/* static void cmd_test(struct s_reader *reader) { def_resp; int i; uchar drecmd[] = { 0x00, 0x02 }; char tmp[64]; for(i = 0; i <= 0xFF; i++) { if(i == 0x45) continue; drecmd[0] = i; dre_cmd(drecmd); if(cta_res[2] == 0xE2) { if(cta_res[3] != 0xE3) rdr_log(reader, "cmd %02X error %02X",i ,cta_res[3]); } else { rdr_log(reader, "cmd %02X answer %s",i ,cs_hexdump(0, cta_res, cta_res[1]+2, tmp, sizeof(tmp))); } } uchar drecmd[64]; //memset(drecmd, 0, 64); //drecmd[0] = 0x71; for(i = 2; i <= 64; i++) { memset(drecmd, 0, 64); drecmd[i-1] = 0x02; drecmd[0] = 0x71; dre_script(drecmd, i, 0, 0, 0); if(cta_res[2] == 0xE2) { if((cta_res[3] != 0xE2) & (cta_res[3] != 0xED)) rdr_log(reader, "Len %02X error %02X",i ,cta_res[3]); if((cta_res[3] & 0xF0) != 0xE0) rdr_log(reader, "Len %02X answer %s",i ,cs_hexdump(0, cta_res, cta_res[1]+2, tmp, sizeof(tmp))); } else { rdr_log(reader, "Len %02X answer %s",i ,cs_hexdump(0, cta_res, cta_res[1]+2, tmp, sizeof(tmp))); } } } */ static int32_t dre_card_init(struct s_reader *reader, ATR *newatr) { get_atr; def_resp; uchar ua[] = { 0x43, 0x15 }; // get serial number (UA) uchar providers[] = { 0x49, 0x15 }; // get providers uchar cmd56[] = { 0x56, 0x00 }; int32_t i; char *card; char tmp[9]; if((atr[0] != 0x3b) || (atr[1] != 0x15) || (atr[2] != 0x11) || (atr[3] != 0x12) || ( ((atr[4] != 0x01) || (atr[5] != 0x01)) && ((atr[4] != 0xca) || (atr[5] != 0x07)) && ((atr[4] != 0xcb) || (atr[5] != 0x07)) && ((atr[4] != 0xcc) || (atr[5] != 0x07)) && ((atr[4] != 0xcd) || (atr[5] != 0x07)) )) { return ERROR; } if(!cs_malloc(&reader->csystem_data, sizeof(struct dre_data))) { return ERROR; } struct dre_data *csystem_data = reader->csystem_data; csystem_data->provider = atr[6]; uchar checksum = xor(atr + 1, 6); if(checksum != atr[7]) { rdr_log(reader, "warning: expected ATR checksum %02x, smartcard reports %02x", checksum, atr[7]); } switch(atr[6]) { case 0: if(!(dre_cmd(cmd56))) { return ERROR; } if((cta_res[cta_lr - 2] != 0x90) || (cta_res[cta_lr - 1] != 0x00)) { return ERROR; } switch(cta_res[4]) { case 0x02: card = "Tricolor Centr DRE3"; reader->caid = 0x4ae1; break; case 0x03: card = "Tricolor Syberia DRE3"; reader->caid = 0x4ae1; break; case 0x18: case 0x19: card = "Tricolor Centr DRE4"; reader->caid = 0x2710; break; case 0x1A: card = "Tricolor Syberia DRE4"; reader->caid = 0x2710; break; default: return ERROR; } csystem_data->provider = cta_res[4]; providers[0] = 0x83; break; case 0x11: card = "Tricolor Centr DRE2"; reader->caid = 0x4ae1; break; //59 type card = MSP (74 type = ATMEL) case 0x12: card = "Cable TV"; reader->caid = 0x4ae1; //TODO not sure about this one break; case 0x14: card = "Tricolor Syberia DRE2"; reader->caid = 0x4ae1; break; //59 type card case 0x15: card = "Platforma HD / DW old"; reader->caid = 0x4ae1; break; //59 type card default: return ERROR; } memset(reader->prid, 0x00, 8); if(atr[6] > 0) { reader->prid[0][3] = atr[6]; } else { reader->prid[0][3] = csystem_data->provider; } uchar cmd54[] = { 0x54, 0x14 }; // geocode cmd54[1] = csystem_data->provider; uchar geocode = 0; if((dre_cmd(cmd54))) //error would not be fatal, like on 0x11 cards { geocode = cta_res[3]; } providers[1] = csystem_data->provider; if(!(dre_cmd(providers))) { return ERROR; } //fatal error if((cta_res[cta_lr - 2] != 0x90) || (cta_res[cta_lr - 1] != 0x00)) { return ERROR; } uchar provname[128]; for(i = 0; ((i < cta_res[2] - 6) && (i < 128)); i++) { provname[i] = cta_res[6 + i]; if(provname[i] == 0x00) { break; } } int32_t major_version = cta_res[3]; int32_t minor_version = cta_res[4]; ua[1] = csystem_data->provider; dre_cmd(ua); //error would not be fatal int32_t hexlength = cta_res[1] - 2; //discard first and last byte, last byte is always checksum, first is answer code if(reader->force_ua) { rdr_log(reader, "WARNING!!!! used UA from force_ua %08X", reader->force_ua); memcpy(cta_res + 3, &reader->force_ua, 4); } reader->hexserial[0] = 0; reader->hexserial[1] = 0; memcpy(reader->hexserial + 2, cta_res + 3, hexlength); int32_t low_dre_id, dre_chksum; uchar buf[32]; if(major_version < 0x3) { low_dre_id = ((cta_res[4] << 16) | (cta_res[5] << 8) | cta_res[6]) - 48608; dre_chksum = 0; snprintf((char *)buf, sizeof(buf), "%i%i%08i", csystem_data->provider - 16, major_version + 1, low_dre_id); for(i = 0; i < 32; i++) { if(buf[i] == 0x00) { break; } dre_chksum += buf[i] - 48; } if(major_version < 2) { reader->caid = 0x4ae0; card = csystem_data->provider == 0x11 ? "Tricolor Centr DRE1" : "Tricolor Syberia DRE1"; } rdr_log(reader, "type: DRE Crypt, caid: %04X, serial: {%s}, dre id: %i%i%i%08i, geocode %i, card: %s v%i.%i", reader->caid, cs_hexdump(0, reader->hexserial + 2, 4, tmp, sizeof(tmp)), dre_chksum, csystem_data->provider - 16, major_version + 1, low_dre_id, geocode, card, major_version, minor_version); } else { low_dre_id = ((cta_res[4] << 16) | (cta_res[5] << 8) | cta_res[6]); dre_chksum = 0; snprintf((char *)buf, sizeof(buf), "%i%i%08i", csystem_data->provider, major_version, low_dre_id); for(i = 0; i < 32; i++) { if(buf[i] == 0x00) { break; } dre_chksum += buf[i] - 48; } rdr_log(reader, "type: DRE Crypt, caid: %04X, serial: {%s}, dre id: %i%03i%i%08i, geocode %i, card: %s v%i.%i", reader->caid, cs_hexdump(0, reader->hexserial + 2, 4, tmp, sizeof(tmp)), dre_chksum, csystem_data->provider, major_version, low_dre_id, geocode, card, major_version, minor_version); } rdr_log(reader, "Provider name:%s.", provname); memset(reader->sa, 0, sizeof(reader->sa)); memcpy(reader->sa[0], reader->hexserial + 2, 1); //copy first byte of unique address also in shared address, because we dont know what it is... rdr_log_sensitive(reader, "SA = %02X%02X%02X%02X, UA = {%s}", reader->sa[0][0], reader->sa[0][1], reader->sa[0][2], reader->sa[0][3], cs_hexdump(0, reader->hexserial + 2, 4, tmp, sizeof(tmp))); reader->nprov = 1; // cmd_test(reader); // exec user script, wicardd format if(reader->userscript != NULL) { uint8_t *usercmd = NULL; int cmd_len; int n; char *tempbuf = malloc(2048); trim2(reader->userscript); FILE *pFile = fopen(reader->userscript, "rt"); if(pFile != NULL) { uchar ignoreProvid = 0; uchar crypted = 0; uchar cryptkey = 0; do { tempbuf[0] = '\0'; if(usercmd != NULL) free(usercmd); if(fgets(tempbuf, 2048, pFile) == NULL) continue; if(strlen(tempbuf) < 10) continue; trim2(tempbuf); ignoreProvid = 0; crypted = 0; cryptkey = 0; if(tempbuf[0] == '8' && tempbuf[1] == '6' && csystem_data->provider == 0x11) ignoreProvid = 1; else if(strncmp(tempbuf ,"REG2" ,4) == 0) { dre_read_ee(reader, &tempbuf[4] ,csystem_data->provider); continue; } else if(strncmp(tempbuf ,"CR" ,2) == 0) { crypted = 1; cryptkey = ((tempbuf[2] - (tempbuf[2] > 0x39 ? 0x37:0x30)) << 4) + ((tempbuf[3] - (tempbuf[3] > 0x39 ? 0x37:0x30)) & 0xF); } else if(tempbuf[0] != '5' && tempbuf[1] != '9') continue; strtoupper(tempbuf); cmd_len = strlen(tempbuf) / 2 - 3 + ignoreProvid - (crypted * 2); usercmd = malloc(cmd_len); for(i=0,n= 4+(crypted * 4);i<cmd_len;i++,n+=2) { usercmd[i] = ((tempbuf[n] - (tempbuf[n] > 0x39 ? 0x37:0x30)) << 4) + ((tempbuf[n+1] - (tempbuf[n+1] > 0x39 ? 0x37:0x30)) & 0xF); } /*if(usercmd[cmd_len-1] != csystem_data->provider && !ignoreProvid) { rdr_log(reader, "Skip script: current provid %02X , script provid %02X", csystem_data->provider, usercmd[cmd_len-1]); continue; } */ rdr_log(reader, "User script: %s", tempbuf); /*ret =*/ rdr_log(reader, "Script %s", (dre_script(usercmd, cmd_len, ignoreProvid, crypted, cryptkey)) ? "done" : "error"); } while(!feof(pFile)); } else { rdr_log(reader, "Can't open script file (%s)", reader->userscript); } //if(usercmd != NULL) free(usercmd); if(tempbuf != NULL) free(tempbuf); } if(csystem_data->provider == 0x11) { memset(reader->prid[1], 0x00, 8); reader->prid[1][3] = 0xFE; reader->nprov = 2; } if(!dre_set_provider_info(reader)) { return ERROR; } //fatal error rdr_log(reader, "ready for requests"); return OK; }
static int32_t dre_card_init (struct s_reader * reader, ATR *newatr) { get_atr; def_resp; uchar ua[] = { 0x43, 0x15 }; // get serial number (UA) uchar providers[] = { 0x49, 0x15 }; // get providers int32_t i; char *card; char tmp[9]; if ((atr[0] != 0x3b) || (atr[1] != 0x15) || (atr[2] != 0x11) || (atr[3] != 0x12) || ( ((atr[4] != 0xca) || (atr[5] != 0x07)) && ((atr[4] != 0x01) || (atr[5] != 0x01)) )) return ERROR; reader->provider = atr[6]; uchar checksum = xor (atr + 1, 6); if (checksum != atr[7]) rdr_log(reader, "warning: expected ATR checksum %02x, smartcard reports %02x", checksum, atr[7]); switch (atr[6]) { case 0x11: card = "Tricolor Centr"; reader->caid = 0x4ae1; break; //59 type card = MSP (74 type = ATMEL) case 0x12: card = "Cable TV"; reader->caid = 0x4ae1; //TODO not sure about this one break; case 0x14: card = "Tricolor Syberia / Platforma HD new"; reader->caid = 0x4ae1; break; //59 type card case 0x15: card = "Platforma HD / DW old"; reader->caid = 0x4ae1; break; //59 type card default: card = "Unknown"; reader->caid = 0x4ae1; break; } memset (reader->prid, 0x00, 8); static const uchar cmd30[] = { 0x30, 0x81, 0x00, 0x81, 0x82, 0x03, 0x84, 0x05, 0x06, 0x87, 0x08, 0x09, 0x00, 0x81, 0x82, 0x03, 0x84, 0x05, 0x00 }; dre_cmd (cmd30); //unknown command, generates error on card 0x11 and 0x14 /* response: 59 03 E2 E3 FE 48 */ uchar cmd54[] = { 0x54, 0x14 }; // geocode cmd54[1] = reader->provider; uchar geocode = 0; if ((dre_cmd (cmd54))) //error would not be fatal, like on 0x11 cards geocode = cta_res[3]; providers[1] = reader->provider; if (!(dre_cmd (providers))) return ERROR; //fatal error if ((cta_res[cta_lr - 2] != 0x90) || (cta_res[cta_lr - 1] != 0x00)) return ERROR; uchar provname[128]; for (i = 0; ((i < cta_res[2] - 6) && (i < 128)); i++) { provname[i] = cta_res[6 + i]; if (provname[i] == 0x00) break; } int32_t major_version = cta_res[3]; int32_t minor_version = cta_res[4]; ua[1] = reader->provider; dre_cmd (ua); //error would not be fatal int32_t hexlength = cta_res[1] - 2; //discard first and last byte, last byte is always checksum, first is answer code reader->hexserial[0] = 0; reader->hexserial[1] = 0; memcpy (reader->hexserial + 2, cta_res + 3, hexlength); int32_t low_dre_id = ((cta_res[4] << 16) | (cta_res[5] << 8) | cta_res[6]) - 48608; int32_t dre_chksum = 0; uchar buf[32]; snprintf ((char *)buf, sizeof(buf), "%i%i%08i", reader->provider - 16, major_version + 1, low_dre_id); for (i = 0; i < 32; i++) { if (buf[i] == 0x00) break; dre_chksum += buf[i] - 48; } rdr_log (reader, "type: DRE Crypt, caid: %04X, serial: {%s}, dre id: %i%i%i%08i, geocode %i, card: %s v%i.%i", reader->caid, cs_hexdump(0, reader->hexserial + 2, 4, tmp, sizeof(tmp)), dre_chksum, reader->provider - 16, major_version + 1, low_dre_id, geocode, card, major_version, minor_version); rdr_log (reader, "Provider name:%s.", provname); memset (reader->sa, 0, sizeof (reader->sa)); memcpy (reader->sa[0], reader->hexserial + 2, 1); //copy first byte of unique address also in shared address, because we dont know what it is... rdr_log_sensitive(reader, "SA = %02X%02X%02X%02X, UA = {%s}", reader->sa[0][0], reader->sa[0][1], reader->sa[0][2], reader->sa[0][3], cs_hexdump(0, reader->hexserial + 2, 4, tmp, sizeof(tmp))); reader->nprov = 1; if (!dre_set_provider_info (reader)) return ERROR; //fatal error rdr_log(reader, "ready for requests"); return OK; }