1 | #include "globals.h"
|
---|
2 | #include "oscam-aes.h"
|
---|
3 | #include "oscam-garbage.h"
|
---|
4 | #include "oscam-string.h"
|
---|
5 |
|
---|
6 | void aes_set_key(struct aes_keys *aes, char *key)
|
---|
7 | {
|
---|
8 | AES_set_decrypt_key((const unsigned char *)key, 128, &aes->aeskey_decrypt);
|
---|
9 | AES_set_encrypt_key((const unsigned char *)key, 128, &aes->aeskey_encrypt);
|
---|
10 | }
|
---|
11 |
|
---|
12 | void aes_decrypt(struct aes_keys *aes, uchar *buf, int32_t n)
|
---|
13 | {
|
---|
14 | int32_t i;
|
---|
15 | for(i = 0; i < n; i += 16)
|
---|
16 | {
|
---|
17 | AES_decrypt(buf + i, buf + i, &aes->aeskey_decrypt);
|
---|
18 | }
|
---|
19 | }
|
---|
20 |
|
---|
21 | void aes_encrypt_idx(struct aes_keys *aes, uchar *buf, int32_t n)
|
---|
22 | {
|
---|
23 | int32_t i;
|
---|
24 | for(i = 0; i < n; i += 16)
|
---|
25 | {
|
---|
26 | AES_encrypt(buf + i, buf + i, &aes->aeskey_encrypt);
|
---|
27 | }
|
---|
28 | }
|
---|
29 |
|
---|
30 | /* Creates an AES_ENTRY and adds it to the given linked list. */
|
---|
31 | void add_aes_entry(AES_ENTRY **list, uint16_t caid, uint32_t ident, int32_t keyid, uchar *aesKey)
|
---|
32 | {
|
---|
33 | AES_ENTRY *new_entry, *next, *current;
|
---|
34 |
|
---|
35 | // create the AES key entry for the linked list
|
---|
36 | if(!cs_malloc(&new_entry, sizeof(AES_ENTRY)))
|
---|
37 | { return; }
|
---|
38 |
|
---|
39 | memcpy(new_entry->plainkey, aesKey, 16);
|
---|
40 | new_entry->caid = caid;
|
---|
41 | new_entry->ident = ident;
|
---|
42 | new_entry->keyid = keyid;
|
---|
43 | if(memcmp(aesKey, "\xFF\xFF", 2))
|
---|
44 | {
|
---|
45 | AES_set_decrypt_key((const unsigned char *)aesKey, 128, &(new_entry->key));
|
---|
46 | // cs_log("adding key : %s",cs_hexdump(1,aesKey,16, tmp, sizeof(tmp)));
|
---|
47 | }
|
---|
48 | else
|
---|
49 | {
|
---|
50 | memset(&new_entry->key, 0, sizeof(AES_KEY));
|
---|
51 | // cs_log("adding fake key");
|
---|
52 | }
|
---|
53 | new_entry->next = NULL;
|
---|
54 |
|
---|
55 | //if list is empty, new_entry is the new head
|
---|
56 | if(!*list)
|
---|
57 | {
|
---|
58 | *list = new_entry;
|
---|
59 | return;
|
---|
60 | }
|
---|
61 |
|
---|
62 | //append it to the list
|
---|
63 | current = *list;
|
---|
64 | next = current->next;
|
---|
65 | while(next)
|
---|
66 | {
|
---|
67 | current = next;
|
---|
68 | next = current->next;
|
---|
69 | }
|
---|
70 | current->next = new_entry;
|
---|
71 | }
|
---|
72 |
|
---|
73 | /* Parses a single AES_KEYS entry and assigns it to the given list.
|
---|
74 | The expected format for value is caid1@ident1:key0,key1 */
|
---|
75 | void parse_aes_entry(AES_ENTRY **list, char *label, char *value)
|
---|
76 | {
|
---|
77 | uint16_t caid, dummy;
|
---|
78 | uint32_t ident;
|
---|
79 | int32_t len;
|
---|
80 | char *tmp;
|
---|
81 | int32_t nb_keys, key_id;
|
---|
82 | uchar aes_key[16];
|
---|
83 | char *save = NULL;
|
---|
84 |
|
---|
85 | tmp = strtok_r(value, "@", &save);
|
---|
86 |
|
---|
87 | //if we got error caid
|
---|
88 | len = strlen(tmp);
|
---|
89 | if(len == 0 || len > 4) { return; }
|
---|
90 |
|
---|
91 | //if there is not value after @
|
---|
92 | len = strlen(save);
|
---|
93 | if(len == 0) { return; }
|
---|
94 |
|
---|
95 | caid = a2i(tmp, 2);
|
---|
96 | tmp = strtok_r(NULL, ":", &save);
|
---|
97 |
|
---|
98 | //if we got error ident
|
---|
99 | len = strlen(tmp);
|
---|
100 | if(len == 0 || len > 6) { return; }
|
---|
101 |
|
---|
102 | ident = a2i(tmp, 3);
|
---|
103 |
|
---|
104 | // now we need to split the key and add the entry to the reader.
|
---|
105 | nb_keys = 0;
|
---|
106 | key_id = 0;
|
---|
107 | while((tmp = strtok_r(NULL, ",", &save)))
|
---|
108 | {
|
---|
109 | dummy = 0;
|
---|
110 | len = strlen(tmp);
|
---|
111 | if(len != 32)
|
---|
112 | {
|
---|
113 | dummy = a2i(tmp, 1);
|
---|
114 | // FF means the card will do the AES decrypt
|
---|
115 | // 00 means we don't have the aes.
|
---|
116 | if((dummy != 0xFF && dummy != 0x00) || len > 2)
|
---|
117 | {
|
---|
118 | key_id++;
|
---|
119 | cs_log("AES key length error .. not adding");
|
---|
120 | continue;
|
---|
121 | }
|
---|
122 | if(dummy == 0x00)
|
---|
123 | {
|
---|
124 | key_id++;
|
---|
125 | continue;
|
---|
126 | }
|
---|
127 | }
|
---|
128 | nb_keys++;
|
---|
129 | if(dummy)
|
---|
130 | { memset(aes_key, 0xFF, 16); }
|
---|
131 | else
|
---|
132 | { key_atob_l(tmp, aes_key, 32); }
|
---|
133 | // now add the key to the reader... TBD
|
---|
134 | add_aes_entry(list, caid, ident, key_id, aes_key);
|
---|
135 | key_id++;
|
---|
136 | }
|
---|
137 |
|
---|
138 | cs_log("%d AES key(s) added on reader %s for %04x:%06x", nb_keys, label, caid, ident);
|
---|
139 | }
|
---|
140 |
|
---|
141 | /* Clears all entries from an AES list*/
|
---|
142 | void aes_clear_entries(AES_ENTRY **list)
|
---|
143 | {
|
---|
144 | AES_ENTRY *current, *next;
|
---|
145 | current = NULL;
|
---|
146 | next = *list;
|
---|
147 | while(next)
|
---|
148 | {
|
---|
149 | current = next;
|
---|
150 | next = current->next;
|
---|
151 | add_garbage(current);
|
---|
152 | }
|
---|
153 | *list = NULL;
|
---|
154 | }
|
---|
155 |
|
---|
156 | /* Parses multiple AES_KEYS entrys in a reader section and assigns them to the reader.
|
---|
157 | The expected format for value is caid1@ident1:key0,key1;caid2@ident2:key0,key1 */
|
---|
158 | void parse_aes_keys(struct s_reader *rdr, char *value)
|
---|
159 | {
|
---|
160 | char *entry;
|
---|
161 | char *save = NULL;
|
---|
162 | AES_ENTRY *newlist = NULL, *savelist = rdr->aes_list;
|
---|
163 |
|
---|
164 | for(entry = strtok_r(value, ";", &save); entry; entry = strtok_r(NULL, ";", &save))
|
---|
165 | {
|
---|
166 | parse_aes_entry(&newlist, rdr->label, entry);
|
---|
167 | }
|
---|
168 | rdr->aes_list = newlist;
|
---|
169 | aes_clear_entries(&savelist);
|
---|
170 |
|
---|
171 | /*
|
---|
172 | AES_ENTRY *current;
|
---|
173 | current=rdr->aes_list;
|
---|
174 | while(current) {
|
---|
175 | cs_log("**************************");
|
---|
176 | cs_log("current = %p",current);
|
---|
177 | cs_log("CAID = %04x",current->caid);
|
---|
178 | cs_log("IDENT = %06x",current->ident);
|
---|
179 | cs_log("keyID = %d",current->keyid);
|
---|
180 | cs_log("next = %p",current->next);
|
---|
181 | cs_log("**************************");
|
---|
182 | current=current->next;
|
---|
183 | }
|
---|
184 | */
|
---|
185 | }
|
---|
186 |
|
---|
187 | static AES_ENTRY *aes_list_find(AES_ENTRY *list, uint16_t caid, uint32_t provid, int32_t keyid)
|
---|
188 | {
|
---|
189 | AES_ENTRY *current = list;
|
---|
190 | while(current)
|
---|
191 | {
|
---|
192 | if(current->caid == caid && current->ident == provid && current->keyid == keyid)
|
---|
193 | { break; }
|
---|
194 | current = current->next;
|
---|
195 | }
|
---|
196 | if(!current)
|
---|
197 | {
|
---|
198 | cs_log("AES Decrypt : key id %d not found for CAID %04X , provider %06x", keyid, caid, provid);
|
---|
199 | return NULL;
|
---|
200 | }
|
---|
201 | return current;
|
---|
202 | }
|
---|
203 |
|
---|
204 |
|
---|
205 | int32_t aes_decrypt_from_list(AES_ENTRY *list, uint16_t caid, uint32_t provid, int32_t keyid, uchar *buf, int32_t n)
|
---|
206 | {
|
---|
207 | AES_ENTRY *current = aes_list_find(list, caid, provid, keyid);
|
---|
208 | if(!current)
|
---|
209 | { return 0; }
|
---|
210 | AES_KEY dummy;
|
---|
211 | int32_t i;
|
---|
212 | // hack for card that do the AES decrypt themsleves
|
---|
213 | memset(&dummy, 0, sizeof(AES_KEY));
|
---|
214 | if(!memcmp(¤t->key, &dummy, sizeof(AES_KEY)))
|
---|
215 | {
|
---|
216 | return 1;
|
---|
217 | }
|
---|
218 | // decode the key
|
---|
219 | for(i = 0; i < n; i += 16)
|
---|
220 | { AES_decrypt(buf + i, buf + i, &(current->key)); }
|
---|
221 | return 1; // all ok, key decoded.
|
---|
222 | }
|
---|
223 |
|
---|
224 | int32_t aes_present(AES_ENTRY *list, uint16_t caid, uint32_t provid, int32_t keyid)
|
---|
225 | {
|
---|
226 | return aes_list_find(list, caid, provid, keyid) != NULL;
|
---|
227 | }
|
---|