[From nobody Mon Aug 29 15:22:52 2005
X-From-Line: marc.abramson@free.fr Mon Aug 29 12:41:05 2005
Return-path: &lt;marc.abramson@free.fr&gt;
Envelope-to: domi@localhost
Delivery-date: Mon, 29 Aug 2005 12:41:05 +0200
Received: from localhost ([127.0.0.1]) by gandalf with esmtp (Exim 4.52)
	id 1E9h4Y-0004jD-Ni
	for domi@localhost; Mon, 29 Aug 2005 12:41:04 +0200
Delivered-To: online.fr-domi.dumont@free.fr
Received: from imap.free.fr [212.27.48.2]
	by localhost with IMAP (fetchmail-6.2.5)
	for domi@localhost (single-drop); Mon, 29 Aug 2005 12:41:02 +0200 (CEST)
Received: (qmail 2064 invoked from network); 29 Aug 2005 10:40:16 -0000
Received: from postfix3-2.free.fr (213.228.0.169)
	by mrelay3-2.free.fr with SMTP; 29 Aug 2005 10:40:16 -0000
Received: from imp3-q.free.fr (imp3-g19.free.fr [212.27.42.3])
	by postfix3-2.free.fr (Postfix) with ESMTP id B47ACC019;
	Mon, 29 Aug 2005 12:40:15 +0200 (CEST)
Received: by imp3-q.free.fr (Postfix, from userid 33)
	id 9A4DE4729F; Mon, 29 Aug 2005 12:40:15 +0200 (MEST)
Received: from gam75-1-81-57-22-129.fbx.proxad.net
	(gam75-1-81-57-22-129.fbx.proxad.net [81.57.22.129]) by imp4.free.fr
	(Horde) with HTTP for &lt;marc.abramson@free.fr&gt;; Mon, 29 Aug 2005 12:40:15
	+0200
Message-ID: &lt;20050829124015.rl9ij5u3eu8gokk8@imp4.free.fr&gt;
Date: Mon, 29 Aug 2005 12:40:15 +0200
From: marc.abramson@free.fr
To: vdr@linuxtv.org
Cc: Dominique Dumont &lt;domi.dumont@free.fr&gt;
References: &lt;87u0h99mn6.fsf@gandalf.hd.free.fr&gt;
In-Reply-To: &lt;87u0h99mn6.fsf@gandalf.hd.free.fr&gt;
User-Agent: Internet Messaging Program (IMP) H3 (4.0.2)
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: marc.abramson@free.fr
Subject: Re:  [vdr] Querying CAM doesn't work
X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on gandalf.hd.free.fr
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,NO_REAL_NAME 
	autolearn=no version=3.0.4
X-SA-Exim-Version: 4.2 (built Thu, 03 Mar 2005 10:44:12 +0100)
X-SA-Exim-Scanned: Yes (on gandalf)
Lines: 90
Xref: gandalf.hd.free.fr mail.misc:9024
MIME-Version: 1.0

Hello Klaus.

you are 100% right. The EN50221 spec does clearly define a QUERY procedure.
However, this query is not correctly handle by a lot of module, because for a
lot of different CA_smart_card, the only way to be 100% sure if the smart card
is able or not to descramble something is to request a real descrambling. But
then, if it works, it means that the smart card will also have started to
descrambling, and also (depending of what was in the encryption message), to
use token or the card, or to start a preview...


 From all the CA_system I know , there is only  one CA system for which the
smartcard itself allow a query that will not start &quot;consumming&quot; anything, but
only answer the query.


another reason is that doing a query to the card is most of the time 
silly. For
example, imagine that the card has not received the monthly subscription.. so,
the answer to the query will be 'descrambling not possible' and the host will
then NOT request a descrambling... but then, if the card receive the
subscription in the next 10 s after the query, the card would be able to
descrypt. So, using correctly the query means also doing a query periodicaly .


anyway, I do agree that, even if the query is not working well on the 
card side,
a module shall not be disturbed by a query, and shall answer...  I can 
not speak
for the SCM module , since I don't how they react. Concerning the ASTON 
module ,
all the ASTON V2.0 module (the one with a green led) are fully supporting the
query... even if some of them are alway answering by &quot;ok: descrambling
possible&quot; , even if the smartcard does not contains the subscription. For the
aston module, the answer ok means &quot;descrambling MAY be
possible&quot;.. and not &quot;descrambling is possible&quot;.

for some Aston module, depending of the CA_system, the module react in 
a better
way.. It check if there is smart card in the module, and, if yes, it check if
the smart card does correspond to the operator targeted by the stream. and, it
answer &quot;OK&quot; if this 2 conditions are ok, or &quot;descramling not possible&quot; in all
other case.

And, for one of the last module done at Aston,  with one CA_system, 
(I'm sorry,
but I can not give name, because we have signed some NDA with all CA_system),
the smart card is able to do a query, and then the module does answer 
correctly
in all cases.


For ALL OTHER MODULES, (MATRIC, MAGIC, POWERCAM, REALITY, PREDATOR), 
this module
are ILLEGAL , since they are copying patended system. The guys which are the
author of this things are also only interesting to make money, and to 
to give a
real service, with a support. So, you can not expect this kind of module to be
compliant with the EN50221 norm.


According to EN 50221 an application should be able to query
whether a given CAM can decrypt an actual broadcast by sending
it a CA_PMT with a ca_pmt_cmd_id of &quot;query&quot; instead of &quot;ok_descrambling&quot;.

However, if I change the line

   capmt[length++] = CPCI_OK_DESCRAMBLING;

in VDR/ci.c to

   capmt[length++] = CPCI_QUERY;

I never get a ca_pmt_reply as specified in EN 50221, section 8.4.3.5.

Does anybody have an idea why that is so?
Is there a bug in VDR's CAM handling?
Could it be that the CAMs I have just don't behave correctly?

The reason why I'd like this to work is because if somebody
has more than one device with CAMs that supports a certain encryption
method, but only one of them has an actual smart card in it
and can thus actually decrypt, it is important that VDR selects the
right device. However, it can't do so if the CAM doesn't react
on a query.

Klaus


]