpy(reader[ridx].hexserial, cta_res+2, 5);
202 cs_ri_log("type: cryptoworks, caid: %04X, serial: %llu",
203 reader[ridx].caid[0], b2ll(5, reader[ridx].hexserial));
204
205 if (read_record(0x9E)>=66) // read ISK
206 {
207 uchar keybuf[256];
208 BIGNUM *ipk;
209 if (search_boxkey(reader[ridx].caid[0], 0, keybuf))
210 {
211 ipk=BN_new();
212 BN_bin2bn(cwexp, sizeof(cwexp), &exp);
213 BN_bin2bn(keybuf, 64, ipk);
214 RSA(cta_res+2, cta_res+2, 0x40, &exp, ipk, 0);
215 BN_free(ipk);
216 if (ucpk_valid=(cta_res[2]==((mfid & 0xFF)>>1)))
217 {
218 cta_res[2]|=0x80;
219 BN_bin2bn(cta_res+2, 0x40, &ucpk);
220 cs_ddump(cta_res+2, 0x40, "IPK available -> session-key:");
221 }
222 else
223 {
224 if (ucpk_valid=(keybuf[0]==(((mfid & 0xFF)>>1)|0x80)))
225 {
226 BN_bin2bn(keybuf, 0x40, &ucpk);
227 cs_ddump(keybuf, 0x40, "session-key found:");
228 }
229 else
230 cs_log("invalid IPK or session-key for CAID %04X !", reader[ridx].caid[0]);
231 }
232 }
233 }
234 if (read_record(0x9F)>=3)
235 issuerid=cta_res[2];
236 if (read_record(0xC0)>=16)
237 {
238 strncpy(issuer, cta_res+2, sizeof(issuer)-1);
239 trim(issuer);
240 }
241 else
242 strcpy(issuer, unknown);
243
244 select_file(0x3f, 0x20);
245 select_file(0x2f, 0x11); // read pin
246 if (read_record(atr[8])>=7)
247 {
248 cta_res[6]=0;
249 pin=cta_res+2;
250 }
251 cs_ri_log("issuer: %s, id: %02X, bios: v%d, pin: %s, mfid: %04X", issuer, issuerid, atr[7], pin, mfid);
252 cs_ri_log("providers: %d (%s)", reader[ridx].nprov, ptxt+1);
253 cs_log("ready for requests");
254 return(1);
255 }
256
257 #ifdef LALL
258 bool cSmartCardCryptoworks::Decode(const cEcmInfo *ecm, const unsigned char *data, unsigned char *cw)
259 {
260 static unsigned char ins4c[] = { 0xA4,0x4C,0x00,0x00,0x00 };
261
262 unsigned char nanoD4[10];
263 int l=CheckSctLen(data,-5+(ucpkValid ? sizeof(nanoD4):0));
264 if(l>5) {
265 unsigned char buff[MAX_LEN];
266 if(ucpkValid) {
267 memcpy(buff,data,l);
268 nanoD4[0]=0xD4;
269 nanoD4[1]=0x08;
270 for(unsigned int i=2; i<sizeof(nanoD4); i++) nanoD4[i]=rand();
271 memcpy(&buff[l],nanoD4,sizeof(nanoD4));
272 data=buff; l+=sizeof(nanoD4);
273 }
274 ins4c[3]=ucpkValid ? 2 : 0;
275 ins4c[4]=l-5;
276 if(IsoWrite(ins4c,&data[5]) && Status() &&
277 (l=GetLen())>0 && ReadData(buff,l)==l) {
278 int r=0;
279 for(int i=0; i<l && r<2; ) {
280 int n=buff[i+1];
281 switch(buff[i]) {
282 case 0x80:
283 de(printf("smartcardcryptoworks: nano 80 (serial)\n"))
284 break;
285 case 0xD4:
286 de(printf("smartcardcryptoworks: nano D4 (rand)\n"))
287 if(n<8 || memcmp(&buff[i],nanoD4,sizeof(nanoD4)))
288 di(printf("smartcardcryptoworks: random data check failed after decrypt\n"))
289 break;
290 case 0xDB: // CW
291 de(printf("smartcardcryptoworks: nano DB (cw)\n"))
292 if(n==0x10) {
293 memcpy(cw,&buff[i+2],16);
294 r|=1;
295 }
296 break;
297 case 0xDF: // signature
298 de(printf("smartcardcryptoworks: nano DF %02x (sig)\n",n))
299 if(n==0x08) {
300 if((buff[i+2]&0x50)==0x50 && !(buff[i+3]&0x01) && (buff[i+5]&0x80))
301 r|=2;
302 }
303 else if(n==0x40) { // camcrypt
304 if(ucpkValid) {
305 RSA(&buff[i+2],&buff[i+2],n,exp,ucpk,false);
306 de(printf("smartcardcryptoworks: after camcrypt "))
307 de(HexDump(&buff[i+2],n))
308 r=0; l=n-4; n=4;
309 }
310 else {
311 di(printf("smartcardcryptoworks: valid UCPK needed for camcrypt!\n"))
312 return false;
313 }
314 }
315 break;
316 default:
317 de(printf("smartcardcryptoworks: nano %02x (unhandled)\n",buff[i]))
318 break;
319 }
320 i+=n+2;
321 }
322 return r==3;
323 }
324 }
325 return false;
326 }
327 #endif
328
329 int cryptoworks_do_ecm(ECM_REQUEST *er)
330 {
331 int rc=0;
332 int r=0;
333 static unsigned char ins4C[] = { 0xA4,0x4C,0x00,0x00,0x00 };
334 static unsigned char insC0[] = { 0xA4,0xC0,0x00,0x00,0x1C };
335 unsigned char nanoD4[10];
336 int secLen=CheckSctLen(er->ecm,-5+(ucpk_valid ? sizeof(nanoD4):0));
337
338 if(secLen>5)
339 {
340 int i;
341 uchar *ecm=er->ecm;
342 uchar buff[MAX_LEN];
343
344 if(ucpk_valid)
345 {
346 memcpy(buff,er->ecm,secLen);
347 nanoD4[0]=0xD4;
348 nanoD4[1]=0x08;
349 for (i=2; i<sizeof(nanoD4); i++)
350 nanoD4[i]=rand();
351 memcpy(&buff[secLen], nanoD4, sizeof(nanoD4));
352 ecm=buff;
353 secLen+=sizeof(nanoD4);
354 }
355
356 ins4C[3]=ucpk_valid ? 2 : 0;
357 ins4C[4]=secLen-5;
358 write_cmd(ins4C, ecm+5);
359 if (cta_res[cta_lr-2]==0x9f)
360 {
361 insC0[4]=cta_res[cta_lr-1];
362 read_cmd(insC0, NULL);
363 for(i=0; i<secLen && r<2; )
364 {
365 int n=cta_res[i+1];
366 switch(cta_res[i])
367 {
368 case 0x80:
369 cs_debug("cryptoworks: nano 80 (serial)");
370 break;
371 case 0xD4:
372 cs_debug("smartcardcryptoworks: nano D4 (rand)");
373 if(n<8 || memcmp(&cta_res[i],nanoD4,sizeof(nanoD4)))
374 cs_debug("cryptoworks: random data check failed after decrypt");
375 break;
376 case 0xDB: // CW
377 cs_debug("smartcardcryptoworks: nano DB (cw)");
378 if(n==0x10)
379 {
380 memcpy(er->cw, &cta_res[i+2], 16);
381 r|=1;
382 }
383 break;
384 case 0xDF: // signature
385 cs_debug("cryptoworks: nano DF %02x (sig)", n);
386 if (n==0x08)
387 {
388 if((cta_res[i+2]&0x50)==0x50 && !(cta_res[i+3]&0x01) && (cta_res[i+5]&0x80))
389 r|=2;
390 }
391 else if (n==0x40) // camcrypt
392 {
393 if(ucpk_valid)
394 {
395 RSA(&cta_res[i+2],&cta_res[i+2], n, &exp, &ucpk, 0);
396 cs_debug("smartcardcryptoworks: after camcrypt ");
397 r=0; secLen=n-4; n=4;
398 }
399 else
400 {
401 cs_log("cryptoworks: valid UCPK needed for camcrypt!");
402 return(0);
403 }
404 }
405 break;
406 default:
407 cs_debug("smartcardcryptoworks: nano %02x (unhandled)",cta_res[i]);
408 break;
409 }
410 i+=n+2;
411 }
412 }
413
414 #ifdef LALL
415 ########################################################################
416 if ((cta_res[cta_lr-2]==0x9f)&&(cta_res[cta_lr-1]==0x1c))
417 {
418 read_cmd(insC0, NULL);
419 if ((cta_lr>26)&&(cta_res[cta_lr-2]==0x90)&&(cta_res[cta_lr-1]==0))
420 {
421 if (rc=(((cta_res[20]&0x50)==0x50) &&
422 (!(cta_res[21]&0x01)) &&
423 (cta_res[23]&0x80)))
424 memcpy(er->cw, cta_res+2, 16);
425 }
426 }
427 #endif
428 }
429 // return(rc ? 1 : 0);
430 return((r==3) ? 1 : 0);
431 }
432
433 int cryptoworks_do_emm(EMM_PACKET *ep)
434 {
435 int rc=0;
436 uchar *emm=ep->emm;
437
438 if ((emm[0]==0x8f) && (emm[3]==0xa4)) // emm via camd3.5x
439 {
440 ep->type=emm[4];
441 write_cmd(emm+3, emm+3+CMD_LEN);
442 if ((cta_lr==2) && (cta_res[0]==0x90) && (cta_res[1]==0))
443 rc=1;
444 }
445 return(rc);
446 }
447
448 int cryptoworks_card_info(void)
449 {
450 int i;
451 uchar insA21[]= {0xA4, 0xA2, 0x01, 0x00, 0x05, 0x8C, 0x00, 0x00, 0x00, 0x00};
452 uchar insB2[] = {0xA4, 0xB2, 0x00, 0x00, 0x00};
453 char l_name[20+8]=", name: ";
454
455 for (i=0; i<reader[ridx].nprov; i++)
456 {
457 l_name[8]=0;
458 select_file(0x1f, reader[ridx].prid[i][3]); // select provider
459 select_file(0x0e, 0x11); // read provider name
460 if (read_record(0xD6)>=16)
461 {
462 strncpy(l_name+8, cta_res+2, sizeof(l_name)-9);
463 l_name[sizeof(l_name)]=0;
464 trim(l_name+8);
465 }
466 l_name[0]=(l_name[8]) ? ',' : 0;
467 cs_ri_log("provider: %d, id: %02X%s", i+1, reader[ridx].prid[i][3], l_name);
468 select_file(0x0f, 0x20); // select provider class
469 write_cmd(insA21, insA21+5);
470 if (cta_res[0]==0x9f)
471 {
472 insB2[4]=cta_res[1];
473 for(insB2[3]=0; (cta_res[0]!=0x94)||(cta_res[1]!=0x2); insB2[3]=1)
474 {
475 read_cmd(insB2, NULL); // read chid
476 if (cta_res[0]!=0x94)
477 {
478 char ds[16], de[16];
479 chid_date(cta_res+28, ds, sizeof(ds)-1);
480 chid_date(cta_res+30, de, sizeof(de)-1);
481 cs_ri_log("chid: %02X%02X, date: %s - %s, name: %s",
482 cta_res[6], cta_res[7], ds, de, trim(cta_res+10));
483 }
484 }
485 }
486 }
487 return(1);
488 }
Open Source Conditional Access Modul