search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[gbx] - try fix ecm and cw messages
[oscam.git] / oscam-aes.c
blobe110e98d5ca271b48adf38797fa836958c7682e1
1 #define MODULE_LOG_PREFIX "aes"
2
3 #include "globals.h"
4 #include "oscam-aes.h"
5 #include "oscam-garbage.h"
6 #include "oscam-string.h"
7
8 void aes_set_key(struct aes_keys *aes, char *key)
9 {
10 AES_set_decrypt_key((const uint8_t *)key, 128, &aes->aeskey_decrypt);
11 AES_set_encrypt_key((const uint8_t *)key, 128, &aes->aeskey_encrypt);
12 }
13
14 bool aes_set_key_alloc(struct aes_keys **aes, char *key)
15 {
16 if (!cs_malloc(aes, sizeof(struct aes_keys)))
17 {
18 return false;
19 }
20 aes_set_key(*aes, key);
21 return true;
22 }
23
24 void aes_decrypt(struct aes_keys *aes, uint8_t *buf, int32_t n)
25 {
26 int32_t i;
27 for(i = 0; i < n; i += 16)
28 {
29 AES_decrypt(buf + i, buf + i, &aes->aeskey_decrypt);
30 }
31 }
32
33 void aes_encrypt_idx(struct aes_keys *aes, uint8_t *buf, int32_t n)
34 {
35 int32_t i;
36 for(i = 0; i < n; i += 16)
37 {
38 AES_encrypt(buf + i, buf + i, &aes->aeskey_encrypt);
39 }
40 }
41
42 void aes_cbc_encrypt(struct aes_keys *aes, uint8_t *buf, int32_t n, uint8_t *iv)
43 {
44 AES_cbc_encrypt(buf, buf, n, &aes->aeskey_encrypt, iv, AES_ENCRYPT);
45 }
46
47 void aes_cbc_decrypt(struct aes_keys *aes, uint8_t *buf, int32_t n, uint8_t *iv)
48 {
49 AES_cbc_encrypt(buf, buf, n, &aes->aeskey_decrypt, iv, AES_DECRYPT);
50 }
51
52 /* Creates an AES_ENTRY and adds it to the given linked list. */
53 void add_aes_entry(AES_ENTRY **list, uint16_t caid, uint32_t ident, int32_t keyid, uint8_t *aesKey)
54 {
55 AES_ENTRY *new_entry, *next, *current;
56
57 // create the AES key entry for the linked list
58 if(!cs_malloc(&new_entry, sizeof(AES_ENTRY)))
59 { return; }
60
61 memcpy(new_entry->plainkey, aesKey, 16);
62 new_entry->caid = caid;
63 new_entry->ident = ident;
64 new_entry->keyid = keyid;
65 if(memcmp(aesKey, "\xFF\xFF", 2))
66 {
67 AES_set_decrypt_key((const uint8_t *)aesKey, 128, &(new_entry->key));
68 // cs_log("adding key : %s",cs_hexdump(1,aesKey,16, tmp, sizeof(tmp)));
69 }
70 else
71 {
72 memset(&new_entry->key, 0, sizeof(AES_KEY));
73 // cs_log("adding fake key");
74 }
75 new_entry->next = NULL;
76
77 //if list is empty, new_entry is the new head
78 if(!*list)
79 {
80 *list = new_entry;
81 return;
82 }
83
84 //append it to the list
85 current = *list;
86 next = current->next;
87 while(next)
88 {
89 current = next;
90 next = current->next;
91 }
92 current->next = new_entry;
93 }
94
95 /* Parses a single AES_KEYS entry and assigns it to the given list.
96 The expected format for value is caid1@ident1:key0,key1 */
97 void parse_aes_entry(AES_ENTRY **list, char *label, char *value)
98 {
99 uint16_t caid, dummy;
100 uint32_t ident;
101 int32_t len;
102 char *tmp;
103 int32_t nb_keys, key_id;
104 uint8_t aes_key[16];
105 char *save = NULL;
106
107 tmp = strtok_r(value, "@", &save);
108
109 //if we got error caid
110 len = strlen(tmp);
111 if(len == 0 || len > 4) { return; }
112
113 //if there is not value after @
114 len = strlen(save);
115 if(len == 0) { return; }
116
117 caid = a2i(tmp, 2);
118 tmp = strtok_r(NULL, ":", &save);
119
120 //if we got error ident
121 len = strlen(tmp);
122 if(len == 0 || len > 6) { return; }
123
124 ident = a2i(tmp, 3);
125
126 // now we need to split the key and add the entry to the reader.
127 nb_keys = 0;
128 key_id = 0;
129 while((tmp = strtok_r(NULL, ",", &save)))
130 {
131 dummy = 0;
132 len = strlen(tmp);
133 if(len != 32)
134 {
135 dummy = a2i(tmp, 1);
136 // FF means the card will do the AES decrypt
137 // 00 means we don't have the aes.
138 if((dummy != 0xFF && dummy != 0x00) || len > 2)
139 {
140 key_id++;
141 cs_log("AES key length error .. not adding");
142 continue;
143 }
144 if(dummy == 0x00)
145 {
146 key_id++;
147 continue;
148 }
149 }
150 nb_keys++;
151 if(dummy)
152 { memset(aes_key, 0xFF, 16); }
153 else
154 { key_atob_l(tmp, aes_key, 32); }
155 // now add the key to the reader... TBD
156 add_aes_entry(list, caid, ident, key_id, aes_key);
157 key_id++;
158 }
159
160 cs_log("%d AES key(s) added on reader %s for %04x@%06x", nb_keys, label, caid, ident);
161 }
162
163 /* Clears all entries from an AES list*/
164 void aes_clear_entries(AES_ENTRY **list)
165 {
166 AES_ENTRY *current, *next;
167 current = NULL;
168 next = *list;
169 while(next)
170 {
171 current = next;
172 next = current->next;
173 add_garbage(current);
174 }
175 *list = NULL;
176 }
177
178 /* Parses multiple AES_KEYS entrys in a reader section and assigns them to the reader.
179 The expected format for value is caid1@ident1:key0,key1;caid2@ident2:key0,key1 */
180 void parse_aes_keys(struct s_reader *rdr, char *value)
181 {
182 char *entry;
183 char *save = NULL;
184 AES_ENTRY *newlist = NULL, *savelist = rdr->aes_list;
185
186 for(entry = strtok_r(value, ";", &save); entry; entry = strtok_r(NULL, ";", &save))
187 {
188 parse_aes_entry(&newlist, rdr->label, entry);
189 }
190 rdr->aes_list = newlist;
191 aes_clear_entries(&savelist);
192 }
193
194 static AES_ENTRY *aes_list_find(AES_ENTRY *list, uint16_t caid, uint32_t provid, int32_t keyid)
195 {
196 AES_ENTRY *current = list;
197 while(current)
198 {
199 if(current->caid == caid && current->ident == provid && current->keyid == keyid)
200 { break; }
201 current = current->next;
202 }
203 if(!current)
204 {
205 cs_log("AES Decrypt key %d not found for %04X@%06X (aka V %06X E%X ...) ", keyid, caid, provid, provid, keyid);
206 return NULL;
207 }
208 return current;
209 }
210
211
212 int32_t aes_decrypt_from_list(AES_ENTRY *list, uint16_t caid, uint32_t provid, int32_t keyid, uint8_t *buf, int32_t n)
213 {
214 AES_ENTRY *current = aes_list_find(list, caid, provid, keyid);
215 if(!current)
216 { return 0; }
217 AES_KEY dummy;
218 int32_t i;
219 // hack for card that do the AES decrypt themsleves
220 memset(&dummy, 0, sizeof(AES_KEY));
221 if(!memcmp(&current->key, &dummy, sizeof(AES_KEY)))
222 {
223 return 1;
224 }
225 // decode the key
226 for(i = 0; i < n; i += 16)
227 { AES_decrypt(buf + i, buf + i, &(current->key)); }
228 return 1; // all ok, key decoded.
229 }
230
231 int32_t aes_present(AES_ENTRY *list, uint16_t caid, uint32_t provid, int32_t keyid)
232 {
233 return aes_list_find(list, caid, provid, keyid) != NULL;
234 }
Open Source Conditional Access Modul