How to write a Eurocrypt Emulator
=================================

This text describes how you can implement a PC based Eurocrypt
emulator. Is is based upon the text by someone called WooDy
describing implementation on a PIC card.


Hardware
--------

To use and/or develop a Eurocrypt emulator you need the
following hardware:

  1) A D2MAC decoder or a receiver with built in decoder.

  2) A PC - anything from 80286 and up should do. You might
     even be able to use a 8088.

  3) An smart card interface to connect a serial port on the
     PC to the card reader slot on the decoder.


Communication
-------------

The communication between the smartcard and the decoder is a
serial link operating at 9600 or 10000 Baud, even parity and
two stop bits. Since the same pin is used for both input and
output, all data you send will be echoded back so whenever
you send a byte to the decoder remember to read it back.

The simplest way to do the communication on the PC is to use
David Kessners serial port I/O module also known as the
async package.

All data sent and received are using the "inverse convention"
defined in the ISO 7816 standard. This means that you need to
reverse the bit-order and invert all bytes sent and received.

When you send an answer to the decoder end it with 90 00, this
is the EOL (end of line) code. Some answers need 90 08, this
is an error reply.


The cryptation
--------------

The encryption used in Eurocrypt is a modified DES algorithm.
The modification is just that the initial and final
permutations are skipped. However for Eurocrypt S2 (used by
TV2 Norway) the permutations are not skipped. Another
difference is that for normal Eurocrypt you should use the
endes() function (encryption) whereas for Eurocrypt S2 you
should use dedes() (decryption).

You can find the code in several sites, make a search! To make
the emulator run on slow PC's get a resonable fast
implementation.



Step by step
------------

The reset line from the decoder is connected to the DCD pin
via the interface. When you change channel or power up the
receiver the decoder will use this line to reset the
smart card.

1) When you detect a reset send the following bytes:

   3F 67 2F 00 11 14 00 03 68
   Dont forget the EOL (90 00)

2) Now you should enter a loop, waiting for messages from the decoder.
   The message from the decoder is always 5 byte so you can setup your
   routine to recieve 5 byte at once.

   The 5 byte (header) is made up of:
        Byte 1: Class (Not used, just throw away)
        Byte 2: INS   (Instruction save to choose what to do)
        Byte 3: P1    (Sub instruction in some cases)
        Byte 4: P2    (DATA identyifying key index)
        Byte 5: P3     The length of data.


3) Check for the following instructions:
   02, 04, 06, 24, 26, A4, AC, B8, C0, 88

   To all other commands, just send 9000 as reply.

   If the instruction is 02, 04, 06, A4, AC, B8 or C0 start by
   sending the instruction code back but only if P3 is non
   zero.

   Now we must take action, Do as follows...

 INS contains:

   02
   --
   Recieve as many bytes as the P3 tells you. If you recieved a byte
   containing 40h then send 9008 as EOL otherwise send 9000.


   04
   --
   Send:
   00 15 00 04 00 00 00 + EOL


   06
   --
   Send:
   10 02 CA 20 + EOL


   24
   --
   Recieve as many bytes as the P3 tells you and send EOL.


   26
   --
   Send 6E00 instead of EOL


   A4
   --
   Recieve as many bytes as P3 tells you. Send EOL in return.

   If P1 = 04 the bytes received is the ident for the channel. Save this
   as it will be needed later to pick the correct key.


   AC
   --
   Recieve as many bytes as P3 tells you. Send EOL in return.


   B8
   ---
   Send P3 random bytes.
   Return 9008 (error) instead of EOL.


   88
   --
   This is where the real work must be done, as this command
   contains the data that needs to be decoded.

   In this instruction you must  send 77 before each byte you recieve.

     1) Recieve and save the first P3 - 26 bytes. Lets call
        this DINFO. This data is not needed to decrypt but
        contains information such as date, theme and level.

     2) Recieve the next 8 bytes and save it in as DESDATA1.

     3) Receive another 8 bytes and save it too as DESDATA2.

     4) Recieve two bytes and throw them away

     5) Send 89 and immediatly recieve another 8 bytes (don't
        send 77 this time). Throw these away.

     6) Pick the DES-key using the ident received in
        instruction A4 and the key indes which is held in P2
        of this instruction.

     7) Use the DES-key to decrypt DESDATA1 and DESDATA2 and
        save the result.

     8) Send EOL


     To decode date, theme and level:

        DINFO should be looking somewhat like this:

        .... E1 04 dd dd tt ll ....

        Where

           ....  : some data
           dd dd : two bytes containing date.
           tt    : one byte containing theme.
           ll    : one byte containing level.

        The two byte date is coded as follows (viewed as a 16
        bit word):

        Bit 1-7   : Number of years since 1980.
        Bit 8-11  : Month
        Bit 12-16 : Date



   C0
   --
   This is where the decrypted data is returned.

     1) Send EA 10.
     2) Send your descrambled data (16 bytes)
     3) Send EOL



This is actually all that is needed to get an emulator
running.