Email  Print  Favorites | More

Getting Pay TV to Work With MythTV

Note: The information on this page was written a few years ago. Even though there are parts that might still be current, other parts might be outdated...

You can make Pay TV work with MythTV, providing you have a subscription, of course.

To make that work, you need a DVB-S TV card, a phoenix smart card reader and a few pieces of software.

In Australia some of the encryption systems used are NDS (aka Videoguard)  for Foxtel as well as Irdeto and/or Irdeto 2 for Austar and Optus Aurora.

Depending on which system your provider is using, you'll need to setup your card reader on a different frequency

  • Phoenix 6 Mhz for Irdeto 2
  • Phoenix 3.58 Mhz for NDS

Smart card readers normally connect to a serial port, even though there are USB ones.

I tested my system using a Jaycar smart card reader and an Infinity USB phoenix. Both worked perfectly.

The Jaycar one is cheap, but you have to assemble it yourself. As long as you have patience and know how to solder you're fine.

If you use the Infinity card, you'll have to use a program called nftytool. Infinity should provide it for you.

Once you have it compiled, to set the card reader for Videoguard, use the following command:

nftytool -p phoenix -- -f 3.58 -p phoenix -e

Once you have your card reader installed, you'll need a card reader software that is able to "talk" to the card. I tested newcs and radegast. Newcs v1.20 RC13 didn't work ok for me, it kept giving me errors, but radegast 4.2R6 did.

You'll have to google around for those applications or newer versions since they don't last long on the same server...

Card readers are like web servers. They operate on certain ports. I set radegast to run on port 10002. So basically the softcam application needs to know the address of the card reader server, the port and most likely a user name and a password. Everytime the softcam needs the keys to decrypt a video signal, it interrogates the card reader application and it returns the decrypting keys back.

In this case the car reader server will be in the same server as the softcam application. But the card reader server could be located anywhere on the Internet and have multiple softcam clients asking for decrypting keys, or what is commonly known as card sharing.

To configure radegast, you'll need two files: radegast.cfg and radegast.users

This is a radegars.cfg

#
# radegast.conf
#
# $Id: $
#
# Sample of configuration file for radegast V4 project
#
#

# -------------------------------
# Server configuration (for rdgd)
# -------------------------------
[rdgd]
ecm op mode = both
emm op mode = local
# * filter EMM suport based on remote/local access. And possibility to disable
#   EMM support at all

sw cache = 5
ca cache = 5
# * cache level for softemu and card mode. 0 = cache off
#   sw cache = when your serving others by your local rdgd soft emu ( keys )
#   ca cache = when acting as a cardserver. This value should be  at least
#              <max-number-of-connected-clients> * 2

net port = 777
# * TCP port waiting for remote rdgd connections
#   NOTE: "net ip" has to be changed to real IP address
#   of the box to enable remote access

net ip = 127.0.0.1
# * IP address where rdgd is waiting for network connection.
#   By default, only connect from the same box is allowed.

local cmd pipe = /var/tmp/rdgd.cmd
# * Location of the cmd file

softcam file = SoftCam.Key
#softcam file alternative = SoftCam.alt
#conax file = Conax.Key
autoroll file = AutoRoll.Key
#autoroll file alternative = AutoRoll.alt
#mkeys file = MK.Key
# * Location of the different key files that can be used for emu proccessing
#autoroll notifier = ./save.sh
# * Possibility to call external app if autorolling catch new key(s)

readers = 1
# * number of defined readers below

reader 1 description = Phoenix on console
reader 1 type = phoenix
reader 1 name = /dev/ttyS0
reader 1 parity = O
reader 1 newcamd port = 10002
reader 1 newcamd deskey = 01 02 03 04 05 06 07 08 09 10 11 12 13 14
reader 1 detect mode = 0


reader 2 description = Phoenix on console
reader 2 type = phoenix
reader 2 name = /dev/tts/1
reader 2 parity = E
reader 2 newcamd port = 10003
reader 2 newcamd deskey = 01 02 03 04 05 06 07 08 09 10 11 12 13 14
reader 2 detect mode = 0


#remote servers
net shares = 0
#net share i = ip-or-domain:socket:proto[username:password:keyhex]
# where 'proto' = 1 for v4 rdgd server, 0 for older rdgd server and 2 for nwecamd server
#example 1 => radegast server connect:
#net share 1 = 192.168.1.5:777:1:
#example 2 => newcamd server connect:
#net share 2 = hack.somwhere.net:12345:2:user1:pass2:01 02 03 04 05 06 07 08 09 10 11 12 13 14

#net timeout = 5000
# * Timeout for network I/O operations when rdgd
#   acts as client

user database = /home/mythtv/software/radegast.users

plugin directory = ./
#plugins = con-webmin
#webmin port = 8888

# ---------------------------------------
# Client configuration (for rdgc or camd)
# ---------------------------------------
[camd]
#pmt = own|file|socket
pmt = file
#debug = 0

# PMT table magic
#ecm caid remove = caid:provid
# * Filter specified ECM stream off. Usefull when simulcrypt
#   is used and is known that some of the ECM stream is unsupported
#   (ie. when new cards are testing but not already at customers)
ecm caid remove = 1800:0000
#ecm caid remap = caid:provid:pid-old:pid-new
# * Remap ECM pid for some service. Usable
#   - when provider sends fake ECM PID entry
#   - when provider uses the same DW for more services
#ecm caid priority = ciad:provid (unimplemented)
#ecm caid fixed dw = caid:provid:dw_16hex (unimplemented)

dvb api = 3
# * DVB API version: 2 or 3
#   (IBM API is faked as '3')
descr mode = v3api
# * Descrambler feeding method: off, v2api, file, v3api

demux index = 1
# * index = 1 for working timeshifting/recording
#   on dreambox.

#ecm flood lock = 5
#ecm flood release = 200

 

Reader 1 is the Jaycar reader connected to the serial port 0. Reader 2 is the Infinity Phoenix connected to a usb port. Please notice that in the Jaycar reader the parity is odd and in the other one is even.

In the radegast.cfg there is a line called user database =

Just put on that line the full path to your your radegast.users file.

My radegast.users file is:

#
# User Database for Radegast suite
#
# Format:
#
# username:password:emm:proto:cardmask:multi:host
#
# emm = 0 or 1 (disable/enable)
# proto = 1(rdgd) 2(newcamd) or summ
# cardmask = max 32bit hex value mask to selectivelly enable reader for user
# multi = 0(unrestricted) or any positive value for restricted simultanous login
# host = ip or hostname
#
# Note: Only 2 first items are required, rest are optional
#
omc:omc:1
 

If when you try to start the radegast binary (rdgd) it gives the following error:

error while loading shared libraries: libcrypto.so.0.9.8: cannot open shared object file: No such file or directory

Create a symbolic link to solve the problem:

#ln -s /lib/libcrypto.so.0.x.x /lib/libcrypto.so.0.9.8

To start the radegast daemon do the following:

#/path_to_radegast_daemon/rdgd -c /path_to_config/radegast.cfg

Most of these applications have been developed for the Dreambox, but since the Dreambox has Linux as its operating system, most of its software can be used in MythTV.

The last piece of the puzzle that you need to make it work, is something that is called a softcam. A softcam emulates hardware cams that are normally made with proprietary algorithms.

There is a softcam that can be virtually used for any Linux TV application, including MythTV, it is called sasc-ng. sasc-ng talks to the card reader software (radegast or any other) and uses that information to decode the stream.

Sasc-ng creates a virtual video adapter with decoded output.

This wiki, has information about downloading and installing sasc-ng. As they say Open-SASC-NG is dead, long live vdr-SASC-NG!

Development on open-sasc-ng has halted a long time ago but vdr-SASC-NG continues.

Just follow the detailed instructions of that wiki to install sasc-ng.

Once you have followed their instructions and compiled the module by doi

$cd sasc-ng
$make
$make module

You can now load the module:

#/sbin/insmod ./dvbloopback.ko

To start the binary, type the following command:

#./sasc-ng -j 1:2 --cam-budget

sasc creates a virtual video card. In this case the real card is 1 and the virtual one is 2.

If you have several cards, you can use:

#./sasc-ng -j 0:2 -j 1:3 --cam-budget

That will create two virtual cards (2 and 3) from the real ones (0 and 1)

Note about keys: key files should be located in the directory sc_files

The only file I'm putting there is cardclient.conf that has the configuration
to connect to the newcamd server (radegast) that controls the smartcard.

This is my cardclient.conf

#
# User Database for Radegast suite
#
# Format:
#
# username:password:emm:proto:cardmask:multi:host
#
# emm = 0 or 1 (disable/enable)
# proto = 1(rdgd) 2(newcamd) or summ
# cardmask = max 32bit hex value mask to selectivelly enable reader for user
# multi = 0(unrestricted) or any positive value for restricted simultanous login
# host = ip or hostname
#
# Note: Only 2 first items are required, rest are optional
#
omc:omc:1
#hacker:pass1:1
#newbie:pass2:0
#*:+:0:3:-1:1:127.0.0.1
#luser:pass:0:3
[root@mythbox-master software]# ^C
[root@mythbox-master software]# mc

[root@mythbox-master sc_files]# cat cardclient.conf
#
# Comment lines can start with # or ;
#
# every client line starts with the client name, followed by some arguments:
# 'hostname' is the name of the server
# 'port'     is the port on the server
# 'emm'      is a flag to allow EMM transfers to the server
#            (0=disabled 1=enabled)
# 'caid'     (optional) caid on which this client should work
# 'mask'     (optional) mask for caid e.g. caid=1700 mask=FF00 would allow
#            anything between 1700 & 17FF.
#            Default is 1700 & FF00. If only caid is given mask is FFFF.
#            You may give multiple caid/mask values comma separated
#            (e.g. 1702,1722,0d0c/ff00).
# 'username' is the login username
# 'password' is the login password
#
# radegast client
#radegast:hostname:port:emm/caid/mask
#radegast:192.168.0.100:777:1
#
# aroureos client
# 'hexbase'
# 'hexserial' card data for which EMM updates should be send
#aroureos:hostname:port:emm/caid/mask:hexbase:hexserial
#
# camd33 client (tcp protocol)
# 'aeskey'   is the AES key (32bytes), disable encryption if missing
#camd33:hostname:port:emm/caid/mask:username:password:aeskey
#
# camd35 client (udp protocol)
#camd35:hostname:port:emm/caid/mask:username:password
#
# cardd client
#cardd:hostname:port:emm/caid/mask:username:password
#
# buffy client
# 'aeskey'   is the AES key (32bytes), disable encryption if missing
#buffy:hostname:port:emm:username:password:aeskey
#
# newcamd client
# 'cfgkey' is the config key (28bytes)
#newcamd:hostname:port:emm/caid/mask:username:password:cfgKey
newcamd:192.168.0.67:10002:1:omc:omc:0102030405060708091011121314
#
# gbox client
#
# NOTE: hostname & port will be ignore. GBOX must be runnning on the local
# machine. For convinience you should choose localhost:8004
#gbox:hostname:port:emm/caid/mask

Now putting it all together, this is what I put on my /etc/rc.d/rc.local file in Fedora:

#Use this for the Infinity card reader
#If using just a normal serial card reader the next 3 commands are not necessary
cd /home/mythtv/software
./nftytool -p phoenix -- -f 3.58 -p phoenix -e
cd ~


#The following four commands allow Pay TV
#had to put a sleep after starting radegast to give it time to start and get ready
/home/mythtv/software/rdgd -c /home/mythtv/software/radegast.cfg > /dev/null 2>&1
sleep 5
/sbin/insmod /home/mythtv/software/dvbloopback.ko
/home/mythtv/software/sasc-ng --cam-dir /etc/camfiles -j 0:2 --cam-budget > /dev/null 2>&1 &


#Start mythbackend
#Could not start mythbackend as a normal service since I'm starting other processes first
/sbin/service mythbackend start
 

When you configure Mythtv and select the tuners, you will be able to see the real and the virtual one. You have to select the virtual one to get the decoded stream.

Once you have all these pieces of the puzzle talking to each other, you'll get a real digital picture on your TV!

More Info on Jaycar Programmer

The switch (in or out) is used for changing between a reader or programmer device. With the switch in (Normal mode), you should be able to read the details off the card. It also needs to be in to program the EEPROM of a blank card.

With the switch out, you are in PIC programmer mode and you can program the PIC (equivalent of an operating system) on the card.

The Phoenix mode is governed by the JP1 configuration. When you look at Fig.2 in the Kit instructions, the black cover should be aligned with pins 1 and 2 of JP1. Pin 3 should be the odd one out. This will put the MkII into Phoenix mode.

JP2 governs the clock speed. Some software prefer 6mhz (Irdeto 2) and others prefer 3.57mhz (NDS). Depending on which crystal (x1 or x2) you have the black bit on JP2 closer to, will govern what clock speed you have your MkII set up for. The main thing is to make sure that the software you use is set at the same clock speed as you select on JP2.

Mod to Jaycar Programmer

I read in a forum that to make the Jaycar programmer work with our  Pay TV cards you have to do the following mod  (I did it to mine) :

Remove the 4.7K resistor that connects to pin 12 of IC2f (pins 3 and 12 are connected together) and replace it with a schotkey diode (1N5819, with the cathode, or band, connected to pin 12 of IC2f). Click on image below to enlarge.

Some cards only work in smartmouse mode, so you'll have to check which configuration yours like. The only difference between smartmouse and phoenix is the way the card is reset.