|
@@ -51,13 +51,13 @@ static int cs378x_recv(struct camd *c, uint8_t *data, int *data_len) {
|
51
|
51
|
if (r < 4)
|
52
|
52
|
return -1;
|
53
|
53
|
uint32_t auth_token = (((data[0] << 24) | (data[1] << 16) | (data[2]<<8) | data[3]) & 0xffffffffL);
|
54
|
|
- if (auth_token != c->auth_token)
|
55
|
|
- ts_LOGf("WARN: recv auth 0x%08x != camd_auth 0x%08x\n", auth_token, c->auth_token);
|
|
54
|
+ if (auth_token != c->cs378x.auth_token)
|
|
55
|
+ ts_LOGf("WARN: recv auth 0x%08x != camd_auth 0x%08x\n", auth_token, c->cs378x.auth_token);
|
56
|
56
|
|
57
|
57
|
*data_len = 256;
|
58
|
58
|
for (i = 0; i < *data_len; i += 16) { // Read and decrypt payload
|
59
|
59
|
fdread(c->server_fd, (char *)data + i, 16);
|
60
|
|
- AES_decrypt(data + i, data + i, &c->aes_decrypt_key);
|
|
60
|
+ AES_decrypt(data + i, data + i, &c->cs378x.aes_decrypt_key);
|
61
|
61
|
if (i == 0)
|
62
|
62
|
*data_len = boundary(4, data[1] + 20); // Initialize real data length
|
63
|
63
|
}
|
|
@@ -71,31 +71,31 @@ static int cs378x_send_buf(struct camd *c, int data_len) {
|
71
|
71
|
cs378x_connect(c);
|
72
|
72
|
|
73
|
73
|
// Prepare auth token (only once)
|
74
|
|
- if (!c->auth_token) {
|
75
|
|
- c->auth_token = crc32(0L, MD5((unsigned char *)c->user, strlen(c->user), dump), 16);
|
|
74
|
+ if (!c->cs378x.auth_token) {
|
|
75
|
+ c->cs378x.auth_token = crc32(0L, MD5((unsigned char *)c->user, strlen(c->user), dump), 16);
|
76
|
76
|
|
77
|
77
|
MD5((unsigned char *)c->pass, strlen(c->pass), dump);
|
78
|
78
|
|
79
|
|
- AES_set_encrypt_key(dump, 128, &c->aes_encrypt_key);
|
80
|
|
- AES_set_decrypt_key(dump, 128, &c->aes_decrypt_key);
|
|
79
|
+ AES_set_encrypt_key(dump, 128, &c->cs378x.aes_encrypt_key);
|
|
80
|
+ AES_set_decrypt_key(dump, 128, &c->cs378x.aes_decrypt_key);
|
81
|
81
|
}
|
82
|
82
|
|
83
|
|
- uint8_t *bdata = c->buf + 4; // Leave space for auth token
|
84
|
|
- memmove(bdata, c->buf, data_len); // Move data
|
85
|
|
- init_4b(c->auth_token, c->buf); // Put authentication token
|
|
83
|
+ uint8_t *bdata = c->cs378x.buf + 4; // Leave space for auth token
|
|
84
|
+ memmove(bdata, c->cs378x.buf, data_len); // Move data
|
|
85
|
+ init_4b(c->cs378x.auth_token, c->cs378x.buf); // Put authentication token
|
86
|
86
|
|
87
|
87
|
for (i = 0; i < data_len; i += 16) // Encrypt payload
|
88
|
|
- AES_encrypt(bdata + i, bdata + i, &c->aes_encrypt_key);
|
|
88
|
+ AES_encrypt(bdata + i, bdata + i, &c->cs378x.aes_encrypt_key);
|
89
|
89
|
|
90
|
|
- return fdwrite(c->server_fd, (char *)c->buf, data_len + 4);
|
|
90
|
+ return fdwrite(c->server_fd, (char *)c->cs378x.buf, data_len + 4);
|
91
|
91
|
}
|
92
|
92
|
|
93
|
93
|
static void cs378x_buf_init(struct camd *c, uint8_t *data, int data_len) {
|
94
|
|
- memset(c->buf, 0, CAMD35_HDR_LEN); // Reset header
|
95
|
|
- memset(c->buf + CAMD35_HDR_LEN, 0xff, CAMD35_BUF_LEN - CAMD35_HDR_LEN); // Reset data
|
96
|
|
- c->buf[1] = data_len; // Data length
|
97
|
|
- init_4b(crc32(0L, data, data_len), c->buf + 4); // Data CRC is at buf[4]
|
98
|
|
- memcpy(c->buf + CAMD35_HDR_LEN, data, data_len); // Copy data to buf
|
|
94
|
+ memset(c->cs378x.buf, 0, CAMD35_HDR_LEN); // Reset header
|
|
95
|
+ memset(c->cs378x.buf + CAMD35_HDR_LEN, 0xff, CAMD35_BUF_LEN - CAMD35_HDR_LEN); // Reset data
|
|
96
|
+ c->cs378x.buf[1] = data_len; // Data length
|
|
97
|
+ init_4b(crc32(0L, data, data_len), c->cs378x.buf + 4); // Data CRC is at buf[4]
|
|
98
|
+ memcpy(c->cs378x.buf + CAMD35_HDR_LEN, data, data_len); // Copy data to buf
|
99
|
99
|
}
|
100
|
100
|
|
101
|
101
|
static int cs378x_do_ecm(struct camd *c, uint16_t ca_id, uint16_t service_id, uint16_t idx, uint8_t *data, uint8_t data_len) {
|
|
@@ -104,13 +104,13 @@ static int cs378x_do_ecm(struct camd *c, uint16_t ca_id, uint16_t service_id, ui
|
104
|
104
|
|
105
|
105
|
cs378x_buf_init(c, data, (int)data_len);
|
106
|
106
|
|
107
|
|
- c->buf[0] = 0x00; // CMD ECM request
|
108
|
|
- init_2b(service_id , c->buf + 8);
|
109
|
|
- init_2b(ca_id , c->buf + 10);
|
110
|
|
- init_4b(provider_id, c->buf + 12);
|
111
|
|
- init_2b(idx , c->buf + 16);
|
112
|
|
- c->buf[18] = 0xff;
|
113
|
|
- c->buf[19] = 0xff;
|
|
107
|
+ c->cs378x.buf[0] = 0x00; // CMD ECM request
|
|
108
|
+ init_2b(service_id , c->cs378x.buf + 8);
|
|
109
|
+ init_2b(ca_id , c->cs378x.buf + 10);
|
|
110
|
+ init_4b(provider_id, c->cs378x.buf + 12);
|
|
111
|
+ init_2b(idx , c->cs378x.buf + 16);
|
|
112
|
+ c->cs378x.buf[18] = 0xff;
|
|
113
|
+ c->cs378x.buf[19] = 0xff;
|
114
|
114
|
|
115
|
115
|
return cs378x_send_buf(c, to_send);
|
116
|
116
|
}
|
|
@@ -121,15 +121,15 @@ static int cs378x_do_emm(struct camd *c, uint16_t ca_id, uint8_t *data, uint8_t
|
121
|
121
|
|
122
|
122
|
cs378x_buf_init(c, data, (int)data_len);
|
123
|
123
|
|
124
|
|
- c->buf[0] = 0x06; // CMD incomming EMM
|
125
|
|
- init_2b(ca_id , c->buf + 10);
|
126
|
|
- init_4b(prov_id, c->buf + 12);
|
|
124
|
+ c->cs378x.buf[0] = 0x06; // CMD incomming EMM
|
|
125
|
+ init_2b(ca_id , c->cs378x.buf + 10);
|
|
126
|
+ init_4b(prov_id, c->cs378x.buf + 12);
|
127
|
127
|
|
128
|
128
|
return cs378x_send_buf(c, to_send);
|
129
|
129
|
}
|
130
|
130
|
|
131
|
131
|
static int cs378x_get_cw(struct camd *c, uint16_t *ca_id, uint16_t *idx, uint8_t *cw) {
|
132
|
|
- uint8_t *data = c->buf;
|
|
132
|
+ uint8_t *data = c->cs378x.buf;
|
133
|
133
|
int data_len = 0;
|
134
|
134
|
int ret = 0;
|
135
|
135
|
|