sc-irdeto.cpp

DVB-S的softcam源代码

/*
 * Softcam plugin to VDR (C++)
 *
 * This code is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This code is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 * Or, point your browser to http://www.gnu.org/copyleft/gpl.html
 */

#include <string.h>

#include <openssl/rand.h>

#include "common.h"
#include "system.h"
#include "system-common.h"
#include "smartcard.h"
#include "crypto.h"
#include "parse.h"

//DEBUG_CAMCRYPT
#ifdef DEBUG_CAMCRYPT
#define dcc(x) { x; }
#else
#define dcc(x) ;
#endif

#define SYSTEM_NAME			"SC-Irdeto"
#define SYSTEM_PRI			-5

#define SC_NAME	"Irdeto"
#define SC_ID	MAKE_SC_ID('I','r','d','t')

static void BN_complement(const unsigned char *data, int len, BIGNUM *bn)
{
	//unsigned char buff[len];
	unsigned char *buff = new unsigned char[len];
	for(int i=len-1; i>=0; i--) buff[i]=~data[i];
	BN_bin2bn(buff,len,bn);
	BN_add_word(bn,1);
	delete []buff;
}

// -- cSystemScIrdeto ----------------------------------------------------------

class cSystemScIrdeto : public cSystemScCore {
public:
	cSystemScIrdeto(void);
};

cSystemScIrdeto::cSystemScIrdeto(void)
:cSystemScCore(SYSTEM_NAME,SYSTEM_PRI,SC_ID,"SC Irdeto")
{
	hasLogger=true;
}

// -- cSystemLinkScIrdeto ------------------------------------------------------

class cSystemLinkScIrdeto : public cSystemLink {
public:
	cSystemLinkScIrdeto(void);
	virtual bool CanHandle(unsigned short SysId);
	virtual cSystem *Create(void) { return new cSystemScIrdeto; }
};

static cSystemLinkScIrdeto staticInit;

cSystemLinkScIrdeto::cSystemLinkScIrdeto(void)
:cSystemLink(SYSTEM_NAME,SYSTEM_PRI)
{
	Feature.NeedsSmartCard();
}

bool cSystemLinkScIrdeto::CanHandle(unsigned short SysId)
{
	bool res=false;
	cSmartCard *card=smartcards.LockCard(SC_ID);
	if(card) {
		res=card->CanHandle(SysId);
		smartcards.ReleaseCard(card);
	}
	return res;
}

// -- cCamCrypt ----------------------------------------------------------------

class cCamCrypt {
private:
	static const unsigned char cryptTable[];
	bool randomInit;
	cRSA rsa;
	cBN cardExp, cardMod;
	//
	void GenerateRandom(unsigned char *buf, int len);
	void RotateLeft8Byte(unsigned char *key);
protected:
	void RevCamCrypt(const unsigned char *key, unsigned char *data);
	//
	bool SetupCardFiles(unsigned char *data, int len, BIGNUM *exp, BIGNUM *mod);
	void PrepareCamMessage(unsigned char *plain);
	bool EncryptCamMessage(unsigned char *encrypted, const unsigned char *plain);
	const unsigned char *CamKey(const unsigned char *data) { return data+8; }
	const unsigned char *HelperKey(const unsigned char *data) { return data+24; }
public:
	cCamCrypt(void);
};

const unsigned char cCamCrypt::cryptTable[256] = {
	0xDA,0x26,0xE8,0x72,0x11,0x52,0x3E,0x46,0x32,0xFF,0x8C,0x1E,0xA7,0xBE,0x2C,0x29,
	0x5F,0x86,0x7E,0x75,0x0A,0x08,0xA5,0x21,0x61,0xFB,0x7A,0x58,0x60,0xF7,0x81,0x4F,
	0xE4,0xFC,0xDF,0xB1,0xBB,0x6A,0x02,0xB3,0x0B,0x6E,0x5D,0x5C,0xD5,0xCF,0xCA,0x2A,
	0x14,0xB7,0x90,0xF3,0xD9,0x37,0x3A,0x59,0x44,0x69,0xC9,0x78,0x30,0x16,0x39,0x9A,
	0x0D,0x05,0x1F,0x8B,0x5E,0xEE,0x1B,0xC4,0x76,0x43,0xBD,0xEB,0x42,0xEF,0xF9,0xD0,
	0x4D,0xE3,0xF4,0x57,0x56,0xA3,0x0F,0xA6,0x50,0xFD,0xDE,0xD2,0x80,0x4C,0xD3,0xCB,
	0xF8,0x49,0x8F,0x22,0x71,0x84,0x33,0xE0,0x47,0xC2,0x93,0xBC,0x7C,0x3B,0x9C,0x7D,
	0xEC,0xC3,0xF1,0x89,0xCE,0x98,0xA2,0xE1,0xC1,0xF2,0x27,0x12,0x01,0xEA,0xE5,0x9B,
	0x25,0x87,0x96,0x7B,0x34,0x45,0xAD,0xD1,0xB5,0xDB,0x83,0x55,0xB0,0x9E,0x19,0xD7,
	0x17,0xC6,0x35,0xD8,0xF0,0xAE,0xD4,0x2B,0x1D,0xA0,0x99,0x8A,0x15,0x00,0xAF,0x2D,
	0x09,0xA8,0xF5,0x6C,0xA1,0x63,0x67,0x51,0x3C,0xB2,0xC0,0xED,0x94,0x03,0x6F,0xBA,
	0x3F,0x4E,0x62,0x92,0x85,0xDD,0xAB,0xFE,0x10,0x2E,0x68,0x65,0xE7,0x04,0xF6,0x0C,
	0x20,0x1C,0xA9,0x53,0x40,0x77,0x2F,0xA4,0xFA,0x6D,0x73,0x28,0xE2,0xCD,0x79,0xC8,
	0x97,0x66,0x8E,0x82,0x74,0x06,0xC7,0x88,0x1A,0x4A,0x6B,0xCC,0x41,0xE9,0x9D,0xB8,
	0x23,0x9F,0x3D,0xBF,0x8D,0x95,0xC5,0x13,0xB9,0x24,0x5A,0xDC,0x64,0x18,0x38,0x91,
	0x7F,0x5B,0x70,0x54,0x07,0xB6,0x4B,0x0E,0x36,0xAC,0x31,0xE6,0xD6,0x48,0xAA,0xB4
};

cCamCrypt::cCamCrypt(void)
{
	randomInit=false;
}

void cCamCrypt::GenerateRandom(unsigned char *randVal, int len)
{
	static const unsigned int seed = 0x9E3779B9;
	if(!randomInit) {
		RAND_seed(&seed,sizeof(seed));
		randomInit=true;
	}
	RAND_bytes(randVal,len);
}

//
// Rotates the 8 bytes bitwise left
//
void cCamCrypt::RotateLeft8Byte(unsigned char *key)
{
	unsigned char t1=key[7];
	for(int k=0 ; k<8 ; k++) {
		unsigned char t2=t1>>7;
		t1=key[k]; key[k]=(t1<<1) | t2;
	}
}

void cCamCrypt::RevCamCrypt(const unsigned char *key, unsigned char *data)
{
	unsigned char localKey[8];
	memcpy(localKey,key,sizeof(localKey));
	for(int idx1=0 ; idx1<8 ; idx1++) {
		for(int idx2=0 ; idx2<8 ; idx2++) {
			const unsigned char tmp1=cryptTable[data[7] ^ localKey[idx2] ^ idx1];
			const unsigned char tmp2=data[0];
			data[0]=data[1];
			data[1]=data[2];
			data[2]=data[3];
			data[3]=data[4];
			data[4]=data[5];
			data[5]=data[6] ^ tmp1;
			data[6]=data[7];
			data[7]=tmp1 ^ tmp2 ;
		}
		RotateLeft8Byte(localKey);
	}
}

bool cCamCrypt::SetupCardFiles(unsigned char *data, int len, BIGNUM *exp, BIGNUM *mod)
{
	if(rsa.RSA(data,data,len,exp,mod,false)<=0 || (data[0]!=0x80 || data[11]!=0x40 || data[12]!=0x06))
		return false;
	BN_complement(data+13,64,cardMod);
	BN_bin2bn(data+13+64,6,cardExp);
	return true;
}

void cCamCrypt::PrepareCamMessage(unsigned char *plain)
{
	plain[0]=0x80;
	memset(plain+1 ,0x00,7);
	GenerateRandom(plain+16,16);
	memcpy(plain+8,plain+16,8);
	memset(plain+32,0xFF,31);
	plain[63]=0x00;
}

bool cCamCrypt::EncryptCamMessage(unsigned char *encrypted, const unsigned char *plain)
{
	return rsa.RSA(encrypted,plain,64,cardExp,cardMod,false)>0;
}

// -- cSmartCardDataIrdeto -----------------------------------------------------

class cSmartCardDataIrdeto : public cSmartCardData {
public:
	int acs, caid;
	cBN mod, exp;
	bool plain;
	//
	cSmartCardDataIrdeto(void);
	cSmartCardDataIrdeto(int Acs, int Caid);
	virtual bool Parse(const char *line);
	virtual bool Matches(cSmartCardData *param);
};

cSmartCardDataIrdeto::cSmartCardDataIrdeto(void)
:cSmartCardData(SC_ID)
{
	plain=false;
}

cSmartCardDataIrdeto::cSmartCardDataIrdeto(int Acs, int Caid)
:cSmartCardData(SC_ID)
{
	acs=Acs; caid=Caid;
	plain=false;
}

bool cSmartCardDataIrdeto::Matches(cSmartCardData *param)
{
	cSmartCardDataIrdeto *cd=(cSmartCardDataIrdeto *)param;
	return cd->acs==acs && (cd->caid==caid || caid==-1);
}

bool cSmartCardDataIrdeto::Parse(const char *line)
{
	unsigned char buff[512];
	acs=caid=-1; // default
	line=skipspace(line);
	if(*line=='[') { // parse acs & caid
		line++;
		if(GetHex(line,buff,2)!=2) {
			d(printf("smartcarddatairdeto: format error: acs\n"))
			return false;
		}
		acs=buff[0]*256+buff[1];

		line=skipspace(line);
		if(*line=='/') {
			line++;
			if(GetHex(line,buff,2)!=2) {
				d(printf("smartcarddatairdeto: format error: caid\n"))
				return false;
			}
			caid=buff[0]*256+buff[1];
			line=skipspace(line);
		}

		if(!*line==']') {
			d(printf("smartcarddatairdeto: format error: closing ]\n"))
			return false;
		}
		line++;
	}

	line=skipspace(line);
	if(!strncasecmp(line,"plain",5)) {
		plain=true;
		return true;
	}
	int l;
	if((l=GetHex(line,buff,sizeof(buff),false))<=0) {
		d(printf("smartcarddatairdeto: format error: mod\n"))
		return false;
	}
	BN_complement(buff,l,mod);
	if((l=GetHex(line,buff,sizeof(buff),false))<=0) {
		d(printf("smartcarddatairdeto: format error: exp\n"))
		return false;
	}
	BN_bin2bn(buff,l,exp);
	return true;
}

// -- cSmartCardIrdeto ---------------------------------------------------------

#define XOR_START    0x3F // Start value for xor checksumm
#define RECOVER_TIME 100  // Time in ms which the card needs to recover after
                          // a failed command

class cSmartCardIrdeto : public cSmartCard, private cCamCrypt, private cIdSet {
private:
	unsigned char buff[MAX_LEN+1];
	unsigned char camKey[8];
	char asciiSerial[22], coco[4];