The CAS presented here refers to a single SimulCrypt encryption algorithm. In order to be able to use TVCAS smartcards in conjunction with subscriber equipment, Conax support (here exchange protocol for 9600 baud) has been implemented. I have tested and successfully working the modules depicted below...
They all work the same way, the only difference is in the label. Smartcards are shared in oscam/wicard with typical config for conax, however, a request counter is implemented that allows you to open no more than two channels at a time. If the limit is exceeded, the card goes to not found
and will be block for a 7 days. The limit of two channels is due to the fact that in nature there are prefixes that allow you to record another when watching one channel.
config.php
file.
http://tvcas.local/api.php?api_key=mysecretkey123&serial_no=2100000000&set[name]=Jack%20London&set[info]=Sepapaya%20st.1-23&set[pair]=0&set[start]=1234567890&set[finish]=1234567890&set[access_criteria]=00000001
{"serial_no":"2100000000","name":"Ivan Petrov","info":"Zelyonaya street 123-234","access_criteria":"01010101","pair":"0","start":"1586693700","finish":"1589285580"}
NOT_VALID_API_KEY
— api_key not in accordance with config.phpSMARDCARD_NOT_FOUND
— smartcard not found in database TVCAS;UNKNOWN_SET_PARAMETER
— one or more parameters are unknown;ACCESS_CRITERIA_ERROR
— access_criteria different from range 00000000-FFFFFFFF;PAIR_ERROR
— pair different from template (may be 1 or 0);START_ERROR
— different from template UNIX (10 digits)FINISH_ERROR
— different from template UNIX (10 digits)
Principle of operation
Two connections are established between the MUX-scrambler (on the Astra 5.65 diagram) and TVCAS-MUX is connected to the shared ECMG port (connect 1)
, and EMMG is connected to the MUX port (connect 2)
.
Connect 1
is required to transmit the ECM packet. MUX generates the keys CW1 and CW2, gives them to the ECMG generator, and the latter transmits a scripted packet (ECM), which is subsequently included in the stream with a specific PID. This encrypted package contains three main parameters: current time, keys (CW1 and CW2) and Access Criteria (within this CAS, this is a sign of a package TV-program). The ECM package is intended for all smartcards.
Connect 2
serves for the transmission of EMM packets. EMMG generates packets for each smartcard (if its status is active) and transfers it to MUX. Thus, each EMM package is intended only for a specific smartcard.
Data is encrypted using an algorithm similar to Triple DES (3DES-ECB). It uses a Feistel network and a multi-round bit shift. The secret here is only the KEY. Without it, it is not possible to decrypt the package. The keys are in the TVCAS server database and on the programmed smart cards. If everything is safe with smartcards - fuses are protected against reading code and memory, then it is much more difficult with the server - worry about the security of keys, starting from personnel, ending with using only a local machine for this purpose without access to the Internet!
apt-get install mc sudo apache2 php libapache2-mod-php mariadb-server php-mysql
/etc/sudoers
file next lines:
www-data ALL=(ALL) NOPASSWD: /usr/bin/perl
www-data ALL=(ALL) NOPASSWD: /var/www/html/cas/bin/ecmg.php
www-data ALL=(ALL) NOPASSWD: /var/www/html/cas/bin/emmg.php
www-data ALL=(ALL) NOPASSWD: /bin/kill
www-data ALL=(ALL) NOPASSWD: /bin/rm
www-data ALL=(ALL) NOPASSWD: /usr/bin/tail
service sudo restart
/etc/crontab
file (dont forget about the carriage transfer [ENTER] at the end of the line):
*/1 * * * * root /var/www/html/cas/bin/cron1min.php &
rm -rf /var/www/html
wget https://tvcas.com/tvcas3.tar.gz
tar -C /var/www -xf tvcas3.tar.gz
rm tvcas3.tar.gz
root@tvcas:~# mysql
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 3253192
Server version: 10.3.18-MariaDB-0+deb10u1 Debian 10
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> CREATE USER 'tvcas'@'localhost' IDENTIFIED BY 'tvmastercas';
Query OK, 0 rows affected (0.003 sec)
MariaDB [(none)]> CREATE DATABASE tvcas CHARACTER SET utf8 COLLATE utf8_general_ci;
Query OK, 1 row affected (0.007 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON tvcas.* TO 'tvcas'@'localhost';
Query OK, 1 row affected (0.007 sec)
MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 1 row affected (0.002 sec)
MariaDB [(none)]> Ctrl-C -- exit!
Aborted
root@tvcas:~# mysql -u tvcas -ptvmastercas tvcas < /var/www/html/tvcas.sql
root@tvcas:~# rm /var/www/html/tvcas.sql
http://tvcas.local/cas
, admin/admin), logs are available here, creation of new smartcards, generators and an entrance for the system operator (http://tvcas.local/
, oper/oper) - a panel with basic viewing/control functions./var/www/html/includes/config.php
:php.ini
file), then leave the zone parameter as is. If not, then, for example, for Moscow (Europe/Moscow) 'zone' => "+0300"
The ACCESS CRITERIA parameter is 4 hexadecimal bytes. As mentioned above, the system supports up to 32 TV-packages. If you decompose 4 bytes (for example, 00 00 00 A0) in binary notation, we get 32 bits. Each bit is responsible for belonging to its own packet (for example, 0000 0000 0000 0000 0000 0000 1010 0000). In Astra, the ACCESS CRITERIA parameter corresponds to which packages the channel belongs to, and on the smartcard - which TV-packages are connected to the subscription of this smartcard.
Secure smartcards are used for this version of TVCAS3 - THC20F17BD-V40. Manual here. Blank smartcards you can be ordered through this form.
Because these cards are popular with mobile operators as SIM chips, indicate in the order that you need a standard form factor (without a cutout for SIM).
PROGRAMMING THC20F17BD-V40
To program the THC20F17BD-V40 smartcard, you need a standard Phoenix-programmer. You can buy it here or assemble it using this scheme. Settings for the programmer: 5V / 3.57 Mhz. Next step, you need uploader (for Windows or Linux) and CONFIG bin-file from admin panel. Uploader this console application with built-in firmware. After connecting the Phoenix-programmer, determine which COM-port number is assigned to it.
Sources codes: TVCAS3.RAR (the archive has a password. if you are interested in the password contact @unidiag)
root@tvcas:~# wget https://tvcas.com/uploader_x64
root@tvcas:~# chmod +x uploader_x64
root@tvcas:~# ./uploader_x64 0 210-000-000-4.bin
// example. your ttyUSBN (or COMN) look in system