search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
- fix Building without Nagra not possible at Nagra_Merlin https://trac.streamboard...
[oscam.git] / reader-nagracak7.c
blobeb6bc38ea0b5798b9cec3236b474a1a0a2361229
1 #include "globals.h"
2 #ifdef READER_NAGRA_MERLIN
3 #include "math.h"
4 #include "cscrypt/bn.h"
5 #include "cscrypt/idea.h"
6 #include "csctapi/icc_async.h"
7 #include "oscam-time.h"
8 #include "reader-common.h"
9 #include "reader-nagra-common.h"
10 #include "oscam-work.h"
11 #include "cscrypt/des.h"
12 #include "cscrypt/mdc2.h"
13 static const uint8_t public_exponent[] = { 0x01, 0x00, 0x01 };
14 static const uint8_t d00ff[] = { 0x00, 0xFF, 0xFF, 0xFF };
15 // Datatypes
16 #define IRDINFO 0x03
17 #define TIERS 0x0C
18 #define SYSID 0x05
19 static time_t tier_date(uint64_t date, char *buf, int32_t l)
20 {
21 time_t ut = +694224000L + (date >> 1);
22 if(buf)
23 {
24 struct tm t;
25 cs_gmtime_r(&ut, &t);
26 l = 27;
27 snprintf(buf, l, "%04d/%02d/%02d", t.tm_year + 1900, t.tm_mon + 1, t.tm_mday);
28 }
29 return ut;
30 }
31 static void rsa_decrypt(uint8_t *edata50, int len, uint8_t *out, uint8_t *key, int keylen)
32 {
33 BN_CTX *ctx0 = BN_CTX_new();
34 #ifdef WITH_LIBCRYPTO
35 BN_CTX_start(ctx0);
36 #endif
37 BIGNUM *bnN0 = BN_CTX_get(ctx0);
38 BIGNUM *bnE0 = BN_CTX_get(ctx0);
39 BIGNUM *bnCT0 = BN_CTX_get(ctx0);
40 BIGNUM *bnPT0 = BN_CTX_get(ctx0);
41 BN_bin2bn(&key[0], keylen, bnN0);
42 BN_bin2bn(public_exponent, 0x03, bnE0);
43 BN_bin2bn(&edata50[0], len, bnCT0);
44 BN_mod_exp(bnPT0, bnCT0, bnE0, bnN0, ctx0);
45 memset(out,0x00,len);
46 BN_bn2bin(bnPT0, out+ (len- BN_num_bytes(bnPT0)));
47 BN_CTX_end(ctx0);
48 BN_CTX_free(ctx0);
49 }
50 static void addProvider(struct s_reader *reader, uint8_t *cta_res)
51 {
52 int i;
53 bool toadd = true;
54 for(i = 0; i < reader->nprov; i++)
55 {
56 if((cta_res[0] == reader->prid[i][2]) && (cta_res[1] == reader->prid[i][3]))
57 {
58 toadd = false;
59 }
60 }
61 if(toadd)
62 {
63 reader->prid[reader->nprov][0] = 0;
64 reader->prid[reader->nprov][1] = 0;
65 reader->prid[reader->nprov][2] = cta_res[0];
66 reader->prid[reader->nprov][3] = cta_res[1];
67 reader->nprov += 1;
68 }
69 }
70 static int32_t get_prov_index(struct s_reader *reader, const uint8_t *provid)
71 {
72 int prov;
73 for(prov = 0; prov < reader->nprov; prov++)
74 {
75 if(!memcmp(provid, &reader->prid[prov][2], 2))
76 {
77 return (prov);
78 }
79 }
80 return (-1);
81 }
82 static void addSA(struct s_reader *reader, uint8_t *cta_res)
83 {
84 if((cta_res[0] == 0x83 && cta_res[5] == 0x10) || cta_res[0] == 0x87)
85 {
86 int i;
87 bool toadd = true;
88 if(reader->evensa)
89 {
90 unsigned long sax = (cta_res[3] << 16) + (cta_res[2] << 8) + (cta_res[1]);
91 if(sax % 2 != 0)
92 {
93 sax--;
94 cta_res[3]=(sax>>16)&0xFF;
95 cta_res[2]=(sax>>8)&0xFF;
96 cta_res[1]=(sax)&0xFF;
97 }
98 }
99 for(i = 0; i < reader->nsa; i++)
100 {
101 if((cta_res[1] == reader->sa[i][2]) && (cta_res[2] == reader->sa[i][1]) && (cta_res[3] == reader->sa[i][0]) && (cta_res[4] == reader->sa[i][3]))
102 {
103 toadd = false;
104 }
105 }
106 if(toadd && (memcmp(cta_res + 1, "\x00\x00\x00", 3)))
107 {
108 reader->sa[reader->nsa][0] = cta_res[3];
109 reader->sa[reader->nsa][1] = cta_res[2];
110 reader->sa[reader->nsa][2] = cta_res[1];
111 reader->sa[reader->nsa][3] = cta_res[4];
112 reader->nsa += 1;
113 }
114 }
115 }
116 static void addSAseca(struct s_reader *reader, uint8_t *cta_res)
117 {
118 if(cta_res[0] == 0x84)
119 {
120 addProvider(reader, cta_res + 1);
121 if(memcmp(cta_res + 3, "\x00\x00\x00", 3))
122 {
123 int i;
124 i = get_prov_index(reader, cta_res + 1);
125 memcpy(reader->sa[i], cta_res + 3, 3);
126 }
127 }
128 }
129 static void addemmfilter(struct s_reader *reader, uint8_t *cta_res)
130 {
131 if(cta_res[0] == 0x82)
132 {
133 reader->emm82 = 1;
134 }
135 else if(cta_res[0] == 0x84)
136 {
137 int i;
138 bool toadd = true;
139 for(i = 0; i < reader->nemm84; i++)
140 {
141 if(!memcmp(cta_res, reader->emm84[i], 3))
142 {
143 toadd = false;
144 }
145 }
146 if(toadd && (memcmp(cta_res + 1, "\x00\x00", 2)))
147 {
148 reader->emm84[reader->nemm84][0] = cta_res[0];
149 reader->emm84[reader->nemm84][1] = cta_res[1];
150 reader->emm84[reader->nemm84][2] = cta_res[2];
151 reader->nemm84 += 1;
152 }
153 }
154 else if(cta_res[0] == 0x83 && cta_res[5] == 0x00)
155 {
156 int i;
157 bool toadd = true;
158 for(i = 0; i < reader->nemm83u; i++)
159 {
160 if(!memcmp(cta_res, reader->emm83u[i], 6))
161 {
162 toadd = false;
163 }
164 }
165 if(toadd && (memcmp(cta_res + 1, "\x00\x00\x00\x00", 4)))
166 {
167 memcpy(reader->emm83u[reader->nemm83u], cta_res, 6);
168 reader->nemm83u += 1;
169 }
170 }
171 else if(cta_res[0] == 0x83 && cta_res[5] == 0x10)
172 {
173 int i;
174 bool toadd = true;
175 if(reader->evensa)
176 {
177 unsigned long sax = (cta_res[3] << 16) + (cta_res[2] << 8) + (cta_res[1]);
178 if(sax % 2 != 0)
179 {
180 sax--;
181 cta_res[3]=(sax>>16)&0xFF;
182 cta_res[2]=(sax>>8)&0xFF;
183 cta_res[1]=(sax)&0xFF;
184 }
185 }
186 for(i = 0; i < reader->nemm83s; i++)
187 {
188 if(!memcmp(cta_res, reader->emm83s[i], 6))
189 {
190 toadd = false;
191 }
192 }
193 if(toadd && (memcmp(cta_res + 1, "\x00\x00\x00", 3)))
194 {
195 memcpy(reader->emm83s[reader->nemm83s], cta_res, 6);
196 reader->nemm83s += 1;
197 }
198 }
199 else if(cta_res[0] == 0x87)
200 {
201 int i;
202 bool toadd = true;
203 if(reader->evensa)
204 {
205 unsigned long sax = (cta_res[3] << 16) + (cta_res[2] << 8) + (cta_res[1]);
206 if(sax % 2 != 0)
207 {
208 sax--;
209 cta_res[3]=(sax>>16)&0xFF;
210 cta_res[2]=(sax>>8)&0xFF;
211 cta_res[1]=(sax)&0xFF;
212 }
213 }
214 for(i = 0; i < reader->nemm87; i++)
215 {
216 if(!memcmp(cta_res, reader->emm87[i], 6))
217 {
218 toadd = false;
219 }
220 }
221 if(toadd && (memcmp(cta_res + 1, "\x00\x00\x00", 3)))
222 {
223 memcpy(reader->emm87[reader->nemm87], cta_res, 6);
224 reader->nemm87 += 1;
225 }
226 }
227 }
228 static int32_t ParseDataType(struct s_reader *reader, uint8_t dt, uint8_t *cta_res, uint16_t cta_lr)
229 {
230 char ds[27], de[27];
231 switch(dt)
232 {
233 case 0x02:
234 {
235 reader->prid[0][0] = 0x00;
236 reader->prid[0][1] = 0x00;
237 reader->prid[0][2] = cta_res[19];
238 reader->prid[0][3] = cta_res[20];
239 reader->prid[1][0] = 0x00;
240 reader->prid[1][1] = 0x00;
241 reader->prid[1][2] = 0x00;
242 reader->prid[1][3] = 0x00;
243 reader->nprov += 1;
244 reader->caid = (SYSTEM_NAGRA | cta_res[25]);
245 rdr_log_dbg(reader, D_READER, "CAID : %04X", reader->caid);
246 return OK;
247 }
248 case IRDINFO: // case 0x03
249 {
250 if(cta_res[21] == 0x9C)
251 {
252 uint32_t timestamp = b2i(0x04, cta_res + 22);
253 uint8_t timestamp186D[4] = {0xA6, 0x9E, 0xFB, 0x7F};
254 uint32_t timestamp186Db2i = b2i(0x04, timestamp186D);
255 if(reader->caid == 0x186D)
256 {
257 reader->card_valid_to = tier_date(timestamp186Db2i, de, 11);
258 }
259 else
260 {
261 reader->card_valid_to = tier_date(timestamp, de, 11);
262 }
263 uint16_t chid = 0;
264 uint32_t id = b2i(0x02, cta_res + 19);
265 uint32_t start_date;
266 uint32_t expire_date;
267 start_date = 1;
268 expire_date = b2i(0x04, cta_res + 22);
269 cs_add_entitlement(reader,
270 reader->caid,
271 id,
272 chid,
273 0,
274 tier_date(start_date, ds, 11),
275 tier_date(expire_date, de, 11),
276 4,
277 1);
278 rdr_log(reader, "|%04X|%04X |%s |%s |", id, chid, ds, de);
279 addProvider(reader, cta_res + 19);
280 }
281 if((reader->caid == 0x1856) && (cta_res[21] == 0x01))
282 {
283 uint16_t chid = 0;
284 uint32_t id = b2i(0x02, cta_res + 19);
285 uint32_t start_date;
286 uint32_t expire_date;
287 start_date = 1;
288 expire_date = b2i(0x04, cta_res + 22);
289 cs_add_entitlement(reader,
290 reader->caid,
291 id,
292 chid,
293 0,
294 tier_date(start_date, ds, 11),
295 tier_date(expire_date, de, 11),
296 4,
297 1);
298 rdr_log(reader, "|%04X|%04X |%s |%s |", id, chid, ds, de);
299 addProvider(reader, cta_res + 19);
300 }
301 if(reader->protocol_type == ATR_PROTOCOL_TYPE_T0)
302 {
303 uint16_t chid = 0;
304 uint32_t id = b2i(0x02, cta_res + 19);
305 uint32_t start_date;
306 uint32_t expire_date;
307 start_date = 1;
308 expire_date = b2i(0x04, cta_res + 22);
309 cs_add_entitlement(reader,
310 reader->caid,
311 id,
312 chid,
313 0,
314 tier_date(start_date, ds, 11),
315 tier_date(expire_date, de, 11),
316 4,
317 1);
318 rdr_log(reader, "|%04X|%04X |%s |%s |", id, chid, ds, de);
319 addProvider(reader, cta_res + 19);
320 }
321 return OK;
322 }
323 case 0x04:
324 {
325 if(cta_res[18] != 0x80)
326 {
327 addProvider(reader, cta_res + 19);
328 uint8_t check[] = {0x00, 0x01};
329 uint8_t checkecmcaid[] = {0xFF, 0x07};
330 if (reader->caid == 0x186D)
331 {
332 check[0] = (reader->caid - 0x03) & 0xFF;
333 }
334 else if (reader->caid == 0x1856)
335 {
336 check[0] = (reader->caid + 0x28) & 0xFF;
337 }
338 else
339 {
340 check[0] = reader->caid & 0xFF;
341 }
342 int p;
343 for(p=23; p < (cta_lr - 6); p++)
344 {
345 if(!memcmp(cta_res + p, check, 2))
346 {
347 addProvider(reader, cta_res + p + 2);
348 if(reader->cak7type == 3)
349 {
350 addSAseca(reader, cta_res + p + 5);
351 }
352 else
353 {
354 if ((reader->caid == 0x1884) && (((cta_res + p + 5)[0] == 0x83) || ((cta_res + p + 5)[0] == 0x87)) && ((cta_res + p + 5)[2] == reader->cardid[1]) && ((cta_res + p + 5)[3] == reader->cardid[0]) && ((cta_res + p + 5)[4] == 0x00))
355 {
356 (cta_res + p + 5)[1] -= 0x01;
357 }
358 if ((reader->caid == 0x1856) && ((cta_res + p + 5)[0] == 0x87) && ((cta_res + p + 5)[1] != reader->cardid[2]) && ((cta_res + p + 5)[2] != reader->cardid[1]) && ((cta_res + p + 5)[3] != reader->cardid[0]) && ((cta_res + p + 5)[4] != reader->cardid[3]))
359 {
360 (cta_res + p + 5)[4] = 0x00;
361 }
362 addSA(reader, cta_res + p + 5);
363 addemmfilter(reader, cta_res + p + 5);
364 }
365 }
366 if(!memcmp(cta_res + p, checkecmcaid, 2))
367 {
368 reader->caid = (SYSTEM_NAGRA | (cta_res + p + 2)[0]);
369 }
370 }
371 }
372 return OK;
373 }
374 case 0x09:
375 {
376 if((cta_res[19] == cta_res[23]) && (cta_res[20] == cta_res[24]))
377 {
378 addProvider(reader, cta_res + 19);
379 }
380 return OK;
381 }
382 case SYSID: // case 0x05
383 {
384 memcpy(reader->edata,cta_res + 26, 0x70);
385 reader->dt5num = cta_res[20];
386 char tmp[8];
387 rdr_log(reader, "Card has DT05_%s", cs_hexdump(1, &reader->dt5num, 1, tmp, sizeof(tmp)));
388 if(reader->dt5num == 0x00)
389 {
390 IDEA_KEY_SCHEDULE ks;
391 rsa_decrypt(reader->edata, 0x70, reader->out, reader->mod1, reader->mod1_length);
392 memcpy(reader->kdt05_00,&reader->out[18], 0x5C + 2);
393 memcpy(&reader->kdt05_00[0x5C + 2], cta_res + 26 + 0x70, 6);
394 memcpy(reader->ideakey1, reader->out, 16);
395 rdr_log_dump_dbg(reader, D_READER, reader->ideakey1, 16, "IDEAKEY1: ");
396 memcpy(reader->block3, cta_res + 26 + 0x70 + 6, 8);
397 idea_set_encrypt_key(reader->ideakey1, &ks);
398 memset(reader->v, 0, sizeof(reader->v));
399 idea_cbc_encrypt(reader->block3, reader->iout, 8, &ks, reader->v, IDEA_DECRYPT);
400 memcpy(&reader->kdt05_00[0x5C + 2 + 6],reader->iout, 8);
401 uint8_t mdc_hash1[MDC2_DIGEST_LENGTH];
402 memset(mdc_hash1,0x00,MDC2_DIGEST_LENGTH);
403 uint8_t check1[0x7E];
404 memset(check1, 0x00, 0x7E);
405 memcpy(check1 + 18, reader->kdt05_00, 0x6C);
406 MDC2_CTX c1;
407 MDC2_Init(&c1);
408 MDC2_Update(&c1, check1, 0x7E);
409 MDC2_Final(&(mdc_hash1[0]), &c1);
410 rdr_log_dump_dbg(reader, D_READER, mdc_hash1, 16, "MDC_HASH: ");
411 if(memcmp(mdc_hash1 + 1, reader->ideakey1 + 1, 14) == 0)
412 {
413 rdr_log(reader, "DT05_00 is correct");
414 }
415 else
416 {
417 rdr_log(reader, "DT05_00 error - check MOD1");
418 }
419 rdr_log_dump_dbg(reader, D_READER, reader->kdt05_00, sizeof(reader->kdt05_00), "DT05_00: ");
420 }
421 if(reader->dt5num == 0x10)
422 {
423 IDEA_KEY_SCHEDULE ks;
424 rsa_decrypt(reader->edata, 0x70, reader->out, reader->mod1, reader->mod1_length);
425 memcpy(reader->kdt05_10, &reader->out[16], 6 * 16);
426 memcpy(reader->ideakey1, reader->out, 16);
427 memcpy(reader->block3, cta_res + 26 + 0x70, 8);
428 idea_set_encrypt_key(reader->ideakey1, &ks);
429 memset(reader->v, 0, sizeof(reader->v));
430 idea_cbc_encrypt(reader->block3, reader->iout, 8, &ks, reader->v, IDEA_DECRYPT);
431 memcpy(&reader->kdt05_10[6 * 16],reader->iout,8);
432 rdr_log_dump_dbg(reader, D_READER, reader->kdt05_10, sizeof(reader->kdt05_10), "DT05_10: ");
433 }
434 if(reader->dt5num == 0x20)
435 {
436 rsa_decrypt(reader->edata, 0x70, reader->out, reader->mod2, reader->mod2_length);
437 memcpy(reader->tmprsa, reader->out, 0x70);
438 reader->hasunique = 1;
439 }
440 return OK;
441 }
442 case TIERS: // case 0x0C
443 {
444 uint16_t chid;
445 if((cta_lr >= 0x30) && (chid = b2i(0x02, cta_res + 23)))
446 {
447 uint32_t id = b2i(0x02, cta_res + 19);
448 uint32_t start_date;
449 uint32_t expire_date1;
450 uint32_t expire_date2;
451 uint32_t expire_date;
452 switch(reader->caid)
453 {
454 case 0x1830: // Max TV
455 case 0x1843: // HD02
456 case 0x1860: // HD03
457 case 0x1861: // Polsat, Vodafone D08
458 start_date = b2i(0x04, cta_res + 42);
459 expire_date1 = b2i(0x04, cta_res + 28);
460 expire_date2 = (reader->caid != 0x1861) ? b2i(0x04, cta_res + 46) : expire_date1;
461 expire_date = expire_date1 <= expire_date2 ? expire_date1 : expire_date2;
462 break;
463 case 0x186A: // HD04, HD05
464 start_date = b2i(0x04, cta_res + 53);
465 expire_date1 = b2i(0x04, cta_res + 39);
466 expire_date2 = b2i(0x04, cta_res + 57);
467 expire_date = expire_date1 <= expire_date2 ? expire_date1 : expire_date2;
468 break;
469 default: // unknown card
470 start_date = 1;
471 expire_date = 0xA69EFB7F;
472 }
473 cs_add_entitlement(reader,
474 reader->caid,
475 id,
476 chid,
477 0,
478 tier_date(start_date, ds, 11),
479 tier_date(expire_date, de, 11),
480 4,
481 1);
482 rdr_log(reader, "|%04X|%04X |%s |%s |", id, chid, ds, de);
483 addProvider(reader, cta_res + 19);
484 }
485 return OK;
486 }
487 default:
488 return OK;
489 }
490 return ERROR;
491 }
492 static int32_t CAK7do_cmd(struct s_reader *reader, uint8_t dt, uint8_t len, uint8_t *res, uint16_t *rlen, int32_t sub, uint8_t retlen)
493 {
494 uint8_t dtdata[0x10];
495 memset(dtdata, 0xCC, len);
496 dtdata[7] = 0x04;
497 dtdata[8] = 0x04;
498 dtdata[9] = (sub >> 16) & 0xFF;
499 dtdata[10] = (sub >> 8) & 0xFF;
500 dtdata[11] = (sub) & 0xFF;
501 dtdata[12] = dt;
502 do_cak7_cmd(reader, res, rlen, dtdata, sizeof(dtdata), retlen);
503 return OK;
504 }
505 static int32_t CAK7GetDataType(struct s_reader *reader, uint8_t dt)
506 {
507 def_resp;
508 int32_t sub = 0x00;
509 uint8_t retlen = 0x10;
510 while(1)
511 {
512 CAK7do_cmd(reader, dt, 0x10, cta_res, &cta_lr, sub, retlen);
513 rdr_log_dump_dbg(reader, D_READER, cta_res, cta_lr, "Decrypted Answer:");
514 // hier eigentlich check auf 90 am ende usw... obs halt klarging ...
515 if(cta_lr == 0)
516 {
517 break;
518 }
519 if(cta_res[cta_lr-2] == 0x6F && cta_res[cta_lr-1] == 0x01)
520 {
521 reader->card_status = CARD_NEED_INIT;
522 add_job(reader->client, ACTION_READER_RESTART, NULL, 0);
523 break;
524 }
525 uint32_t newsub = (cta_res[9] << 16) + (cta_res[10] << 8) + (cta_res[11]);
526 if(newsub == 0xFFFFFF)
527 {
528 break;
529 }
530 if(cta_res[12] == dt)
531 {
532 uint8_t oretlen = retlen;
533 retlen = cta_res[13] + 0x10 + 0x2;
534 while(retlen % 0x10 != 0x00)
535 {
536 retlen++;
537 }
538 if(retlen == oretlen)
539 {
540 sub = newsub + 1;
541 retlen = 0x10;
542 ParseDataType(reader, dt, cta_res, cta_lr);
543 }
544 }
545 else
546 {
547 break;
548 }
549 }
550 return OK;
551 }
552 static void sub_6AD78(uint32_t *dinit) // gbox function
553 {
554 uint32_t v0 = (uint32_t) * dinit;
555 double f0;
556 f0 = v0;
557 double f12 = 16807;
558 double f15 = 2147483647;
559 f12 = f0 * f12;
560 double v12;
561 v12 = fmod(f12, f15);
562 *dinit = v12;
563 }
564 static void calc_cak7_exponent(uint32_t *dinit, uint8_t *out, uint8_t len)
565 {
566 memset(out, 0x00, len);
567 sub_6AD78(dinit);
568 int nR4 = 0;
569 int nR5 = 0;
570 while(true)
571 {
572 uint32_t nR0 = (uint32_t)* dinit;
573 int nR3 = nR4 + 3;
574 nR5 += 4;
575 if(nR3 > len)
576 {
577 break;
578 }
579 out[nR5 - 1] = ((nR0 ) & 0xFF);
580 out[nR5 - 2] = ((nR0 >> 8) & 0xFF);
581 out[nR5 - 3] = ((nR0 >> 16) & 0xFF);
582 out[nR5 - 4] = ((nR0 >> 24) & 0xFF);
583 nR4 += 4;
584 sub_6AD78(dinit);
585 }
586 uint32_t nR0 = (uint32_t)* dinit;
587 while(nR4 < len)
588 {
589 out[nR4] = nR0 & 0xFF;
590 nR4++;
591 nR0 >>= 8;
592 }
593 out[0] &= 0x03;
594 out[0x10] |= 0x01;
595 }
596 static void IdeaDecrypt(unsigned char *data, int len, const unsigned char *key, unsigned char *iv)
597 {
598 unsigned char v[8];
599 if(!iv) { memset(v,0,sizeof(v)); iv=v; }
600 IDEA_KEY_SCHEDULE ks;
601 idea_set_encrypt_key(key,&ks);
602 idea_cbc_encrypt(data,data,len&~7,&ks,iv,IDEA_DECRYPT);
603 }
604 static inline void xxxor(uint8_t *data, int32_t len, const uint8_t *v1, const uint8_t *v2)
605 {
606 int i;
607 switch(len)
608 {
609 case 16:
610 case 8:
611 case 4:
612 for(i = 0; i < len; ++i)
613 {
614 data[i] = v1[i] ^ v2[i];
615 }
616 break;
617 default:
618 while(len--)
619 {
620 *data++ = *v1++ ^ *v2++;
621 }
622 break;
623 }
624 }
625 static void CreateRSAPair60(struct s_reader *reader, const unsigned char *key)
626 {
627 unsigned char idata[96];
628 int i;
629 for(i=11; i>=0; i--) {
630 unsigned char *d=&idata[i*8];
631 memcpy(d,&key[13],8);
632 *d^=i;
633 IdeaDecrypt(d,8,key,0);
634 xxxor(d,8,d,&key[13]);
635 *d^=i;
636 }
637 BN_CTX *ctx5 = BN_CTX_new();
638 #ifdef WITH_LIBCRYPTO
639 BN_CTX_start(ctx5);
640 #endif
641 BIGNUM *p = BN_CTX_get(ctx5);
642 BIGNUM *q = BN_CTX_get(ctx5);
643 BIGNUM *m = BN_CTX_get(ctx5);
644 BIGNUM *e = BN_CTX_get(ctx5);
645 BIGNUM *a = BN_CTX_get(ctx5);
646 BIGNUM *r = BN_CTX_get(ctx5);
647 // Calculate P
648 idata[0] |= 0x80;
649 idata[47] |= 1;
650 BN_bin2bn(idata,48,p);
651 BN_add_word(p,(key[21] << 5 ) | ((key[22] & 0xf0) >> 3));
652 // Calculate Q
653 idata[48] |= 0x80;
654 idata[95] |= 1;
655 BN_bin2bn(idata+48,48,q);
656 BN_add_word(q,((key[22]&0xf)<<9) | (key[23]<<1));
657 // Calculate M=P*Q
658 BN_mul(m,p,q,ctx5);
659 memset(reader->key60,0x00,0x60);
660 BN_bn2bin(m, reader->key60 + (0x60 - BN_num_bytes(m)));
661 rdr_log_dump_dbg(reader, D_READER, reader->key60, sizeof(reader->key60), "key60: ");
662 // Calculate D
663 BN_sub_word(p,1);
664 BN_sub_word(q,1);
665 BN_mul(e,p,q,ctx5);
666 BN_bin2bn(public_exponent,3,a);
667 BN_mod_inverse(r, a, e, ctx5);
668 memset(reader->exp60,0x00,0x60);
669 BN_bn2bin(r, reader->exp60 + (0x60 - BN_num_bytes(r)));
670 rdr_log_dump_dbg(reader, D_READER, reader->exp60, sizeof(reader->exp60), "exp60: ");
671 BN_CTX_end(ctx5);
672 BN_CTX_free(ctx5);
673 }
674 static void CreateRSAPair68(struct s_reader *reader, const unsigned char *key)
675 {
676 unsigned char idata[104];
677 int i;
678 for(i=12; i>=0; i--) {
679 unsigned char *d=&idata[i*8];
680 memcpy(d,&key[13],8);
681 *d^=i;
682 IdeaDecrypt(d,8,key,0);
683 xxxor(d,8,d,&key[13]);
684 *d^=i;
685 }
686 BN_CTX *ctx6 = BN_CTX_new();
687 #ifdef WITH_LIBCRYPTO
688 BN_CTX_start(ctx6);
689 #endif
690 BIGNUM *p = BN_CTX_get(ctx6);
691 BIGNUM *q = BN_CTX_get(ctx6);
692 BIGNUM *m = BN_CTX_get(ctx6);
693 BIGNUM *e = BN_CTX_get(ctx6);
694 BIGNUM *a = BN_CTX_get(ctx6);
695 BIGNUM *r = BN_CTX_get(ctx6);
696 // Calculate P
697 idata[0] |= 0x80;
698 idata[51] |= 1;
699 BN_bin2bn(idata,52,p);
700 BN_add_word(p,(key[21] << 5 ) | ((key[22] & 0xf0) >> 3));
701 // Calculate Q
702 idata[52] |= 0x80;
703 idata[103] |= 1;
704 BN_bin2bn(idata+52,52,q);
705 BN_add_word(q,((key[22]&0xf)<<9) | (key[23]<<1));
706 // Calculate M=P*Q
707 BN_mul(m,p,q,ctx6);
708 memset(reader->key68,0x00,0x68);
709 BN_bn2bin(m, reader->key68 + (0x68 - BN_num_bytes(m)));
710 rdr_log_dump_dbg(reader, D_READER, reader->key68, sizeof(reader->key68), "key68: ");
711 // Calculate D
712 BN_sub_word(p,1);
713 BN_sub_word(q,1);
714 BN_mul(e,p,q,ctx6);
715 BN_bin2bn(public_exponent,3,a);
716 BN_mod_inverse(r, a, e, ctx6);
717 memset(reader->exp68,0x00,0x68);
718 BN_bn2bin(r, reader->exp68 + (0x68 - BN_num_bytes(r)));
719 rdr_log_dump_dbg(reader, D_READER, reader->exp68, sizeof(reader->exp68), "exp68: ");
720 BN_CTX_end(ctx6);
721 BN_CTX_free(ctx6);
722 }
723 static void dt05_20(struct s_reader *reader)
724 {
725 uint8_t data_20_00[72];
726 uint8_t sig_20_00[16];
727 uint8_t data_20_id[72];
728 uint8_t data_20_x[64];
729 uint8_t data_20_fin[72];
730 uint8_t data_20_flag58[16];
731 rdr_log_dump_dbg(reader, D_READER, reader->tmprsa, sizeof(reader->tmprsa), "DT05_20 after RSA: ");
732 // copy signature
733 memcpy(sig_20_00, reader->tmprsa+24, 16);
734 // copy data
735 memcpy(data_20_00, reader->tmprsa+40, 72);
736 // IDEA encrypt 0x48 data
737 int i;
738 int offs = 0;
739 for(i=0; i<9; i++)
740 {
741 IDEA_KEY_SCHEDULE ks;
742 idea_set_encrypt_key(reader->key3310, &ks);
743 idea_ecb_encrypt(data_20_00+offs, data_20_id+offs, &ks);
744 offs+=8;
745 }
746 // xor
747 for (i=0; i<64; i++)
748 {
749 data_20_x[i] = data_20_00[i] ^ data_20_id[i+8];
750 }
751 rdr_log_dump_dbg(reader, D_READER, data_20_x, sizeof(data_20_x), "data_20_x: ");
752 // create final data block
753 memcpy(data_20_fin,data_20_id,8);
754 memcpy(data_20_fin+8,data_20_x,64);
755 rdr_log_dump_dbg(reader, D_READER, data_20_fin, sizeof(data_20_fin), "data_20_fin: ");
756 uint8_t mdc_hash4[MDC2_DIGEST_LENGTH];
757 memset(mdc_hash4,0x00,MDC2_DIGEST_LENGTH);
758 uint8_t check4[112];
759 memset(check4, 0x00, 112);
760 memcpy(check4, reader->cardid, 4);
761 memcpy(check4 + 4, reader->idird, 4);
762 memcpy(check4 + 23, reader->tmprsa + 23, 1);
763 memcpy(check4 + 40, data_20_fin, 72);
764 MDC2_CTX c4;
765 MDC2_Init(&c4);
766 MDC2_Update(&c4, check4, 112);
767 MDC2_Final(&(mdc_hash4[0]), &c4);
768 if(memcmp(mdc_hash4, sig_20_00, 16) == 0)
769 {
770 rdr_log(reader, "DT05_20 is correct");
771 }
772 else
773 {
774 rdr_log(reader, "DT05_20 error - check MOD2");
775 }
776 // Store 3des software key Flag58 CW overencrypt
777 memcpy(data_20_flag58, data_20_x+16, 16);
778 memcpy(reader->key3des, data_20_flag58, 16);
779 rdr_log_dump_dbg(reader, D_READER, reader->key3des, sizeof(reader->key3des), "Flag58 3DES Key: ");
780 // create rsa pair from final data
781 memcpy(reader->klucz68, data_20_fin, 0x18);
782 rdr_log_dump_dbg(reader, D_READER, reader->klucz68, sizeof(reader->klucz68), "klucz68: ");
783 }
784 static int32_t CAK7_cmd03_global(struct s_reader *reader)
785 {
786 def_resp;
787 if(reader->cak7_seq <= 15)
788 {
789 unsigned char klucz[24];
790 memset(klucz, 0x00, 24);
791 memcpy(klucz, reader->key3588, 24);
792 CreateRSAPair60(reader, klucz);
793 }
794 BN_CTX *ctx1 = BN_CTX_new();
795 #ifdef WITH_LIBCRYPTO
796 BN_CTX_start(ctx1);
797 #endif
798 BIGNUM *bnN1 = BN_CTX_get(ctx1);
799 BIGNUM *bnE1 = BN_CTX_get(ctx1);
800 BIGNUM *bnCT1 = BN_CTX_get(ctx1);
801 BIGNUM *bnPT1 = BN_CTX_get(ctx1);
802 BN_bin2bn(&reader->key60[0], 0x60, bnN1);
803 BN_bin2bn(&reader->exp60[0], 0x60, bnE1);
804 BN_bin2bn(&reader->step1[0], 0x60, bnCT1);
805 BN_mod_exp(bnPT1, bnCT1, bnE1, bnN1, ctx1);
806 memset(reader->data, 0x00, sizeof(reader->data));
807 BN_bn2bin(bnPT1, reader->data + (0x60 - BN_num_bytes(bnPT1)));
808 BN_CTX_end(ctx1);
809 BN_CTX_free(ctx1);
810 memcpy(&reader->step2[0], d00ff, 4);
811 memcpy(&reader->step2[4], reader->cardid, 4);
812 memcpy(&reader->step2[8], reader->data, 0x60);
813 rdr_log_dump_dbg(reader, D_READER, reader->step2, sizeof(reader->step2), "STEP 2:");
814 BN_CTX *ctx2 = BN_CTX_new();
815 #ifdef WITH_LIBCRYPTO
816 BN_CTX_start(ctx2);
817 #endif
818 BIGNUM *bnN2 = BN_CTX_get(ctx2);
819 BIGNUM *bnE2 = BN_CTX_get(ctx2);
820 BIGNUM *bnCT2 = BN_CTX_get(ctx2);
821 BIGNUM *bnPT2 = BN_CTX_get(ctx2);
822 BN_bin2bn(&reader->kdt05_10[0], 0x68, bnN2);
823 BN_bin2bn(public_exponent, 3, bnE2);
824 BN_bin2bn(&reader->step2[0], 0x68, bnCT2);
825 BN_mod_exp(bnPT2, bnCT2, bnE2, bnN2, ctx2);
826 memset(reader->data, 0x00, sizeof(reader->data));
827 BN_bn2bin(bnPT2, reader->data + (0x68 - BN_num_bytes(bnPT2)));
828 BN_CTX_end(ctx2);
829 BN_CTX_free(ctx2);
830 memcpy(&reader->step3[0], d00ff, 4);
831 memcpy(&reader->step3[4], reader->data, 0x68);
832 rdr_log_dump_dbg(reader, D_READER, reader->step3, sizeof(reader->step3), "STEP 3:");
833 BN_CTX *ctx3 = BN_CTX_new();
834 #ifdef WITH_LIBCRYPTO
835 BN_CTX_start(ctx3);
836 #endif
837 BIGNUM *bnN3 = BN_CTX_get(ctx3);
838 BIGNUM *bnE3 = BN_CTX_get(ctx3);
839 BIGNUM *bnCT3 = BN_CTX_get(ctx3);
840 BIGNUM *bnPT3 = BN_CTX_get(ctx3);
841 BN_bin2bn(&reader->kdt05_00[0], 0x6c, bnN3);
842 BN_bin2bn(public_exponent, 3, bnE3);
843 BN_bin2bn(&reader->step3[0], 0x6c, bnCT3);
844 BN_mod_exp(bnPT3, bnCT3, bnE3, bnN3, ctx3);
845 memset(reader->data, 0x00, sizeof(reader->data));
846 BN_bn2bin(bnPT3, reader->data + (0x6c - BN_num_bytes(bnPT3)));
847 BN_CTX_end(ctx3);
848 BN_CTX_free(ctx3);
849 uint8_t cmd03[] = {0xCC,0xCC,0xCC,0xCC,0x00,0x00,0x0A,0x03,0x6C,
850 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
851 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
852 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
853 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
854 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
855 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
856 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
857 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC};
858 memcpy(&cmd03[9],reader->data,0x6c);
859 do_cak7_cmd(reader,cta_res,&cta_lr,cmd03,sizeof(cmd03),0x90);
860 if(cta_lr == 0)
861 {
862 rdr_log(reader, "card is not responding to CMD03 - check your data");
863 return ERROR;
864 }
865 rdr_log_dump_dbg(reader, D_READER, cta_res, 0x90, "CMD03 ANSWER:");
866 memcpy(reader->encrypted,&cta_res[10],0x68);
867 BN_CTX *ctx = BN_CTX_new();
868 #ifdef WITH_LIBCRYPTO
869 BN_CTX_start(ctx);
870 #endif
871 BIGNUM *bnN = BN_CTX_get(ctx);
872 BIGNUM *bnE = BN_CTX_get(ctx);
873 BIGNUM *bnCT = BN_CTX_get(ctx);
874 BIGNUM *bnPT = BN_CTX_get(ctx);
875 BN_bin2bn(&reader->kdt05_10[0], 104, bnN);
876 BN_bin2bn(public_exponent, 3, bnE);
877 BN_bin2bn(&reader->encrypted[0], 104, bnCT);
878 BN_mod_exp(bnPT, bnCT, bnE, bnN, ctx);
879 memset(reader->result, 0, 104);
880 BN_bn2bin(bnPT, reader->result + (104 - BN_num_bytes(bnPT)));
881 BN_CTX_end(ctx);
882 BN_CTX_free(ctx);
883 //uint8_t stillencrypted[0x50];
884 memcpy(reader->stillencrypted,&reader->result[12],0x50);
885 //uint8_t resultrsa[0x50];
886 BN_CTX *ctxs = BN_CTX_new();
887 #ifdef WITH_LIBCRYPTO
888 BN_CTX_start(ctxs);
889 #endif
890 BIGNUM *bnNs = BN_CTX_get(ctxs);
891 BIGNUM *bnEs = BN_CTX_get(ctxs);
892 BIGNUM *bnCTs = BN_CTX_get(ctxs);
893 BIGNUM *bnPTs = BN_CTX_get(ctxs);
894 BN_bin2bn(&reader->mod50[0], reader->mod50_length, bnNs);
895 BN_bin2bn(&reader->cak7expo[0], 0x11, bnEs);
896 BN_bin2bn(&reader->stillencrypted[0], 0x50, bnCTs);
897 BN_mod_exp(bnPTs, bnCTs, bnEs, bnNs, ctxs);
898 memset(reader->resultrsa, 0x00, 0x50);
899 BN_bn2bin(bnPTs, reader->resultrsa + (0x50 - BN_num_bytes(bnPTs)));
900 BN_CTX_end(ctxs);
901 BN_CTX_free(ctxs);
902 uint8_t mdc_hash3[MDC2_DIGEST_LENGTH];
903 memset(mdc_hash3,0x00,MDC2_DIGEST_LENGTH);
904 MDC2_CTX c3;
905 MDC2_Init(&c3);
906 MDC2_Update(&c3, reader->resultrsa, sizeof(reader->resultrsa));
907 MDC2_Final(&(mdc_hash3[0]), &c3);
908 memcpy(&reader->cak7_aes_key[16],mdc_hash3,16);
909 memcpy(reader->cak7_aes_key,mdc_hash3,16);
910 char tmp7[128];
911 rdr_log(reader, "New AES: %s", cs_hexdump(1, reader->cak7_aes_key, 16, tmp7, sizeof(tmp7)));
912 return OK;
913 }
914 static int32_t CAK7_cmd03_unique(struct s_reader *reader)
915 {
916 def_resp;
917 BN_CTX *ctx1 = BN_CTX_new();
918 #ifdef WITH_LIBCRYPTO
919 BN_CTX_start(ctx1);
920 #endif
921 BIGNUM *bnN1 = BN_CTX_get(ctx1);
922 BIGNUM *bnE1 = BN_CTX_get(ctx1);
923 BIGNUM *bnCT1 = BN_CTX_get(ctx1);
924 BIGNUM *bnPT1 = BN_CTX_get(ctx1);
925 BN_bin2bn(&reader->key3460[0], 0x60, bnN1);
926 BN_bin2bn(public_exponent, 3, bnE1);
927 BN_bin2bn(&reader->step1[0], 0x60, bnCT1);
928 BN_mod_exp(bnPT1, bnCT1, bnE1, bnN1, ctx1);
929 memset(reader->data, 0x00, sizeof(reader->data));
930 BN_bn2bin(bnPT1, reader->data + (0x60 - BN_num_bytes(bnPT1)));
931 BN_CTX_end(ctx1);
932 BN_CTX_free(ctx1);
933 memcpy(&reader->step2[0], d00ff, 4);
934 memcpy(&reader->step2[4], reader->cardid, 4);
935 memcpy(&reader->step2[8], reader->data, 0x60);
936 rdr_log_dump_dbg(reader, D_READER, reader->step2, sizeof(reader->step2), "STEP 2:");
937 if(reader->cak7_seq <= 15)
938 {
939 dt05_20(reader);
940 CreateRSAPair68(reader, reader->klucz68);
941 }
942 BN_CTX *ctx2 = BN_CTX_new();
943 #ifdef WITH_LIBCRYPTO
944 BN_CTX_start(ctx2);
945 #endif
946 BIGNUM *bnN2 = BN_CTX_get(ctx2);
947 BIGNUM *bnE2 = BN_CTX_get(ctx2);
948 BIGNUM *bnCT2 = BN_CTX_get(ctx2);
949 BIGNUM *bnPT2 = BN_CTX_get(ctx2);
950 BN_bin2bn(&reader->key68[0], 0x68, bnN2);
951 BN_bin2bn(&reader->exp68[0], 0x68, bnE2);
952 BN_bin2bn(&reader->step2[0], 0x68, bnCT2);
953 BN_mod_exp(bnPT2, bnCT2, bnE2, bnN2, ctx2);
954 memset(reader->data, 0x00, sizeof(reader->data));
955 BN_bn2bin(bnPT2, reader->data + (0x68 - BN_num_bytes(bnPT2)));
956 BN_CTX_end(ctx2);
957 BN_CTX_free(ctx2);
958 memcpy(&reader->step3[0], d00ff, 4);
959 memcpy(&reader->step3[4], reader->data, 0x68);
960 rdr_log_dump_dbg(reader, D_READER, reader->step3, sizeof(reader->step3), "STEP 3:");
961 BN_CTX *ctx3 = BN_CTX_new();
962 #ifdef WITH_LIBCRYPTO
963 BN_CTX_start(ctx3);
964 #endif
965 BIGNUM *bnN3 = BN_CTX_get(ctx3);
966 BIGNUM *bnE3 = BN_CTX_get(ctx3);
967 BIGNUM *bnCT3 = BN_CTX_get(ctx3);
968 BIGNUM *bnPT3 = BN_CTX_get(ctx3);
969 BN_bin2bn(&reader->kdt05_00[0], 0x6c, bnN3);
970 BN_bin2bn(public_exponent, 3, bnE3);
971 BN_bin2bn(&reader->step3[0], 0x6c, bnCT3);
972 BN_mod_exp(bnPT3, bnCT3, bnE3, bnN3, ctx3);
973 memset(reader->data, 0x00, sizeof(reader->data));
974 BN_bn2bin(bnPT3, reader->data + (0x6c - BN_num_bytes(bnPT3)));
975 BN_CTX_end(ctx3);
976 BN_CTX_free(ctx3);
977 uint8_t cmd03[] = {0xCC,0xCC,0xCC,0xCC,0x00,0x00,0x0A,0x03,0x6C,
978 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
979 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
980 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
981 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
982 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
983 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
984 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
985 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC};
986 memcpy(&cmd03[9],reader->data,0x6c);
987 do_cak7_cmd(reader,cta_res,&cta_lr,cmd03,sizeof(cmd03),0x90);
988 if(cta_lr == 0)
989 {
990 rdr_log(reader, "card is not responding to CMD03 - check your data");
991 return ERROR;
992 }
993 rdr_log_dump_dbg(reader, D_READER, cta_res, 0x90, "CMD03 ANSWER:");
994 memcpy(reader->encrypted,&cta_res[18],0x60);
995 BN_CTX *ctx = BN_CTX_new();
996 #ifdef WITH_LIBCRYPTO
997 BN_CTX_start(ctx);
998 #endif
999 BIGNUM *bnN = BN_CTX_get(ctx);
1000 BIGNUM *bnE = BN_CTX_get(ctx);
1001 BIGNUM *bnCT = BN_CTX_get(ctx);
1002 BIGNUM *bnPT = BN_CTX_get(ctx);
1003 BN_bin2bn(&reader->key3460[0], 96, bnN);
1004 BN_bin2bn(public_exponent, 3, bnE);
1005 BN_bin2bn(&reader->encrypted[0], 96, bnCT);
1006 BN_mod_exp(bnPT, bnCT, bnE, bnN, ctx);
1007 memset(reader->result, 0, 96);
1008 BN_bn2bin(bnPT, reader->result + (96 - BN_num_bytes(bnPT)));
1009 BN_CTX_end(ctx);
1010 BN_CTX_free(ctx);
1011 rdr_log_dump_dbg(reader, D_READER, reader->result, 96, "after RSA_3460: ");
1012 //uint8_t stillencrypted[0x50];
1013 memcpy(reader->stillencrypted,&reader->result[4],0x50);
1014 //uint8_t resultrsa[0x50];
1015 BN_CTX *ctxs = BN_CTX_new();
1016 #ifdef WITH_LIBCRYPTO
1017 BN_CTX_start(ctxs);
1018 #endif
1019 BIGNUM *bnNs = BN_CTX_get(ctxs);
1020 BIGNUM *bnEs = BN_CTX_get(ctxs);
1021 BIGNUM *bnCTs = BN_CTX_get(ctxs);
1022 BIGNUM *bnPTs = BN_CTX_get(ctxs);
1023 BN_bin2bn(&reader->mod50[0], reader->mod50_length, bnNs);
1024 BN_bin2bn(&reader->cak7expo[0], 0x11, bnEs);
1025 BN_bin2bn(&reader->stillencrypted[0], 0x50, bnCTs);
1026 BN_mod_exp(bnPTs, bnCTs, bnEs, bnNs, ctxs);
1027 memset(reader->resultrsa, 0x00, 0x50);
1028 BN_bn2bin(bnPTs, reader->resultrsa + (0x50 - BN_num_bytes(bnPTs)));
1029 BN_CTX_end(ctxs);
1030 BN_CTX_free(ctxs);
1031 uint8_t mdc_hash5[MDC2_DIGEST_LENGTH];
1032 memset(mdc_hash5,0x00,MDC2_DIGEST_LENGTH);
1033 MDC2_CTX c5;
1034 MDC2_Init(&c5);
1035 MDC2_Update(&c5, reader->resultrsa, sizeof(reader->resultrsa));
1036 MDC2_Final(&(mdc_hash5[0]), &c5);
1037 memcpy(&reader->cak7_aes_key[16],mdc_hash5,16);
1038 memcpy(reader->cak7_aes_key,mdc_hash5,16);
1039 char tmp7[128];
1040 rdr_log(reader, "New AES: %s", cs_hexdump(1, reader->cak7_aes_key, 16, tmp7, sizeof(tmp7)));
1041 return OK;
1042 }
1043 static int32_t CAK7_GetCamKey(struct s_reader *reader)
1044 {
1045 def_resp;
1046 uint8_t cmd0e[] = {0xCC,0xCC,0xCC,0xCC,0x00,0x00,0x00,0x0E,0x83,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xCC,
1047 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
1048 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
1049 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
1050 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
1051 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,
1052 0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC};
1053 if(!reader->nuid_length)
1054 {
1055 uint8_t cmd02[] = {0x02,0x7B};
1056 memcpy(cmd0e + 7, cmd02, 2);
1057 rdr_log(reader, "using CMD02");
1058 }
1059 else
1060 {
1061 int cwekeycount = 0, i;
1062 memcpy(cmd0e + 132, reader->nuid, reader->nuid_length); // inject NUID
1063
1064 for (i = 0; i < 8; i++)
1065 cwekeycount += !!reader->cwekey_length[i];
1066
1067 if(cwekeycount == 0)
1068 {
1069 rdr_log(reader, "only NUID defined - enter at least CWPK0");
1070 return ERROR;
1071 }
1072 else
1073 {
1074 if(reader->otpcsc_length)
1075 {
1076 memcpy(cmd0e + 136, reader->otpcsc, reader->otpcsc_length);
1077 }
1078 else
1079 {
1080 cmd0e[136] = 0x00;
1081 cmd0e[137] = !reader->cwpkota ? cwekeycount: 0x00;
1082 }
1083 if(reader->otacsc_length)
1084 {
1085 memcpy(cmd0e + 138, reader->otacsc, reader->otacsc_length);
1086 }
1087 else
1088 {
1089 cmd0e[138] = 0x00;
1090 cmd0e[139] = reader->cwpkota ? cwekeycount : 0x00;
1091 }
1092 }
1093 char tmp[16];
1094 rdr_log(reader, "OTP CSC No. of keys: %s", cs_hexdump(1, cmd0e + 136, 2, tmp, sizeof(tmp)));
1095 rdr_log(reader, "OTA CSC No. of keys: %s", cs_hexdump(1, cmd0e + 138, 2, tmp, sizeof(tmp)));
1096 }
1097 if(reader->forcepair_length)
1098 {
1099 rdr_log(reader, "Forcing Pairing Type");
1100 memcpy(cmd0e + 13, reader->forcepair, 1);
1101 }
1102 else
1103 {
1104 if(reader->hasunique == 1)
1105 {
1106 cmd0e[13] = 0x40;
1107 }
1108 }
1109 memcpy(cmd0e + 14, reader->idird, 4);
1110 memcpy(reader->irdId, reader->idird, 4);
1111 if(reader->cmd0eprov_length)
1112 {
1113 memcpy(cmd0e + 18, reader->cmd0eprov, 2);
1114 }
1115 else
1116 {
1117 memcpy(cmd0e + 18, reader->prid[0] + 2, 2);
1118 }
1119 memcpy(cmd0e + 20, reader->key3588 + 24, 0x70);
1120 if(reader->cak7_seq <= 15)
1121 {
1122 srand(time(NULL));
1123 }
1124 uint32_t data1r = rand() % 4294967294u;
1125 reader->timestmp1[0]=(data1r>>24)&0xFF;
1126 reader->timestmp1[1]=(data1r>>16)&0xFF;
1127 reader->timestmp1[2]=(data1r>>8)&0xFF;
1128 reader->timestmp1[3]=(data1r)&0xFF;
1129 memcpy(cmd0e + 9, reader->timestmp1, 0x04);
1130 rdr_log_dump_dbg(reader, D_READER, reader->timestmp1, 4, "DATA1 CMD0E:");
1131 rdr_log_dump_dbg(reader, D_READER, reader->prid[0], 4, "SysID:");
1132 do_cak7_cmd(reader,cta_res, &cta_lr, cmd0e, sizeof(cmd0e), 0x20);
1133 if(cta_lr == 0)
1134 {
1135 rdr_log(reader, "card is not responding to CMD02/E - check your data");
1136 return ERROR;
1137 }
1138 rdr_log_dump_dbg(reader, D_READER, cta_res, 0x20, "Decrypted answer to CMD02/0E:");
1139 reader->needrestart = (cta_res[22] << 16);
1140 reader->needrestart += (cta_res[23] << 8);
1141 reader->needrestart += (cta_res[24] );
1142 reader->needrestart--;
1143 if(reader->cak7_seq <= 15)
1144 {
1145 rdr_log(reader, "card needs FASTreinit after %d CMDs", reader->needrestart);
1146 }
1147 else
1148 {
1149 uint32_t cmdleft = reader->needrestart - reader->cak7_seq;
1150 rdr_log(reader, "%d CMDs left to FASTreinit", cmdleft);
1151 }
1152 reader->dword_83DBC = (cta_res[18] << 24);
1153 reader->dword_83DBC += (cta_res[19] << 16);
1154 reader->dword_83DBC += (cta_res[20] << 8);
1155 reader->dword_83DBC += (cta_res[21] );
1156 calc_cak7_exponent(&reader->dword_83DBC, reader->cak7expo, 0x11);
1157 rdr_log_dump_dbg(reader, D_READER, reader->cak7expo, 0x11, "CAK7 Exponent:");
1158 memcpy(reader->cardid,cta_res + 14, 4);
1159 rdr_log_dump_dbg(reader, D_READER, reader->cardid, 0x04, "CardSerial: ");
1160 memcpy(reader->hexserial + 2, reader->cardid, 4);
1161 unsigned long datal = (cta_res[9] << 24) + (cta_res[10] << 16) + (cta_res[11] << 8) + (cta_res[12]);
1162 datal++;
1163 reader->data2[0] = (datal >> 24) & 0xFF;
1164 reader->data2[1] = (datal >> 16) & 0xFF;
1165 reader->data2[2] = (datal >> 8) & 0xFF;
1166 reader->data2[3] = (datal ) & 0xFF;
1167 data1r++;
1168 reader->timestmp2[0]=(data1r>>24)&0xFF;
1169 reader->timestmp2[1]=(data1r>>16)&0xFF;
1170 reader->timestmp2[2]=(data1r>>8)&0xFF;
1171 reader->timestmp2[3]=(data1r)&0xFF;
1172 memcpy(reader->ecmheader,cta_res + 18,4);
1173 if(reader->cak7_seq <= 15)
1174 {
1175 uint8_t mdc_hash2[MDC2_DIGEST_LENGTH];
1176 memset(mdc_hash2,0x00,MDC2_DIGEST_LENGTH);
1177 uint8_t check2[0x78];
1178 memset(check2, 0x00, 0x78);
1179 memcpy(check2, reader->cardid, 4);
1180 memcpy(check2 + 16, reader->kdt05_10, 0x68);
1181 MDC2_CTX c2;
1182 MDC2_Init(&c2);
1183 MDC2_Update(&c2, check2, 0x78);
1184 MDC2_Final(&(mdc_hash2[0]), &c2);
1185 rdr_log_dump_dbg(reader, D_READER, reader->ideakey1, 16, "IDEAKEY1: ");
1186 rdr_log_dump_dbg(reader, D_READER, mdc_hash2, 16, "MDC_HASH: ");
1187 if(memcmp(mdc_hash2 + 1, reader->ideakey1 + 1, 14) == 0)
1188 {
1189 rdr_log(reader, "DT05_10 is correct");
1190 }
1191 else
1192 {
1193 rdr_log(reader, "DT05_10 error - check MOD1");
1194 }
1195 }
1196 BN_CTX *ctx0 = BN_CTX_new();
1197 #ifdef WITH_LIBCRYPTO
1198 BN_CTX_start(ctx0);
1199 #endif
1200 BIGNUM *bnN0 = BN_CTX_get(ctx0);
1201 BIGNUM *bnE0 = BN_CTX_get(ctx0);
1202 BIGNUM *bnCT0 = BN_CTX_get(ctx0);
1203 BIGNUM *bnPT0 = BN_CTX_get(ctx0);
1204 BN_bin2bn(&reader->mod50[0], 0x50, bnN0);
1205 BN_bin2bn(&reader->cak7expo[0], 0x11, bnE0);
1206 BN_bin2bn(&reader->data50[0], 0x50, bnCT0);
1207 BN_mod_exp(bnPT0, bnCT0, bnE0, bnN0, ctx0);
1208 memset(reader->data, 0x00, sizeof(reader->data));
1209 BN_bn2bin(bnPT0, reader->data + (0x50 - BN_num_bytes(bnPT0)));
1210 BN_CTX_end(ctx0);
1211 BN_CTX_free(ctx0);
1212 rdr_log_dump_dbg(reader, D_READER, reader->timestmp2, 4, "DATA1 CMD03:");
1213 memcpy(&reader->step1[0], d00ff, 4);
1214 memcpy(&reader->step1[4], reader->data, 0x50);
1215 memcpy(&reader->step1[4 + 0x50], reader->idird, 0x04);
1216 memcpy(&reader->step1[4 + 4 + 0x50], reader->timestmp2, 0x04);
1217 memcpy(&reader->step1[4 + 4 + 4 + 0x50], reader->data2, 0x04);
1218 rdr_log_dump_dbg(reader, D_READER, reader->step1, sizeof(reader->step1), "STEP 1:");
1219 reader->pairtype = cta_res[13];
1220 if((reader->pairtype > 0x00) && (reader->pairtype < 0xC0))
1221 {
1222 rdr_log(reader,"Card is starting in GLOBAL mode");
1223 if(!CAK7_cmd03_global(reader))
1224 {return ERROR;}
1225 }
1226 else if(reader->pairtype == 0xC0)
1227 {
1228 rdr_log(reader,"Card is starting in UNIQUE mode");
1229 if(!reader->mod2_length)
1230 {
1231 rdr_log(reader, "no mod2 defined");
1232 return ERROR;
1233 }
1234 if(!reader->key3460_length)
1235 {
1236 rdr_log(reader, "no key3460 defined");
1237 return ERROR;
1238 }
1239 if(!reader->key3310_length)
1240 {
1241 rdr_log(reader, "no key3310 defined");
1242 return ERROR;
1243 }
1244 if(!CAK7_cmd03_unique(reader))
1245 {return ERROR;}
1246 }
1247 else
1248 {
1249 rdr_log(reader,"Unknown Pairing Type");
1250 return ERROR;
1251 }
1252 return OK;
1253 }
1254 static int32_t nagra3_card_init(struct s_reader *reader, ATR *newatr)
1255 {
1256 get_atr;
1257 memset(reader->hexserial, 0, 8);
1258 reader->cak7_seq = 0;
1259 reader->hasunique = 0;
1260 memset(reader->ecmheader, 0, 4);
1261 cs_clear_entitlement(reader);
1262 if(memcmp(atr + 8, "DNASP4", 6) == 0)
1263 {
1264 if((memcmp(atr + 8, "DNASP400", 8) == 0) && !reader->cak7_mode)
1265 {
1266 return ERROR;
1267 }
1268 else
1269 {
1270 memcpy(reader->rom, atr + 8, 15);
1271 rdr_log(reader,"Rom revision: %.15s", reader->rom);
1272 }
1273 }
1274 else if(memcmp(atr + 11, "DNASP4", 6) == 0)
1275 {
1276 memcpy(reader->rom, atr + 11, 15);
1277 rdr_log(reader,"Rom revision: %.15s", reader->rom);
1278 }
1279 else
1280 {
1281 return ERROR;
1282 }
1283 reader->nprov = 1;
1284 /*reader->nsa = 0;
1285 reader->nemm84 = 0;
1286 reader->nemm83u = 0;
1287 reader->nemm83s = 0;
1288 reader->nemm87 = 0;*/
1289 if(!reader->mod1_length)
1290 {
1291 rdr_log(reader, "no MOD1 defined");
1292 return ERROR;
1293 }
1294 if(!reader->key3588_length)
1295 {
1296 rdr_log(reader, "no key3588 defined");
1297 return ERROR;
1298 }
1299 if(!reader->data50_length)
1300 {
1301 rdr_log(reader, "no data50 defined");
1302 return ERROR;
1303 }
1304 if(!reader->mod50_length)
1305 {
1306 rdr_log(reader, "no mod50 defined");
1307 return ERROR;
1308 }
1309 if(!reader->idird_length)
1310 {
1311 rdr_log(reader, "no idird defined");
1312 return ERROR;
1313 }
1314 CAK7GetDataType(reader, 0x02);
1315 CAK7GetDataType(reader, 0x05);
1316 if(!CAK7_GetCamKey(reader))
1317 {return ERROR;}
1318 CAK7GetDataType(reader, 0x09);
1319 char tmp[4 * 3 + 1];
1320 reader->nsa = 0;
1321 reader->nemm84 = 0;
1322 reader->nemm83u = 0;
1323 reader->nemm83s = 0;
1324 reader->nemm87 = 0;
1325 CAK7GetDataType(reader, 0x04);
1326 if(reader->forceemmg)
1327 {
1328 reader->emm82 = 1;
1329 }
1330 int i;
1331 for(i = 1; i < reader->nprov; i++)
1332 {
1333 rdr_log(reader, "Prv.ID: %s", cs_hexdump(1, reader->prid[i], 4, tmp, sizeof(tmp)));
1334 }
1335 if(reader->cak7type != 3)
1336 {
1337 rdr_log(reader, "-----------------------------------------");
1338 rdr_log(reader, "| EMM Filters (PRIVATE!!) |");
1339 rdr_log(reader, "+---------------------------------------+");
1340 if(reader->emm82 == 1)
1341 {
1342 rdr_log(reader, "|emm82 |");
1343 }
1344 char tmp7[48];
1345 for(i = 0; i < reader->nemm84; i++)
1346 {
1347 rdr_log(reader, "|emm84 : %s |", cs_hexdump(1, reader->emm84[i], 3, tmp7, sizeof(tmp7)));
1348 }
1349 for(i = 0; i < reader->nemm83u; i++)
1350 {
1351 rdr_log(reader, "|emm83U: %s |", cs_hexdump(1, reader->emm83u[i], 6, tmp7, sizeof(tmp7)));
1352 }
1353 for(i = 0; i < reader->nemm83s; i++)
1354 {
1355 rdr_log(reader, "|emm83S: %s |", cs_hexdump(1, reader->emm83s[i], 6, tmp7, sizeof(tmp7)));
1356 }
1357 for(i = 0; i < reader->nemm87; i++)
1358 {
1359 rdr_log(reader, "|emm87 : %s |", cs_hexdump(1, reader->emm87[i], 6, tmp7, sizeof(tmp7)));
1360 }
1361 rdr_log(reader, "-----------------------------------------");
1362 }
1363 rdr_log(reader, "ready for requests");
1364 return OK;
1365 }
1366 static int32_t nagra3_card_info(struct s_reader *reader)
1367 {
1368 char tmp[4 * 3 + 1];
1369 rdr_log(reader, "ROM: %c %c %c %c %c %c %c %c", reader->rom[0], reader->rom[1], reader->rom[2], reader->rom[3], reader->rom[4], reader->rom[5], reader->rom[6], reader->rom[7]);
1370 rdr_log(reader, "REV: %c %c %c %c %c %c", reader->rom[9], reader->rom[10], reader->rom[11], reader->rom[12], reader->rom[13], reader->rom[14]);
1371 rdr_log_sensitive(reader, "SER: {%s}", cs_hexdump(1, reader->hexserial + 2, 4, tmp, sizeof(tmp)));
1372 rdr_log(reader, "CAID: %04X", reader->caid);
1373 rdr_log(reader, "Prv.ID: %s(sysid)", cs_hexdump(1, reader->prid[0], 4, tmp, sizeof(tmp)));
1374 cs_clear_entitlement(reader); // reset the entitlements
1375 rdr_log(reader, "-----------------------------------------");
1376 rdr_log(reader, "|id |tier |valid from |valid to |");
1377 rdr_log(reader, "+----+--------+------------+------------+");
1378 CAK7GetDataType(reader, 0x03);
1379 CAK7GetDataType(reader, 0x0C);
1380 rdr_log(reader, "-----------------------------------------");
1381 return OK;
1382 }
1383 static int32_t fastreinit(struct s_reader *reader)
1384 {
1385 ATR newatr[ATR_MAX_SIZE];
1386 memset(newatr, 0, 1);
1387 if(ICC_Async_Activate(reader, newatr, 0))
1388 {
1389 return ERROR;
1390 }
1391 reader->cak7_seq = 0;
1392 if(!CAK7_GetCamKey(reader))
1393 {
1394 return ERROR;
1395 }
1396 return OK;
1397 }
1398 static void nagra3_post_process(struct s_reader *reader)
1399 {
1400 if(reader->cak7_seq >= reader->needrestart)
1401 {
1402 rdr_log(reader, "card needs FASTreinit to prevent crash");
1403 if(!fastreinit(reader))
1404 {
1405 rdr_log(reader, "FASTreinit failed - need to restart reader");
1406 reader->card_status = CARD_NEED_INIT;
1407 add_job(reader->client, ACTION_READER_RESTART, NULL, 0);
1408 }
1409 }
1410 else if((reader->cak7_camstate & 64) == 64)
1411 {
1412 rdr_log(reader, "negotiating new Session Key");
1413 if(!CAK7_GetCamKey(reader))
1414 {
1415 rdr_log(reader, "negotiations failed - trying FASTreinit");
1416 if(!fastreinit(reader))
1417 {
1418 rdr_log(reader, "FASTreinit failed - need to restart reader");
1419 reader->card_status = CARD_NEED_INIT;
1420 add_job(reader->client, ACTION_READER_RESTART, NULL, 0);
1421 }
1422 }
1423 }
1424 }
1425 static int32_t nagra3_do_ecm(struct s_reader *reader, const ECM_REQUEST *er, struct s_ecm_answer *ea)
1426 {
1427 def_resp;
1428 if(reader->cak7type == 3)
1429 {
1430 if(er->ecm[2] > 0x61 && er->ecm[7] == 0x5C && er->ecm[100] == 0x0B)
1431 {
1432 if(er->ecm[101] == 0x03 || er->ecm[101] == 0x04)
1433 {
1434 if(er->ecm[104] > reader->pairtype)
1435 {
1436 rdr_log(reader, "reinit card in Unique Pairing Mode");
1437 return ERROR;
1438 }
1439 if(er->ecm[104] == 0x80 && reader->pairtype == 0x80)
1440 {
1441 rdr_log(reader, "reinit card in Unique Pairing Mode");
1442 return ERROR;
1443 }
1444 }
1445 if(er->ecm[101] == 0x04 && !reader->nuid_length)
1446 {
1447 rdr_log(reader, "reinit card with NUID");
1448 return ERROR;
1449 }
1450 }
1451 }
1452 else
1453 {
1454 if(er->ecm[2] > 0x86 && er->ecm[4] == 0x84 && er->ecm[137] == 0x0B)
1455 {
1456 if(er->ecm[138] == 0x03 || er->ecm[138] == 0x04)
1457 {
1458 if(er->ecm[141] > reader->pairtype)
1459 {
1460 rdr_log(reader, "reinit card in Unique Pairing Mode");
1461 return ERROR;
1462 }
1463 if(er->ecm[141] == 0x80 && reader->pairtype == 0x80)
1464 {
1465 rdr_log(reader, "reinit card in Unique Pairing Mode");
1466 return ERROR;
1467 }
1468 }
1469 if(er->ecm[138] == 0x04 && !reader->nuid_length)
1470 {
1471 rdr_log(reader, "reinit card with NUID");
1472 return ERROR;
1473 }
1474 }
1475 }
1476 uint8_t ecmreq[0xC0];
1477 memset(ecmreq,0xCC,0xC0);
1478 ecmreq[ 7] = 0x05;
1479 if(reader->caid == 0x1830)
1480 {
1481 ecmreq[ 9] = 0x00;
1482 ecmreq[10] = 0x00;
1483 ecmreq[11] = 0x00;
1484 ecmreq[12] = 0x00;
1485 ecmreq[13] = 0x00;
1486 }
1487 else
1488 {
1489 ecmreq[ 9] = 0x04;
1490 ecmreq[10] = reader->ecmheader[0];
1491 ecmreq[11] = reader->ecmheader[1];
1492 ecmreq[12] = reader->ecmheader[2];
1493 ecmreq[13] = reader->ecmheader[3];
1494 }
1495 if(reader->cak7type == 3)
1496 {
1497 ecmreq[8] = er->ecm[7] + 6;
1498 memcpy(&ecmreq[14], er->ecm + 7, er->ecm[7] + 1);
1499 }
1500 else
1501 {
1502 ecmreq[8] = er->ecm[4] + 6;
1503 memcpy(&ecmreq[14], er->ecm + 4, er->ecm[4] + 1);
1504 }
1505 if((er->ecm[2] == 0xAC) && (er->ecm[3] == 0x05))
1506 {
1507 ecmreq[15] = 0x0A;
1508 }
1509 do_cak7_cmd(reader, cta_res, &cta_lr, ecmreq, sizeof(ecmreq), 0xB0);
1510 rdr_log_dump_dbg(reader, D_READER, cta_res, 0xB0, "Decrypted ECM Answer:");
1511 if((cta_res[cta_lr - 2] != 0x90 && cta_res[cta_lr - 1] != 0x00) || cta_lr == 0)
1512 {
1513 rdr_log(reader, "(ECM) Reader will be restart now cause: %02X %02X card answer!!!", cta_res[cta_lr - 2], cta_res[cta_lr - 1]);
1514 reader->card_status = CARD_NEED_INIT;
1515 add_job(reader->client, ACTION_READER_RESTART, NULL, 0);
1516 }
1517 else if(cta_res[27] != 0x00 && cta_res[27] != 0xCC)
1518 {
1519 memcpy(reader->ecmheader, cta_res + 9, 4);
1520 reader->cak7_camstate = cta_res[4];
1521 uint8_t _cwe0[8];
1522 uint8_t _cwe1[8];
1523 if(cta_res[78] == 0x01 || reader->forcecwswap)
1524 {
1525 memcpy(_cwe0,&cta_res[52], 0x08);
1526 memcpy(_cwe1,&cta_res[28], 0x08);
1527 }
1528 else
1529 {
1530 memcpy(_cwe0,&cta_res[28], 0x08);
1531 memcpy(_cwe1,&cta_res[52], 0x08);
1532 }
1533 if(cta_res[27] == 0x5C)
1534 {
1535 uint8_t cta_res144 = cta_res[144];
1536 if(cta_res144 < 0x08)
1537 {
1538 if(!reader->cwekey_length[cta_res144])
1539 {
1540 rdr_log(reader, "ERROR: CWPK%d is not set, can not decrypt CW", cta_res[144]);
1541 return ERROR;
1542 }
1543 des_ecb3_decrypt(_cwe0, reader->cwekey[cta_res144]);
1544 des_ecb3_decrypt(_cwe1, reader->cwekey[cta_res144]);
1545 }
1546 }
1547 else if(cta_res[27] == 0x58)
1548 {
1549 des_ecb3_decrypt(_cwe0, reader->key3des);
1550 des_ecb3_decrypt(_cwe1, reader->key3des);
1551 }
1552 rdr_log_dbg(reader, D_READER, "CW Decrypt ok");
1553 memcpy(ea->cw, _cwe0, 0x08);
1554 memcpy(ea->cw + 8, _cwe1, 0x08);
1555 return OK;
1556 }
1557 else if(cta_res[23] == 0x00)
1558 {
1559 memcpy(reader->ecmheader, cta_res + 9, 4);
1560 reader->cak7_camstate = cta_res[4];
1561 if(reader->hasunique && reader->pairtype < 0xC0)
1562 {
1563 rdr_log(reader, "reinit card in Unique Pairing Mode");
1564 }
1565 else
1566 {
1567 rdr_log(reader, "card has no right to decode this channel");
1568 }
1569 }
1570 else if(cta_res[23] == 0x04)
1571 {
1572 if(!reader->nuid_length)
1573 {
1574 rdr_log(reader, "reinit card with NUID");
1575 }
1576 else
1577 {
1578 rdr_log(reader, "wrong OTP/OTA CSC values");
1579 }
1580 }
1581 else
1582 {
1583 rdr_log(reader, "card got wrong ECM");
1584 }
1585 return ERROR;
1586 }
1587 static int32_t nagra3_do_emm(struct s_reader *reader, EMM_PACKET *ep)
1588 {
1589 def_resp;
1590 if(ep->emm[0] == 0x90)
1591 {
1592 rdr_log(reader, "OSCam got your BoxEMM");
1593 char tmp[128];
1594 rdr_log(reader, "NUID: %s", cs_hexdump(1, reader->nuid, 4, tmp, sizeof(tmp)));
1595 rdr_log(reader, "Index: %s", cs_hexdump(1, ep->emm + 10, 1, tmp, sizeof(tmp)));
1596 rdr_log(reader, "eCWPK: %s", cs_hexdump(1, ep->emm + 11, 16, tmp, sizeof(tmp)));
1597 }
1598 else
1599 {
1600 uint8_t emmreq[0xC0];
1601 memset(emmreq, 0xCC, 0xC0);
1602 emmreq[ 7] = 0x05;
1603 if(reader->caid == 0x1830)
1604 {
1605 emmreq[ 9] = 0x00;
1606 emmreq[10] = 0x00;
1607 emmreq[11] = 0x00;
1608 emmreq[12] = 0x00;
1609 emmreq[13] = 0x00;
1610 }
1611 else
1612 {
1613 emmreq[ 9] = 0x04;
1614 emmreq[10] = reader->ecmheader[0];
1615 emmreq[11] = reader->ecmheader[1];
1616 emmreq[12] = reader->ecmheader[2];
1617 emmreq[13] = reader->ecmheader[3];
1618 }
1619 if(reader->cak7type == 3)
1620 {
1621 int32_t i;
1622 uint8_t *prov_id_ptr;
1623 switch(ep->type)
1624 {
1625 case SHARED:
1626 emmreq[8] = ep->emm[9] + 6;
1627 prov_id_ptr = ep->emm + 3;
1628 memcpy(&emmreq[14], ep->emm + 9, ep->emm[9] + 1);
1629 break;
1630 case UNIQUE:
1631 emmreq[8] = ep->emm[12] + 6;
1632 prov_id_ptr = ep->emm + 9;
1633 memcpy(&emmreq[14], ep->emm + 12, ep->emm[12] + 1);
1634 break;
1635 case GLOBAL:
1636 emmreq[8] = ep->emm[6] + 6;
1637 prov_id_ptr = ep->emm + 3;
1638 memcpy(&emmreq[14], ep->emm + 6, ep->emm[6] + 1);
1639 break;
1640 default:
1641 rdr_log(reader, "EMM: Congratulations, you have discovered a new EMM on Merlin.");
1642 rdr_log(reader, "This has not been decoded yet.");
1643 return ERROR;
1644 }
1645 i = get_prov_index(reader, prov_id_ptr);
1646 if(i == -1)
1647 {
1648 rdr_log(reader, "EMM: skipped since provider id doesnt match");
1649 return SKIPPED;
1650 }
1651 }
1652 else
1653 {
1654 emmreq[8] = ep->emm[9] + 6;
1655 memcpy(&emmreq[14], ep->emm + 9, ep->emm[9] + 1);
1656 }
1657 do_cak7_cmd(reader, cta_res, &cta_lr, emmreq, sizeof(emmreq), 0xB0);
1658 if((cta_res[cta_lr-2] != 0x90 && cta_res[cta_lr-1] != 0x00) || cta_lr == 0)
1659 {
1660 rdr_log(reader, "(EMM) Reader will be restart now cause: %02X %02X card answer!!!", cta_res[cta_lr - 2], cta_res[cta_lr - 1]);
1661 reader->card_status = CARD_NEED_INIT;
1662 add_job(reader->client, ACTION_READER_RESTART, NULL, 0);
1663 }
1664 else
1665 {
1666 memcpy(reader->ecmheader, cta_res + 9, 4);
1667 if(reader->cak7_seq >= reader->needrestart)
1668 {
1669 rdr_log(reader, "card needs FASTreinit to prevent crash");
1670 if(!fastreinit(reader))
1671 {
1672 rdr_log(reader, "FASTreinit failed - need to restart reader");
1673 reader->card_status = CARD_NEED_INIT;
1674 add_job(reader->client, ACTION_READER_RESTART, NULL, 0);
1675 }
1676 }
1677 else if((cta_res[4] & 64) == 64)
1678 {
1679 rdr_log(reader, "negotiating new Session Key");
1680 if(!CAK7_GetCamKey(reader))
1681 {
1682 rdr_log(reader, "negotiations failed - trying FASTreinit");
1683 if(!fastreinit(reader))
1684 {
1685 rdr_log(reader, "FASTreinit failed - need to restart reader");
1686 reader->card_status = CARD_NEED_INIT;
1687 add_job(reader->client, ACTION_READER_RESTART, NULL, 0);
1688 }
1689 }
1690 }
1691 }
1692 }
1693 return OK;
1694 }
1695 const struct s_cardsystem reader_nagracak7 =
1696 {
1697 .desc = "nagra merlin",
1698 .caids = (uint16_t[]){ 0x18, 0 },
1699 .do_emm = nagra3_do_emm,
1700 .do_ecm = nagra3_do_ecm,
1701 .post_process = nagra3_post_process,
1702 .card_info = nagra3_card_info,
1703 .card_init = nagra3_card_init,
1704 .get_emm_type = nagra_get_emm_type,
1705 .get_emm_filter = nagra_get_emm_filter,
1706 };
1707 #endif
Open Source Conditional Access Module