Exemplo n.º 1
0
/*
static void cmd_test(struct s_reader *reader)
{
    def_resp;
    int i;
    uchar drecmd[] = { 0x00, 0x02 };
    char tmp[64];

    for(i = 0; i <= 0xFF; i++)
    {
        if(i == 0x45) continue;
        drecmd[0] = i;
        dre_cmd(drecmd);
        if(cta_res[2] == 0xE2)
        {
            if(cta_res[3] != 0xE3) rdr_log(reader, "cmd %02X error %02X",i ,cta_res[3]);
        }
        else
        {
            rdr_log(reader, "cmd %02X answer %s",i ,cs_hexdump(0, cta_res, cta_res[1]+2, tmp, sizeof(tmp)));
        }
    }

    uchar drecmd[64];

    //memset(drecmd, 0, 64);
    //drecmd[0] = 0x71;
    for(i = 2; i <= 64; i++)
    {
        memset(drecmd, 0, 64);
        drecmd[i-1] = 0x02;
        drecmd[0] = 0x71;

        dre_script(drecmd, i, 0, 0, 0);

        if(cta_res[2] == 0xE2)
        {
            if((cta_res[3] != 0xE2) & (cta_res[3] != 0xED)) rdr_log(reader, "Len %02X error %02X",i ,cta_res[3]);
            if((cta_res[3] & 0xF0) != 0xE0) rdr_log(reader, "Len %02X answer %s",i ,cs_hexdump(0, cta_res, cta_res[1]+2, tmp, sizeof(tmp)));
        }
        else
        {
            rdr_log(reader, "Len %02X answer %s",i ,cs_hexdump(0, cta_res, cta_res[1]+2, tmp, sizeof(tmp)));
        }
    }
}
*/
static int32_t dre_card_init(struct s_reader *reader, ATR *newatr)
{
	get_atr;
	def_resp;
	uchar ua[] = { 0x43, 0x15 };  // get serial number (UA)
	uchar providers[] = { 0x49, 0x15 };   // get providers
	uchar cmd56[] = { 0x56, 0x00 };
	int32_t i;
	char *card;
	char tmp[9];

	if((atr[0] != 0x3b) || (atr[1] != 0x15) || (atr[2] != 0x11) || (atr[3] != 0x12) || (
				((atr[4] != 0x01) || (atr[5] != 0x01)) &&
				((atr[4] != 0xca) || (atr[5] != 0x07)) &&
                ((atr[4] != 0xcb) || (atr[5] != 0x07)) &&
                ((atr[4] != 0xcc) || (atr[5] != 0x07)) &&
                ((atr[4] != 0xcd) || (atr[5] != 0x07))
			))
		{ return ERROR; }

	if(!cs_malloc(&reader->csystem_data, sizeof(struct dre_data)))
		{ return ERROR; }
	struct dre_data *csystem_data = reader->csystem_data;

	csystem_data->provider = atr[6];
	uchar checksum = xor(atr + 1, 6);

	if(checksum != atr[7])
		{ rdr_log(reader, "warning: expected ATR checksum %02x, smartcard reports %02x", checksum, atr[7]); }

	switch(atr[6])
	{
        case 0:

            if(!(dre_cmd(cmd56))) { return ERROR; }
            if((cta_res[cta_lr - 2] != 0x90) || (cta_res[cta_lr - 1] != 0x00)) { return ERROR; }

            switch(cta_res[4])
            {
                case 0x02:
                    card = "Tricolor Centr DRE3";
                    reader->caid = 0x4ae1;
                    break;
                case 0x03:
                    card = "Tricolor Syberia DRE3";
                    reader->caid = 0x4ae1;  
                    break;
                case 0x18:
                case 0x19:
                    card = "Tricolor Centr DRE4";
                    reader->caid = 0x2710;
                    break;
                case 0x1A:
                    card = "Tricolor Syberia DRE4";
                    reader->caid = 0x2710;
                    break;
                default:
                    return ERROR;
            }
            csystem_data->provider = cta_res[4];
            providers[0] = 0x83;
            break;
        case 0x11:
            card = "Tricolor Centr DRE2";
            reader->caid = 0x4ae1;
            break;          //59 type card = MSP (74 type = ATMEL)
        case 0x12:
            card = "Cable TV";
            reader->caid = 0x4ae1;  //TODO not sure about this one
            break;
        case 0x14:
            card = "Tricolor Syberia DRE2";
            reader->caid = 0x4ae1;
            break;          //59 type card
        case 0x15:
            card = "Platforma HD / DW old";
            reader->caid = 0x4ae1;
            break;          //59 type card
        default:
            return ERROR;
	}

	memset(reader->prid, 0x00, 8);

    if(atr[6] > 0)
    {
        reader->prid[0][3] = atr[6];
    }
    else
    {
        reader->prid[0][3] = csystem_data->provider;
    }

	uchar cmd54[] = { 0x54, 0x14 };   // geocode
	cmd54[1] = csystem_data->provider;
	uchar geocode = 0;
	if((dre_cmd(cmd54)))      //error would not be fatal, like on 0x11 cards
		{ geocode = cta_res[3]; }

	providers[1] = csystem_data->provider;
	if(!(dre_cmd(providers)))
		{ return ERROR; }           //fatal error
	if((cta_res[cta_lr - 2] != 0x90) || (cta_res[cta_lr - 1] != 0x00))
		{ return ERROR; }

	uchar provname[128];
	for(i = 0; ((i < cta_res[2] - 6) && (i < 128)); i++)
	{
		provname[i] = cta_res[6 + i];
		if(provname[i] == 0x00)
			{ break; }
	}

	int32_t major_version = cta_res[3];
	int32_t minor_version = cta_res[4];

	ua[1] = csystem_data->provider;
	dre_cmd(ua);          //error would not be fatal

	int32_t hexlength = cta_res[1] - 2;   //discard first and last byte, last byte is always checksum, first is answer code

    if(reader->force_ua)
    {
        rdr_log(reader, "WARNING!!!! used UA from force_ua %08X", reader->force_ua);
        memcpy(cta_res + 3, &reader->force_ua, 4);
    }

	reader->hexserial[0] = 0;
	reader->hexserial[1] = 0;
	memcpy(reader->hexserial + 2, cta_res + 3, hexlength);

	int32_t low_dre_id, dre_chksum;
	uchar buf[32];

    if(major_version < 0x3)
    {
        low_dre_id = ((cta_res[4] << 16) | (cta_res[5] << 8) | cta_res[6]) - 48608;
        dre_chksum = 0;
        snprintf((char *)buf, sizeof(buf), "%i%i%08i", csystem_data->provider - 16, major_version + 1, low_dre_id);

        for(i = 0; i < 32; i++)
        {
            if(buf[i] == 0x00)
                { break; }
            dre_chksum += buf[i] - 48;
        }

        if(major_version < 2)
        {
            reader->caid = 0x4ae0;
            card = csystem_data->provider == 0x11 ? "Tricolor Centr DRE1" : "Tricolor Syberia DRE1";
        }

        rdr_log(reader, "type: DRE Crypt, caid: %04X, serial: {%s}, dre id: %i%i%i%08i, geocode %i, card: %s v%i.%i",
                reader->caid, cs_hexdump(0, reader->hexserial + 2, 4, tmp, sizeof(tmp)), dre_chksum, csystem_data->provider - 16,
                major_version + 1, low_dre_id, geocode, card, major_version, minor_version);
    }
    else
    {
        low_dre_id = ((cta_res[4] << 16) | (cta_res[5] << 8) | cta_res[6]);
        dre_chksum = 0;
        snprintf((char *)buf, sizeof(buf), "%i%i%08i", csystem_data->provider, major_version, low_dre_id);

        for(i = 0; i < 32; i++)
        {
            if(buf[i] == 0x00)
                { break; }
            dre_chksum += buf[i] - 48;
        }
        rdr_log(reader, "type: DRE Crypt, caid: %04X, serial: {%s}, dre id: %i%03i%i%08i, geocode %i, card: %s v%i.%i",
                reader->caid, cs_hexdump(0, reader->hexserial + 2, 4, tmp, sizeof(tmp)), dre_chksum, csystem_data->provider,
                major_version, low_dre_id, geocode, card, major_version, minor_version);
    }

	rdr_log(reader, "Provider name:%s.", provname);

	memset(reader->sa, 0, sizeof(reader->sa));
	memcpy(reader->sa[0], reader->hexserial + 2, 1);  //copy first byte of unique address also in shared address, because we dont know what it is...

	rdr_log_sensitive(reader, "SA = %02X%02X%02X%02X, UA = {%s}", reader->sa[0][0], reader->sa[0][1], reader->sa[0][2],
					  reader->sa[0][3], cs_hexdump(0, reader->hexserial + 2, 4, tmp, sizeof(tmp)));

	reader->nprov = 1;

//  cmd_test(reader);

    // exec user script, wicardd format
    if(reader->userscript != NULL)
    {
        uint8_t *usercmd = NULL;
        int cmd_len;
        int n;
        char *tempbuf = malloc(2048);
        trim2(reader->userscript);
        FILE *pFile = fopen(reader->userscript, "rt");

        if(pFile != NULL)
        {
            uchar ignoreProvid = 0;
            uchar crypted = 0;
            uchar cryptkey = 0;
            do
            {
                tempbuf[0] = '\0';
                if(usercmd != NULL) free(usercmd);

                if(fgets(tempbuf, 2048, pFile) == NULL) continue;

                if(strlen(tempbuf) < 10) continue;

                trim2(tempbuf);

                ignoreProvid = 0;
                crypted = 0;
                cryptkey = 0;

                if(tempbuf[0] == '8' && tempbuf[1] == '6' && csystem_data->provider == 0x11) ignoreProvid = 1;
                else if(strncmp(tempbuf ,"REG2" ,4) == 0)
                {
                    dre_read_ee(reader, &tempbuf[4] ,csystem_data->provider);
                    continue;
                }
                else if(strncmp(tempbuf ,"CR" ,2) == 0)
                {
                    crypted = 1;
                    cryptkey = ((tempbuf[2] - (tempbuf[2] > 0x39 ? 0x37:0x30)) << 4) + ((tempbuf[3] - (tempbuf[3] > 0x39 ? 0x37:0x30)) & 0xF);
                }
                else if(tempbuf[0] != '5' && tempbuf[1] != '9') continue;

                strtoupper(tempbuf);

                cmd_len = strlen(tempbuf) / 2 - 3 + ignoreProvid - (crypted * 2);
                usercmd = malloc(cmd_len);

                for(i=0,n= 4+(crypted * 4);i<cmd_len;i++,n+=2)
                {
                    usercmd[i] = ((tempbuf[n] - (tempbuf[n] > 0x39 ? 0x37:0x30)) << 4) + ((tempbuf[n+1] - (tempbuf[n+1] > 0x39 ? 0x37:0x30)) & 0xF);
                }

                /*if(usercmd[cmd_len-1] != csystem_data->provider && !ignoreProvid)
                {
                    rdr_log(reader, "Skip script: current provid %02X , script provid %02X", csystem_data->provider, usercmd[cmd_len-1]);
                    continue;
                }
                */
                rdr_log(reader, "User script: %s", tempbuf);

                /*ret =*/ 

                rdr_log(reader, "Script %s", (dre_script(usercmd, cmd_len, ignoreProvid, crypted, cryptkey)) ? "done" : "error");
            }
            while(!feof(pFile));
        }
        else
        {
            rdr_log(reader, "Can't open script file (%s)", reader->userscript);
        }

        //if(usercmd != NULL) free(usercmd);
        if(tempbuf != NULL) free(tempbuf);
    }

    if(csystem_data->provider == 0x11)
    {
        memset(reader->prid[1], 0x00, 8);
        reader->prid[1][3] = 0xFE;
        reader->nprov = 2;
    }

	if(!dre_set_provider_info(reader))
		{ return ERROR; }           //fatal error

	rdr_log(reader, "ready for requests");
	return OK;
}
Exemplo n.º 2
0
static int32_t dre_card_init (struct s_reader * reader, ATR *newatr)
{
    get_atr;
    def_resp;
    uchar ua[] = { 0x43, 0x15 };	// get serial number (UA)
    uchar providers[] = { 0x49, 0x15 };	// get providers
    int32_t i;
    char *card;
    char tmp[9];

    if ((atr[0] != 0x3b) || (atr[1] != 0x15) || (atr[2] != 0x11) || (atr[3] != 0x12) || (
                ((atr[4] != 0xca) || (atr[5] != 0x07)) &&
                ((atr[4] != 0x01) || (atr[5] != 0x01))
            ))
        return ERROR;

    reader->provider = atr[6];
    uchar checksum = xor (atr + 1, 6);

    if (checksum != atr[7])
        rdr_log(reader, "warning: expected ATR checksum %02x, smartcard reports %02x", checksum, atr[7]);

    switch (atr[6]) {
    case 0x11:
        card = "Tricolor Centr";
        reader->caid = 0x4ae1;
        break;			//59 type card = MSP (74 type = ATMEL)
    case 0x12:
        card = "Cable TV";
        reader->caid = 0x4ae1;	//TODO not sure about this one
        break;
    case 0x14:
        card = "Tricolor Syberia / Platforma HD new";
        reader->caid = 0x4ae1;
        break;			//59 type card
    case 0x15:
        card = "Platforma HD / DW old";
        reader->caid = 0x4ae1;
        break;			//59 type card
    default:
        card = "Unknown";
        reader->caid = 0x4ae1;
        break;
    }

    memset (reader->prid, 0x00, 8);

    static const uchar cmd30[] =
    {   0x30, 0x81, 0x00, 0x81, 0x82, 0x03, 0x84, 0x05, 0x06, 0x87, 0x08, 0x09, 0x00, 0x81, 0x82, 0x03, 0x84, 0x05,
        0x00
    };
    dre_cmd (cmd30);		//unknown command, generates error on card 0x11 and 0x14
    /*
    response:
    59 03 E2 E3
    FE 48 */

    uchar cmd54[] = { 0x54, 0x14 };	// geocode
    cmd54[1] = reader->provider;
    uchar geocode = 0;
    if ((dre_cmd (cmd54)))	//error would not be fatal, like on 0x11 cards
        geocode = cta_res[3];

    providers[1] = reader->provider;
    if (!(dre_cmd (providers)))
        return ERROR;			//fatal error
    if ((cta_res[cta_lr - 2] != 0x90) || (cta_res[cta_lr - 1] != 0x00))
        return ERROR;
    uchar provname[128];
    for (i = 0; ((i < cta_res[2] - 6) && (i < 128)); i++) {
        provname[i] = cta_res[6 + i];
        if (provname[i] == 0x00)
            break;
    }
    int32_t major_version = cta_res[3];
    int32_t minor_version = cta_res[4];

    ua[1] = reader->provider;
    dre_cmd (ua);			//error would not be fatal

    int32_t hexlength = cta_res[1] - 2;	//discard first and last byte, last byte is always checksum, first is answer code

    reader->hexserial[0] = 0;
    reader->hexserial[1] = 0;
    memcpy (reader->hexserial + 2, cta_res + 3, hexlength);

    int32_t low_dre_id = ((cta_res[4] << 16) | (cta_res[5] << 8) | cta_res[6]) - 48608;
    int32_t dre_chksum = 0;
    uchar buf[32];
    snprintf ((char *)buf, sizeof(buf), "%i%i%08i", reader->provider - 16, major_version + 1, low_dre_id);
    for (i = 0; i < 32; i++) {
        if (buf[i] == 0x00)
            break;
        dre_chksum += buf[i] - 48;
    }

    rdr_log (reader, "type: DRE Crypt, caid: %04X, serial: {%s}, dre id: %i%i%i%08i, geocode %i, card: %s v%i.%i",
             reader->caid, cs_hexdump(0, reader->hexserial + 2, 4, tmp, sizeof(tmp)), dre_chksum, reader->provider - 16,
             major_version + 1, low_dre_id, geocode, card, major_version, minor_version);
    rdr_log (reader, "Provider name:%s.", provname);


    memset (reader->sa, 0, sizeof (reader->sa));
    memcpy (reader->sa[0], reader->hexserial + 2, 1);	//copy first byte of unique address also in shared address, because we dont know what it is...

    rdr_log_sensitive(reader, "SA = %02X%02X%02X%02X, UA = {%s}", reader->sa[0][0], reader->sa[0][1], reader->sa[0][2],
                      reader->sa[0][3], cs_hexdump(0, reader->hexserial + 2, 4, tmp, sizeof(tmp)));

    reader->nprov = 1;

    if (!dre_set_provider_info (reader))
        return ERROR;			//fatal error

    rdr_log(reader, "ready for requests");
    return OK;
}