1 #include "../globals.h"
3 #include "../oscam-lock.h"
4 #include "../oscam-string.h"
6 #include "protocol_t0.h"
8 #include "ifd_phoenix.h"
9 #include "../oscam-time.h"
10 #ifdef READER_NAGRA_MERLIN
11 #include "../cscrypt/fast_aes.h"
12 #include "../cscrypt/sha256.h"
13 #include "../cscrypt/mdc2.h"
14 #include "../cscrypt/idea.h"
20 // Default T0/T14 settings
22 // Default T1 settings
23 #define DEFAULT_IFSC 32
24 #define MAX_IFSC 251 // Cannot send > 255 buffer
25 #define DEFAULT_CWI 13
29 #define PPS_MAX_LENGTH 6
30 #define PPS_HAS_PPS1(block) ((block[1] & 0x10) == 0x10)
31 #define PPS_HAS_PPS2(block) ((block[1] & 0x20) == 0x20)
32 #define PPS_HAS_PPS3(block) ((block[1] & 0x40) == 0x40)
34 static uint16_t tempfi
; // used to capture FI and use it for rounding or not
35 static void ICC_Async_InvertBuffer(struct s_reader
*reader
, uint32_t size
, unsigned char *buffer
);
36 static int32_t Parse_ATR(struct s_reader
*reader
, ATR
*atr
, uint16_t deprecated
);
37 static int32_t PPS_Exchange(struct s_reader
*reader
, unsigned char *params
, uint32_t *length
);
38 static uint32_t PPS_GetLength(unsigned char *block
);
39 static int32_t InitCard(struct s_reader
*reader
, ATR
*atr
, unsigned char FI
, uint32_t D
, unsigned char N
, uint16_t deprecated
);
40 static uint32_t ETU_to_us(struct s_reader
*reader
, uint32_t ETU
);
41 static unsigned char PPS_GetPCK(unsigned char *block
, uint32_t length
);
42 static int32_t SetRightParity(struct s_reader
*reader
);
44 #ifdef READER_NAGRA_MERLIN
45 static void calculate_cak7_vars(struct s_reader
*reader
, const ATR
*atr
)
48 const uint8_t aes_iv
[] = { 0x4E, 0x61, 0x67, 0x72, 0x61, 0x63, 0x61, 0x72, 0x64, 0x28, 0x63, 0x29, 0x32, 0x30, 0x30, 0x36 }; // Nagracard(c)2006
49 mbedtls_sha256_context ctx_sha256
;
50 mbedtls_sha256_init(&ctx_sha256
);
51 mbedtls_sha256_starts(&ctx_sha256
, 0);
52 mbedtls_sha256_update(&ctx_sha256
, atr
->hb
, atr
->hbn
);
53 mbedtls_sha256_finish(&ctx_sha256
, aes_key
);
54 mbedtls_sha256_free(&ctx_sha256
);
55 memcpy(reader
->cak7_aes_key
,aes_key
,32);
56 memcpy(reader
->cak7_aes_iv
,aes_iv
,16);
58 rdr_log(reader
, "Initial AES: %s", cs_hexdump(1, reader
->cak7_aes_key
+ 16, 16, tmp
, sizeof(tmp
)));
61 void calculate_cak7_cmd(struct s_reader
*reader
, uint8_t *cmdin
,uint8_t cmdlen
,uint8_t *cmdout
)
63 uint32_t crc
= ccitt32_crc(cmdin
+4, cmdlen
-4);
64 i2b_buf(4, crc
, cmdin
);
66 AesCtxIni(&ctx
, reader
->cak7_aes_iv
, &reader
->cak7_aes_key
[16], KEY128
, CBC
);
67 AesEncrypt(&ctx
, cmdin
, cmdout
, cmdlen
);
70 void do_cak7_cmd(struct s_reader
*reader
,unsigned char *cta_res
, uint16_t *p_cta_lr
,uint8_t *data
,uint8_t inlen
,uint8_t resplen
)
74 uint8_t req
[inlen
+5+1]; // +head+len
75 memset(req
,0x00,sizeof(req
));
79 if(reader
->protocol_type
== ATR_PROTOCOL_TYPE_T0
)
87 req
[sizeof(req
)-1]=resplen
;
88 data
[4]=(reader
->cak7_seq
>>16)&0xFF;
89 data
[5]=(reader
->cak7_seq
>>8)&0xFF;
90 data
[6]=(reader
->cak7_seq
)&0xFF;
91 calculate_cak7_cmd(reader
,data
,inlen
,&req
[5]);
92 if(!ICC_Async_CardWrite(reader
, req
, sizeof(req
), cta_res
, p_cta_lr
))
94 if(reader
->protocol_type
== ATR_PROTOCOL_TYPE_T0
)
96 if(cta_res
[*p_cta_lr
- 2] == 0x61)
98 uint8_t resp
[] = {0x00,0xC0,0x00,0x00,0x00};
99 memcpy(resp
+ 4,&cta_res
[*p_cta_lr
- 1],1);
100 if(!ICC_Async_CardWrite(reader
, resp
, sizeof(resp
), cta_res
, p_cta_lr
))
103 AesCtxIni(&ctx
, reader
->cak7_aes_iv
, &reader
->cak7_aes_key
[16], KEY128
, CBC
);
104 AesDecrypt(&ctx
, cta_res
, cta_res
, *p_cta_lr
-2);
111 else if(cta_res
[*p_cta_lr
- 2] == 0x6F && cta_res
[*p_cta_lr
- 1] == 0x01)
113 rdr_log(reader
, "card answered 6F01 - trying one more time");
114 if(!ICC_Async_CardWrite(reader
, req
, sizeof(req
), cta_res
, p_cta_lr
))
116 if(cta_res
[*p_cta_lr
- 2] == 0x61)
118 uint8_t resp
[] = {0x00,0xC0,0x00,0x00,0x00};
119 memcpy(resp
+ 4,&cta_res
[*p_cta_lr
- 1],1);
120 if(!ICC_Async_CardWrite(reader
, resp
, sizeof(resp
), cta_res
, p_cta_lr
))
123 AesCtxIni(&ctx
, reader
->cak7_aes_iv
, &reader
->cak7_aes_key
[16], KEY128
, CBC
);
124 AesDecrypt(&ctx
, cta_res
, cta_res
, *p_cta_lr
-2);
131 else if(cta_res
[*p_cta_lr
- 2] == 0x6F && cta_res
[*p_cta_lr
- 1] == 0x01)
133 rdr_log(reader
, "card needs reinit");
144 if(cta_res
[*p_cta_lr
- 2] == 0x6F && cta_res
[*p_cta_lr
- 1] == 0x01)
146 rdr_log(reader
, "card answered 6F01 - trying one more time");
147 if(!ICC_Async_CardWrite(reader
, req
, sizeof(req
), cta_res
, p_cta_lr
))
149 if(cta_res
[*p_cta_lr
- 2] == 0x6F && cta_res
[*p_cta_lr
- 1] == 0x01)
151 rdr_log(reader
, "card needs reinit");
156 AesCtxIni(&ctx
, reader
->cak7_aes_iv
, &reader
->cak7_aes_key
[16], KEY128
, CBC
);
157 AesDecrypt(&ctx
, cta_res
, cta_res
, *p_cta_lr
-2);
168 AesCtxIni(&ctx
, reader
->cak7_aes_iv
, &reader
->cak7_aes_key
[16], KEY128
, CBC
);
169 AesDecrypt(&ctx
, cta_res
, cta_res
, *p_cta_lr
-2);
179 static void calculate_changerom_cmd(struct s_reader
*reader
, const ATR
*atr
, uint8_t *cmd
)
181 uint8_t cmd_data
[] = { 0xCC, 0xCC, 0xCC, 0xCC, 0x00, 0x00, 0x01, 0x01, 0x01, 0x95, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC };
182 calculate_cak7_vars(reader
,atr
);
183 calculate_cak7_cmd(reader
,cmd_data
,sizeof(cmd_data
),cmd
);
187 int32_t ICC_Async_Device_Init(struct s_reader
*reader
)
189 const struct s_cardreader
*crdr_ops
= reader
->crdr
;
190 if (!crdr_ops
) return ERROR
;
192 rdr_log_dbg(reader
, D_IFD
, "Opening device %s", reader
->device
);
194 int32_t ret
= crdr_ops
->reader_init(reader
);
197 rdr_log_dbg(reader
, D_IFD
, "Device %s successfully opened", reader
->device
);
201 if(reader
->typ
!= R_SC8in1
)
203 NULLFREE(reader
->crdr_data
);
205 rdr_log_dbg(reader
, D_IFD
, "ERROR: Can't open %s device", reader
->device
);
210 int32_t ICC_Async_Init_Locks(void)
212 // Init device specific locks here, called from init thread
213 // before reader threads are running
214 struct s_reader
*rdr
;
215 LL_ITER itr
= ll_iter_create(configured_readers
);
216 while((rdr
= ll_iter_next(&itr
)))
218 const struct s_cardreader
*crdr_ops
= rdr
->crdr
;
219 if (!crdr_ops
|| !crdr_ops
->lock_init
) continue;
220 crdr_ops
->lock_init(rdr
);
225 int32_t ICC_Async_GetStatus(struct s_reader
*reader
, int32_t *card
)
227 const struct s_cardreader
*crdr_ops
= reader
->crdr
;
232 if (reader
->typ
== R_SMART
&& reader
->smartdev_found
>= 4)
234 reader
->statuscnt
= reader
->statuscnt
+ 1;
235 if (reader
->statuscnt
== 6)
238 call(crdr_ops
->get_status(reader
, &in
));
241 reader
->modemstat
= 1;
243 reader
->statuscnt
= 0;
247 reader
->modemstat
= 0;
249 reader
->statuscnt
= 0;
255 *card
= reader
->modemstat
;
262 call(crdr_ops
->get_status(reader
, &in
));
276 int32_t ICC_Async_Activate(struct s_reader
*reader
, ATR
*atr
, uint16_t deprecated
)
278 rdr_log_dbg(reader
, D_IFD
, "Activating card");
279 const struct s_cardreader
*crdr_ops
= reader
->crdr
;
280 if (!crdr_ops
) return ERROR
;
281 reader
->current_baudrate
= DEFAULT_BAUDRATE
;
282 if(reader
->atr
[0] != 0 && !reader
->ins7e11_fast_reset
)
284 rdr_log(reader
, "Using ATR from reader config");
285 ATR_InitFromArray(atr
, reader
->atr
, ATR_MAX_SIZE
);
289 reader
->crdr_flush
= crdr_ops
->flush
; // Flush flag may be changed for each reader
290 call(crdr_ops
->activate(reader
, atr
));
291 if(crdr_ops
->skip_extra_atr_parsing
)
297 uint8_t atrarr
[ATR_MAX_SIZE
];
299 ATR_GetRaw(atr
, atrarr
, &atr_size
);
300 char tmp
[atr_size
* 3 + 1];
301 rdr_log(reader
, "ATR: %s", cs_hexdump(1, atrarr
, atr_size
, tmp
, sizeof(tmp
)));
302 memcpy(reader
->card_atr
, atrarr
, atr_size
);
303 reader
->card_atr_length
= atr_size
;
305 // Get ICC reader->convention
306 if(ATR_GetConvention(atr
, &(reader
->convention
)) != ATR_OK
)
308 rdr_log(reader
, "ERROR: Could not read reader->convention");
309 reader
->convention
= 0;
310 reader
->protocol_type
= 0;
313 reader
->protocol_type
= ATR_PROTOCOL_TYPE_T0
;
315 // Parse_ATR and InitCard need to be included in lock because they change parity of serial port
318 crdr_ops
->lock(reader
);
320 int32_t ret
= Parse_ATR(reader
, atr
, deprecated
);
323 crdr_ops
->unlock(reader
);
327 rdr_log(reader
, "ERROR: Parse_ATR returned error");
331 reader
->cak7type
= 0;
332 #ifdef READER_NAGRA_MERLIN
334 ATR_GetRaw(atr
, atrarr
, &atr_size
);
336 if((memcmp(atrarr
+ 8, "DNASP40", 7) == 0) || (memcmp(atrarr
+ 11, "DNASP41", 7) == 0) || (memcmp(atrarr
+ 11, "DNASP48", 7) == 0))
338 rdr_log(reader
, "card needs reset before init");
340 call(crdr_ops
->activate(reader
, atr
)); //try to read the atr of this layer
341 ATR_GetRaw(atr
, atrarr
, &atr_size
);
342 rdr_log(reader
,"ATR: %s", cs_hexdump(1, atrarr
, atr_size
, tmp
, sizeof(tmp
)));
343 // Parse_ATR and InitCard need to be included in lock because they change parity of serial port
346 crdr_ops
->lock(reader
);
348 int32_t ret1
= Parse_ATR(reader
, atr
, deprecated
);
351 crdr_ops
->unlock(reader
);
355 rdr_log(reader
, "ERROR: Parse_ATR returned error");
360 if((memcmp(atrarr
+ 8, "DNASP4", 6) == 0) || (memcmp(atrarr
+ 11, "DNASP4", 6) == 0))
362 rdr_log(reader
, "detected card in CAK7 mode");
363 calculate_cak7_vars(reader
, atr
);
364 reader
->cak7type
= 1;
366 else if(((memcmp(atrarr
+ 7, "pp", 2) == 0 && ((atrarr
[9]&0x0F) >= 10)) || (memcmp(atrarr
+ 11, "DNASP18", 7) == 0) || (memcmp(atrarr
+ 11, "DNASP19", 7) == 0) || (memcmp(atrarr
+ 11, "DNASP1A", 7) == 0)) && reader
->cak7_mode
)
368 rdr_log(reader
, "detected card in CAK6/Seca mode -> try switch to Nagra CAK7");
369 uint8_t changerom_handshake
[22];
370 memset(changerom_handshake
, 0x00, 22);
372 calculate_changerom_cmd(reader
, atr
, &changerom_handshake
[5]);
373 memset(reader
->rom
, 0, 15);
374 unsigned char cta_res
[CTA_RES_LEN
];
375 memset(cta_res
, 0, CTA_RES_LEN
);
378 changerom_handshake
[0] = 0x80;
379 changerom_handshake
[1] = 0xCA;
380 changerom_handshake
[4] = 0x11; // 0x11: length of data we will send
381 uint8_t cta_res1_ok
= 0x61;
382 uint8_t cta_res2_ok
= 0x10;
384 if(reader
->protocol_type
!= ATR_PROTOCOL_TYPE_T0
)
386 //changerom_handshake[0] = 0x80; // fix for mipsel router
387 changerom_handshake
[4] = 0x10; // 0x10: length of data we will send
392 changerom_handshake
[21] = 0x10;
394 reader
->cak7type
= 1;
395 if(!ICC_Async_CardWrite(reader
, changerom_handshake
, sizeof(changerom_handshake
), cta_res
, &cta_lr
))
397 if(cta_res
[cta_lr
-2] == cta_res1_ok
&& cta_res
[cta_lr
-1] == cta_res2_ok
)
399 rdr_log(reader
, "switch nagra layer OK");
401 call(crdr_ops
->activate(reader
, atr
)); //try to read the atr of this layer
402 ATR_GetRaw(atr
, atrarr
, &atr_size
);
403 rdr_log(reader
,"ATR: %s", cs_hexdump(1, atrarr
, atr_size
, tmp
, sizeof(tmp
)));
404 calculate_cak7_vars(reader
, atr
);
405 if(reader
->protocol_type
== ATR_PROTOCOL_TYPE_T0
)
407 reader
->cak7type
= 3;
411 reader
->cak7type
= 1;
416 crdr_ops
->lock(reader
);
418 int32_t ret2
= Parse_ATR(reader
, atr
, deprecated
);
421 crdr_ops
->unlock(reader
);
425 rdr_log(reader
, "ERROR: Parse_ATR returned error");
431 rdr_log(reader
,"Switch to nagra layer failed!");
437 rdr_log(reader
,"Switch to nagra layer command failed!");
440 memcpy(reader
->card_atr
, atrarr
, atr_size
);
441 reader
->card_atr_length
= atr_size
;
442 memcpy(reader
->rom
, atr
->hb
, (atr
->hbn
>15)?15:atr
->hbn
); // get historical bytes from atr
445 rdr_log_dbg(reader
, D_READER
, "Card successfully activated");
450 int32_t ICC_Async_CardWrite(struct s_reader
*reader
, unsigned char *command
, uint16_t command_len
, unsigned char *rsp
, uint16_t *lr
)
452 const struct s_cardreader
*crdr_ops
= reader
->crdr
;
453 if (!crdr_ops
) return ERROR
;
455 *lr
= 0; //will be returned in case of error
456 if(crdr_ops
->card_write
)
458 call(crdr_ops
->card_write(reader
, command
, rsp
, lr
, command_len
));
459 rdr_log_dump_dbg(reader
, D_READER
, rsp
, *lr
, "Answer from cardreader:");
464 crdr_ops
->lock(reader
);
472 rdr_log(reader
, "Warning: needed try nr %i, next ECM has some delay", try);
475 switch(reader
->protocol_type
)
477 case ATR_PROTOCOL_TYPE_T0
:
478 ret
= Protocol_T0_Command(reader
, command
, command_len
, rsp
, lr
);
481 case ATR_PROTOCOL_TYPE_T1
:
482 ret
= Protocol_T1_Command(reader
, command
, command_len
, rsp
, lr
);
484 if(ret
!= OK
&& !crdr_ops
->skip_t1_command_retries
&& reader
->cak7type
== 0)
487 rdr_log(reader
, "Resync error: readtimeouts %d/%d (max/min) us, writetimeouts %d/%d (max/min) us", reader
->maxreadtimeout
, reader
->minreadtimeout
, reader
->maxwritetimeout
, reader
->minwritetimeout
);
488 unsigned char resync
[] = { 0x21, 0xC0, 0x00, 0xE1 };
489 ret
= Protocol_T1_Command(reader
, resync
, sizeof(resync
), rsp
, lr
);
492 //reader->ifsc = DEFAULT_IFSC; // tryfix cardtimeouts: ifsc is setup at card init, on resync it should not return to default_ifsc
493 rdr_log(reader
, "T1 Resync command successful ifsc = %i", reader
->ifsc
);
498 rdr_log(reader
, "T1 Resync command error, trying to reactivate!");
500 ICC_Async_Activate(reader
, &atr
, reader
->deprecated
);
503 crdr_ops
->unlock(reader
);
509 case ATR_PROTOCOL_TYPE_T14
:
510 ret
= Protocol_T14_ExchangeTPDU(reader
, command
, command_len
, rsp
, lr
);
514 rdr_log(reader
, "ERROR: Unknown protocol type %i", reader
->protocol_type
);
515 type
= 99; // use 99 for unknown.
520 while((try < 3) && (ret
!= OK
) && (((type
== 0 || type
== 1) && reader
->cak7type
== 0) || type
== 14)); // always do one retry when failing
523 crdr_ops
->unlock(reader
);
527 rdr_log_dbg(reader
, D_TRACE
, "ERROR: Protocol_T%d_Command returns error", type
);
530 rdr_log_dump_dbg(reader
, D_READER
, rsp
, *lr
, "Answer from cardreader:");
534 int32_t ICC_Async_GetTimings(struct s_reader
*reader
, uint32_t wait_etu
)
536 int32_t timeout
= ETU_to_us(reader
, wait_etu
);
537 rdr_log_dbg(reader
, D_IFD
, "Setting timeout to %i ETU (%d us)", wait_etu
, timeout
);
541 int32_t ICC_Async_Transmit(struct s_reader
*reader
, uint32_t size
, uint32_t expectedlen
, unsigned char *data
, uint32_t delay
, uint32_t timeout
)
543 const struct s_cardreader
*crdr_ops
= reader
->crdr
;
544 if (!crdr_ops
) return ERROR
;
548 rdr_log_dbg(reader
, D_IFD
, "Transmit size %d bytes, expected len %d bytes, delay %d us, timeout=%d us", size
, expectedlen
, delay
, timeout
);
552 rdr_log_dbg(reader
, D_IFD
, "Transmit size %d bytes, delay %d us, timeout=%d us", size
, delay
, timeout
);
554 rdr_log_dump_dbg(reader
, D_IFD
, data
, size
, "Transmit:");
555 unsigned char *sent
= data
;
556 if(reader
->convention
== ATR_CONVENTION_INVERSE
&& crdr_ops
->need_inverse
)
558 ICC_Async_InvertBuffer(reader
, size
, sent
);
560 call(crdr_ops
->transmit(reader
, sent
, size
, expectedlen
, delay
, timeout
));
561 rdr_log_dbg(reader
, D_IFD
, "Transmit successful");
562 if(reader
->convention
== ATR_CONVENTION_INVERSE
&& crdr_ops
->need_inverse
)
564 // revert inversion cause the code in protocol_t0 is accessing buffer after transmit
565 ICC_Async_InvertBuffer(reader
, size
, sent
);
570 int32_t ICC_Async_Receive(struct s_reader
*reader
, uint32_t size
, unsigned char *data
, uint32_t delay
, uint32_t timeout
)
572 const struct s_cardreader
*crdr_ops
= reader
->crdr
;
573 if (!crdr_ops
) return ERROR
;
575 rdr_log_dbg(reader
, D_IFD
, "Receive size %d bytes, delay %d us, timeout=%d us", size
, delay
, timeout
);
576 call(crdr_ops
->receive(reader
, data
, size
, delay
, timeout
));
577 rdr_log_dbg(reader
, D_IFD
, "Receive successful");
578 if(reader
->convention
== ATR_CONVENTION_INVERSE
&& crdr_ops
->need_inverse
== 1)
580 ICC_Async_InvertBuffer(reader
, size
, data
);
585 int32_t ICC_Async_Close(struct s_reader
*reader
)
587 const struct s_cardreader
*crdr_ops
= reader
->crdr
;
588 if (!crdr_ops
) return ERROR
;
589 rdr_log_dbg(reader
, D_IFD
, "Closing device %s", reader
->device
);
590 call(crdr_ops
->close(reader
));
591 if(reader
->typ
!= R_SC8in1
)
593 NULLFREE(reader
->crdr_data
);
594 NULLFREE(reader
->csystem_data
);
596 rdr_log_dbg(reader
, D_IFD
, "Device %s successfully closed", reader
->device
);
600 void ICC_Async_DisplayMsg(struct s_reader
*reader
, char *msg
)
602 const struct s_cardreader
*crdr_ops
= reader
->crdr
;
603 if (!crdr_ops
|| !crdr_ops
->display_msg
)
607 crdr_ops
->display_msg(reader
, msg
);
610 int32_t ICC_Async_Reset(struct s_reader
*reader
, struct s_ATR
*atr
, int32_t (*rdr_activate_card
)(struct s_reader
*, struct s_ATR
*, uint16_t deprecated
), int32_t (*rdr_get_cardsystem
)(struct s_reader
*, struct s_ATR
*))
612 const struct s_cardreader
*crdr_ops
= reader
->crdr
;
613 if (!crdr_ops
|| !crdr_ops
->do_reset
)
617 return crdr_ops
->do_reset(reader
, atr
, rdr_activate_card
, rdr_get_cardsystem
);
620 static uint32_t ICC_Async_GetClockRate(int32_t cardmhz
)
626 return (372L * 9600L);
628 return (384L * 9600L);
630 return (cardmhz
* 10000L);
634 static int32_t ICC_Async_GetPLL_Divider(struct s_reader
*reader
)
636 if(reader
->divider
!= 0)
638 return reader
->divider
;
640 if(reader
->cardmhz
!= 8300) // Check dreambox is not DM7025
643 divider
= ((float) reader
->cardmhz
) / ((float) reader
->mhz
);
644 if (tempfi
== 9) reader
->divider
= (int32_t) divider
; // some card's runs only when slightly oveclocked like HD02
647 reader
->divider
= (int32_t) divider
;
648 if(divider
> reader
->divider
)
650 reader
->divider
++; // to prevent over clocking, ceil (round up) the divider
653 rdr_log_dbg(reader
, D_DEVICE
, "PLL maxmhz = %.2f, wanted mhz = %.2f, divider used = %d, actualcardclock=%.2f", (float) reader
->cardmhz
/ 100, (float) reader
->mhz
/ 100, reader
->divider
, (float) reader
->cardmhz
/ reader
->divider
/ 100);
654 reader
->mhz
= reader
->cardmhz
/ reader
->divider
;
656 else // STB is DM7025
658 int32_t i
, dm7025_clock_freq
[] = {518, 461, 395, 360, 319, 296, 267, 244, 230, 212, 197}, dm7025_PLL_setting
[] = {6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16}, t_cardmhz
= reader
->mhz
;
659 for(i
= 0; i
< 11; i
++)
660 if(t_cardmhz
>= dm7025_clock_freq
[i
])
668 reader
->mhz
= dm7025_clock_freq
[i
];
669 reader
->divider
= dm7025_PLL_setting
[i
]; /*Nicer way of codeing is: reader->divider = i + 6;*/
670 rdr_log_dbg(reader
, D_DEVICE
, "DM7025 PLL maxmhz = %.2f, wanted mhz = %.2f, PLL setting used = %d, actualcardclock=%.2f", (float) reader
->cardmhz
/ 100, (float) t_cardmhz
/ 100, reader
->divider
, (float) reader
->mhz
/ 100);
672 return reader
->divider
;
675 static void ICC_Async_InvertBuffer(struct s_reader
*reader
, uint32_t size
, unsigned char *buffer
)
678 rdr_log_dbg(reader
, D_IFD
, "%s: size=%u buf[0]=%02x", __func__
, size
, buffer
[0]);
679 for(i
= 0; i
< size
; i
++)
681 buffer
[i
] = ~(INVERT_BYTE(buffer
[i
]));
685 static int32_t Parse_ATR(struct s_reader
*reader
, ATR
*atr
, uint16_t deprecated
)
687 unsigned char FI
= ATR_DEFAULT_FI
;
688 uint32_t D
= ATR_DEFAULT_D
;
689 uint32_t N
= ATR_DEFAULT_N
;
693 int32_t numprot
= atr
->pn
;
694 //if there is a trailing TD, this number is one too high
696 if(ATR_GetInterfaceByte(atr
, numprot
- 1, ATR_INTERFACE_BYTE_TD
, &tx
) == ATR_OK
)
703 bool OffersT
[3]; //T14 stored as T2
704 for(i
= 0; i
<= 2; i
++)
708 for(i
= 1; i
<= numprot
; i
++)
711 if(ATR_GetInterfaceByte(atr
, i
, ATR_INTERFACE_BYTE_TA
, &tx
) == ATR_OK
)
713 snprintf((char *)txt
+ point
, sizeof(txt
) - point
, "TA%i=%02X ", i
, tx
);
716 if(ATR_GetInterfaceByte(atr
, i
, ATR_INTERFACE_BYTE_TB
, &tx
) == ATR_OK
)
718 snprintf((char *)txt
+ point
, sizeof(txt
) - point
, "TB%i=%02X ", i
, tx
);
721 if(ATR_GetInterfaceByte(atr
, i
, ATR_INTERFACE_BYTE_TC
, &tx
) == ATR_OK
)
723 snprintf((char *)txt
+ point
, sizeof(txt
) - point
, "TC%i=%02X ", i
, tx
);
726 if(ATR_GetInterfaceByte(atr
, i
, ATR_INTERFACE_BYTE_TD
, &tx
) == ATR_OK
)
728 snprintf((char *)txt
+ point
, sizeof(txt
) - point
, "TD%i=%02X ", i
, tx
);
731 snprintf((char *)txt
+ point
, sizeof(txt
) - point
, "(T%i)", tx
);
743 snprintf((char *)txt
+ point
, sizeof(txt
) - point
, "no TD%i means T0", i
);
746 rdr_log_dbg(reader
, D_ATR
, "%s", txt
);
749 int32_t numprottype
= 0;
750 for(i
= 0; i
<= 2; i
++)
755 rdr_log_dbg(reader
, D_ATR
, "%i protocol types detected. Historical bytes: %s", numprottype
, cs_hexdump(1, atr
->hb
, atr
->hbn
, tmp
, sizeof(tmp
)));
757 ATR_GetParameter(atr
, ATR_PARAMETER_N
, &(N
));
758 ATR_GetProtocolType(atr
, 1, &(reader
->protocol_type
)); // get protocol from TD1
761 bool SpecificMode
= (ATR_GetInterfaceByte(atr
, 2, ATR_INTERFACE_BYTE_TA
, &TA2
) == ATR_OK
); // if TA2 present, specific mode, else negotiable mode
764 reader
->protocol_type
= TA2
& 0x0F;
765 if((TA2
& 0x10) != 0x10) // bit 5 set to 0 means F and D explicitly defined in interface characters
768 if(ATR_GetInterfaceByte(atr
, 1, ATR_INTERFACE_BYTE_TA
, &TA1
) == ATR_OK
)
771 ATR_GetParameter(atr
, ATR_PARAMETER_D
, &(D
));
781 rdr_log(reader
, "Specific mode: speed 'implicitly defined', not sure how to proceed, assuming default values");
785 uint32_t F
= atr_f_table
[FI
];
786 rdr_log_dbg(reader
, D_ATR
, "Specific mode: T%i, F=%d, D=%d, N=%d", reader
->protocol_type
, F
, D
, N
);
788 else // negotiable mode
791 reader
->read_timeout
= 1000000; // in us
792 bool PPS_success
= 0;
793 bool NeedsPTS
= ((reader
->protocol_type
!= ATR_PROTOCOL_TYPE_T14
) && (numprottype
> 1 || (atr
->ib
[0][ATR_INTERFACE_BYTE_TA
].present
== 1 && atr
->ib
[0][ATR_INTERFACE_BYTE_TA
].value
!= 0x11) || N
== 255)); //needs PTS according to old ISO 7816
794 if(NeedsPTS
&& deprecated
== 0)
796 // PTSS PTS0 PTS1 PCK
797 unsigned char req
[6] = { 0xFF, 0x10, 0x00, 0x00 }; //we currently do not support PTS2, standard guardtimes or PTS3,
798 //but spare 2 bytes in arrayif card responds with it
799 req
[1] = 0x10 | reader
->protocol_type
; //PTS0 always flags PTS1 to be sent always
800 if(ATR_GetInterfaceByte(atr
, 1, ATR_INTERFACE_BYTE_TA
, &req
[2]) != ATR_OK
) //PTS1
802 req
[2] = 0x11; // defaults FI and DI to 1
805 call(SetRightParity(reader
));
806 ret
= PPS_Exchange(reader
, req
, &len
);
810 unsigned char DI
= req
[2] & 0x0F;
812 uint32_t F
= atr_f_table
[FI
];
814 rdr_log_dbg(reader
, D_ATR
, "PTS successful, selected protocol: T%i, F=%d, D=%d, N=%d", reader
->protocol_type
, F
, D
, N
);
818 rdr_log_dump_dbg(reader
, D_ATR
, req
, len
, "PTS Failure, response:");
822 //When for SCI, T14 protocol, TA1 is obeyed, this goes OK for mosts devices, but somehow on DM7025 Sky S02 card goes wrong when setting ETU (ok on DM800/DM8000)
823 if(!PPS_success
) // last PPS not successful
826 if(ATR_GetInterfaceByte(atr
, 1, ATR_INTERFACE_BYTE_TA
, &TA1
) == ATR_OK
)
829 ATR_GetParameter(atr
, ATR_PARAMETER_D
, &(D
));
831 else // do not obey TA1
838 if((D
== 32) || (D
== 12) || (D
== 20)) //those values were RFU in old table
840 D
= 0; // viaccess cards that fail PTS need this
843 uint32_t F
= atr_f_table
[FI
];
844 rdr_log_dbg(reader
, D_ATR
, "No PTS %s, selected protocol T%i, F=%d, D=%d, N=%d", NeedsPTS
? "happened" : "needed", reader
->protocol_type
, F
, D
, N
);
846 }//end negotiable mode
848 //make sure no zero values
849 uint32_t F
= atr_f_table
[FI
];
853 rdr_log(reader
, "Warning: F=0 is invalid, forcing FI=%d", FI
);
858 rdr_log(reader
, "Warning: D=0 is invalid, forcing D=%d", D
);
860 rdr_log_dbg(reader
, D_ATR
, "Init card protocol T%i, FI=%d, F=%d, D=%d, N=%d", reader
->protocol_type
, FI
, F
, D
, N
);
863 return InitCard(reader
, atr
, FI
, D
, N
, deprecated
);
867 return InitCard(reader
, atr
, ATR_DEFAULT_FI
, ATR_DEFAULT_D
, N
, deprecated
);
871 static int32_t PPS_Exchange(struct s_reader
*reader
, unsigned char *params
, uint32_t *length
)
873 const struct s_cardreader
*crdr_ops
= reader
->crdr
;
874 if (!crdr_ops
) return ERROR
;
876 unsigned char confirm
[PPS_MAX_LENGTH
];
877 uint32_t len_request
, len_confirm
;
881 len_request
= PPS_GetLength(params
);
882 params
[len_request
- 1] = PPS_GetPCK(params
, len_request
- 1);
883 rdr_log_dbg(reader
, D_IFD
, "PTS: Sending request: %s", cs_hexdump(1, params
, len_request
, tmp
, sizeof(tmp
)));
885 if(crdr_ops
->set_protocol
)
887 ret
= crdr_ops
->set_protocol(reader
, params
, length
, len_request
);
892 call(ICC_Async_Transmit(reader
, len_request
, len_request
, params
, 0, 1000000));
895 call(ICC_Async_Receive(reader
, 2, confirm
, 0, 1000000));
896 len_confirm
= PPS_GetLength(confirm
);
897 call(ICC_Async_Receive(reader
, len_confirm
- 2, confirm
+ 2, 0, 1000000));
899 rdr_log_dbg(reader
, D_IFD
, "PTS: Receiving confirm: %s", cs_hexdump(1, confirm
, len_confirm
, tmp
, sizeof(tmp
)));
900 if((len_request
!= len_confirm
) || (memcmp(params
, confirm
, len_request
)))
909 // Copy PPS handshake
910 memcpy(params
, confirm
, len_confirm
);
911 (*length
) = len_confirm
;
915 static uint32_t PPS_GetLength(unsigned char *block
)
919 if(PPS_HAS_PPS1(block
))
924 if(PPS_HAS_PPS2(block
))
929 if(PPS_HAS_PPS3(block
))
937 static uint32_t ETU_to_us(struct s_reader
*reader
, uint32_t ETU
)
939 return (uint32_t)((double) ETU
* reader
->worketu
); // in us
942 static int32_t ICC_Async_SetParity(struct s_reader
*reader
, uint16_t parity
)
944 const struct s_cardreader
*crdr_ops
= reader
->crdr
;
945 if (!crdr_ops
) return ERROR
;
947 if(crdr_ops
->set_parity
)
949 rdr_log_dbg(reader
, D_IFD
, "Setting right parity");
950 call(crdr_ops
->set_parity(reader
, parity
));
955 static int32_t SetRightParity(struct s_reader
*reader
)
957 const struct s_cardreader
*crdr_ops
= reader
->crdr
;
958 if (!crdr_ops
) return ERROR
;
961 uint16_t parity
= PARITY_EVEN
;
962 if(reader
->convention
== ATR_CONVENTION_INVERSE
)
966 else if(reader
->protocol_type
== ATR_PROTOCOL_TYPE_T14
)
968 parity
= PARITY_NONE
;
971 call(ICC_Async_SetParity(reader
, parity
));
973 if(crdr_ops
->flush
&& reader
->crdr_flush
)
975 IO_Serial_Flush(reader
);
981 static int32_t InitCard(struct s_reader
*reader
, ATR
*atr
, unsigned char FI
, uint32_t D
, unsigned char N
, uint16_t deprecated
)
983 const struct s_cardreader
*crdr_ops
= reader
->crdr
;
984 if (!crdr_ops
) return ERROR
;
986 uint32_t I
, F
, Fi
, BGT
= 0, edc
, GT
= 0, WWT
= 0, EGT
= 0;
987 unsigned char wi
= 0;
989 // set the amps and the volts according to ATR
990 if(ATR_GetParameter(atr
, ATR_PARAMETER_I
, &I
) != ATR_OK
)
997 // set clock speed to max if internal reader
998 if(crdr_ops
->max_clock_speed
== 1 && reader
->typ
== R_INTERNAL
)
1000 if(reader
->autospeed
== 1) //no overclocking
1002 reader
->mhz
= atr_fs_table
[FI
] / 10000; // we are going to clock the card to this nominal frequency
1005 if(reader
->cardmhz
> 2000 && reader
->autospeed
== 1) // -1 replaced by autospeed parameter is magic number pll internal reader set cardmhz according to optimal atr speed
1007 reader
->mhz
= atr_fs_table
[FI
] / 10000 ;
1008 if((!strncmp(boxtype_get(), "vu", 2 ))||(boxtype_is("ini-8000am")))
1015 if(reader
->cardmhz
> 2000)
1017 reader
->divider
= 0; // reset pll divider so divider will be set calculated again.
1018 ICC_Async_GetPLL_Divider(reader
); // calculate pll divider for target cardmhz.
1021 Fi
= atr_f_table
[FI
]; // get the frequency divider also called clock rate conversion factor
1022 if(crdr_ops
->set_baudrate
)
1024 reader
->current_baudrate
= DEFAULT_BAUDRATE
;
1029 if(reader
->protocol_type
!= ATR_PROTOCOL_TYPE_T14
) // dont switch for T14
1031 uint32_t baud_temp
= (double)D
* ICC_Async_GetClockRate(reader
->cardmhz
) / (double)Fi
;
1032 uint32_t baud_temp2
= (double)D
* ICC_Async_GetClockRate(reader
->mhz
) / (double)Fi
;
1033 rdr_log(reader
, "Setting baudrate to %d bps", baud_temp2
);
1034 // set_baudrate() increases/decreases baud_temp to baud_temp2 in case of over/underclocking
1035 call(crdr_ops
->set_baudrate(reader
, baud_temp
));
1036 reader
->current_baudrate
= baud_temp2
;
1040 if(reader
->cardmhz
> 2000 && reader
->typ
== R_INTERNAL
)
1042 F
= reader
->mhz
; // for PLL based internal readers
1046 if (reader
->typ
== R_SMART
|| is_smargo_reader(reader
))
1048 if (reader
->autospeed
== 1)
1050 uint32_t Fsmart
= atr_fs_table
[FI
];
1051 reader
->mhz
= Fsmart
/10000;
1052 if(reader
->mhz
>= 1600)
1056 else if(reader
->mhz
>= 1200)
1060 else if(reader
->mhz
>= 961)
1064 else if(reader
->mhz
>= 800)
1068 else if(reader
->mhz
>= 686)
1072 else if(reader
->mhz
>= 600)
1076 else if(reader
->mhz
>= 534)
1080 else if(reader
->mhz
>= 480)
1084 else if(reader
->mhz
>= 436)
1088 else if(reader
->mhz
>= 400)
1092 else if(reader
->mhz
>= 369)
1096 else if(reader
->mhz
>= 357)
1098 reader
->mhz
= 369; // 357 not suported by smartreader
1100 else if(reader
->mhz
>= 343)
1110 F
= reader
->mhz
; //all other readers
1112 reader
->worketu
= (double)((double)(1 / (double)D
) * ((double)Fi
/ (double)((double)F
/ 100)));
1113 rdr_log_dbg(reader
, D_ATR
, "Calculated work ETU is %.2f us reader mhz = %u", reader
->worketu
, reader
->mhz
);
1115 //set timings according to ATR
1116 reader
->read_timeout
= 0;
1117 reader
->block_delay
= 0;
1118 reader
->char_delay
= 0;
1120 switch(reader
->protocol_type
)
1122 case ATR_PROTOCOL_TYPE_T0
:
1123 case ATR_PROTOCOL_TYPE_T14
:
1125 /* Integer value WI = TC2, by default 10 */
1126 #ifndef PROTOCOL_T0_USE_DEFAULT_TIMINGS
1127 if(ATR_GetInterfaceByte(atr
, 2, ATR_INTERFACE_BYTE_TC
, &(wi
)) != ATR_OK
)
1131 WWT
= (uint32_t) 960 * D
* wi
; //in work ETU
1132 GT
= 2; // standard guardtime
1133 GT
+= 1; // start bit
1134 GT
+= 8; // databits
1135 GT
+= 1; // parity bit
1137 if(N
!= 255) //add extra Guard Time by ATR
1139 EGT
+= N
; // T0 protocol, if TC1 = 255 then dont add extra guardtime
1141 reader
->CWT
= 0; // T0 protocol doesnt have char waiting time (used to detect errors within 1 single block of data)
1142 reader
->BWT
= 0; // T0 protocol doesnt have block waiting time (used to detect unresponsive card, this is max time for starting a block answer)
1144 rdr_log_dbg(reader
, D_ATR
, "Protocol: T=%i, WWT=%u, Clockrate=%u", reader
->protocol_type
, WWT
, F
* 10000);
1145 reader
->read_timeout
= WWT
; // Work waiting time used in T0 (max time to signal unresponsive card!)
1146 reader
->char_delay
= GT
+ EGT
; // Character delay is used on T0
1147 rdr_log_dbg(reader
, D_ATR
, "Setting timings: timeout=%u ETU, block_delay=%u ETU, char_delay=%u ETU", reader
->read_timeout
, reader
->block_delay
, reader
->char_delay
);
1150 case ATR_PROTOCOL_TYPE_T1
:
1152 unsigned char ta
, tb
, tc
, cwi
, bwi
;
1155 if(ATR_GetInterfaceByte(atr
, 3, ATR_INTERFACE_BYTE_TA
, &ta
) == ATR_NOT_FOUND
)
1157 reader
->ifsc
= DEFAULT_IFSC
;
1159 else if((ta
!= 0x00) && (ta
!= 0xFF))
1165 reader
->ifsc
= DEFAULT_IFSC
;
1168 // FIXME workaround for Smargo until native mode works
1169 if(reader
->smargopatch
== 1)
1171 reader
->ifsc
= MIN(reader
->ifsc
, 28);
1174 // Towitoko and smartreaders dont allow IFSC > 251
1176 reader
->ifsc
= MIN(reader
->ifsc
, MAX_IFSC
);
1179 #ifndef PROTOCOL_T1_USE_DEFAULT_TIMINGS
1180 // Calculate CWI and BWI
1181 if(ATR_GetInterfaceByte(atr
, 3, ATR_INTERFACE_BYTE_TB
, &tb
) == ATR_NOT_FOUND
)
1186 #ifndef PROTOCOL_T1_USE_DEFAULT_TIMINGS
1195 // Set CWT = 11+(2^CWI) work etu
1196 reader
->CWT
= (uint16_t) 11 + (1 << cwi
); // in work ETU
1198 reader
->BWT
= (uint32_t) ((1<<bwi
) * 960 * 372 / (double)((double)F
/ 100) / (double) reader
->worketu
) + 11; // BWT in work ETU
1200 BGT
= 22L; // Block Guard Time in ETU used to interspace between block responses
1201 GT
= 2; // standard guardtime
1202 GT
+= 1; // start bit
1203 GT
+= 8; // databits
1204 GT
+= 1; // parity bit
1208 GT
-= 1; // special case, ATR says standard 2 etu guardtime is decreased by 1 (in ETU) EGT remains zero!
1212 EGT
+= N
; // ATR says add extra guardtime (in ETU)
1215 // Set the error detection code type
1216 if(ATR_GetInterfaceByte(atr
, 3, ATR_INTERFACE_BYTE_TC
, &tc
) == ATR_NOT_FOUND
)
1225 // Set initial send sequence (NS)
1228 rdr_log_dbg(reader
, D_ATR
, "Protocol: T=%i: IFSC=%d, CWT=%d etu, BWT=%d etu, BGT=%d etu, EDC=%s, N=%d", reader
->protocol_type
, reader
->ifsc
, reader
->CWT
, reader
->BWT
, BGT
, (edc
== EDC_LRC
) ? "LRC" : "CRC", N
);
1229 reader
->read_timeout
= reader
->BWT
;
1230 reader
->block_delay
= BGT
;
1231 reader
->char_delay
= GT
+ EGT
;
1232 rdr_log_dbg(reader
, D_ATR
, "Setting timings: reader timeout=%u ETU, block_delay=%u ETU, char_delay=%u ETU", reader
->read_timeout
, reader
->block_delay
, reader
->char_delay
);
1241 SetRightParity(reader
); // some reader devices need to get set the right parity
1243 uint32_t ETU
= Fi
/ D
;
1244 if(atr
->hbn
>= 6 && !memcmp(atr
->hb
, "IRDETO", 6) && reader
->protocol_type
== ATR_PROTOCOL_TYPE_T14
)
1247 reader
->worketu
*= 2; // overclocked T14 needs this otherwise high ecm reponses
1250 struct s_cardreader_settings s
=
1257 .Fi
= (uint16_t) Fi
,
1264 if(crdr_ops
->write_settings
)
1266 call(crdr_ops
->write_settings(reader
, &s
));
1270 if(reader->typ == R_INTERNAL)
1272 if(reader->cardmhz > 2000)
1274 rdr_log(reader, "PLL Reader: ATR Fsmax is %i MHz, clocking card to %.2f Mhz (nearest possible mhz specified reader->mhz)", atr_fs_table[FI] / 1000000, (float) reader->mhz / 100);
1278 rdr_log(reader, "ATR Fsmax is %i MHz, clocking card to %.2f (specified in reader->mhz)", atr_fs_table[FI] / 1000000, (float) reader->mhz / 100);
1283 if ((reader->typ == R_SMART) && (reader->autospeed == 1))
1285 rdr_log(reader, "ATR Fsmax is %i MHz, clocking card to ATR Fsmax for smartreader cardspeed of %.2f MHz (specified in reader->mhz)", atr_fs_table[FI] / 1000000, (float) reader->mhz / 100);
1289 rdr_log(reader, "ATR Fsmax is %i MHz, clocking card to wanted user cardclock of %.2f MHz (specified in reader->mhz)",atr_fs_table[FI] / 1000000, (float) reader->mhz / 100);
1294 //Communicate to T1 card IFSD -> we use same as IFSC
1295 if(reader
->protocol_type
== ATR_PROTOCOL_TYPE_T1
&& reader
->ifsc
!= DEFAULT_IFSC
&& !crdr_ops
->skip_setting_ifsc
)
1297 unsigned char rsp
[CTA_RES_LEN
];
1300 unsigned char tmp
[] = { 0x21, 0xC1, 0x01, 0x00, 0x00 };
1301 tmp
[3] = reader
->ifsc
; // Information Field size
1302 tmp
[4] = reader
->ifsc
^ 0xE1;
1303 ret
= Protocol_T1_Command(reader
, tmp
, sizeof(tmp
), rsp
, &lr
);
1306 rdr_log(reader
, "Warning: Card returned error on setting ifsd value to %d", reader
->ifsc
);
1310 rdr_log_dbg(reader
, D_ATR
, "Card responded ok for ifsd request of %d", reader
->ifsc
);
1316 static unsigned char PPS_GetPCK(unsigned char *block
, uint32_t length
)
1321 for(i
= 1; i
< length
; i
++)