dash/proxmark3
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

FIX: iso-14443a RATS optional (piwi)

Browse Source
This commit is contained in:
iceman1001
2017-10-01 22:06:06 +02:00
parent 41a2553b04
commit a4b4a1a9a2
14 changed files with 115 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
client/cmdhf14a.c
View File

@@ -157,6 +157,7 @@ int usage_hf_14a_raw(void){
PrintAndLog(" -b number of bits to send. Useful for send partial byte");
PrintAndLog(" -t timeout in ms");
PrintAndLog(" -T use Topaz protocol to send command");
PrintAndLog(" -3 ISO14443-3 select only (skip RATS)");
return 0;
}
@@ -435,7 +436,7 @@ int CmdHF14ACUIDs(const char *Cmd) {
}
// execute anticollision procedure
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT, 0, 0}};
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_RATS, 0, 0}};
SendCommand(&c);
UsbCommand resp;
@@ -567,22 +568,23 @@ int CmdHF14ASniff(const char *Cmd) {
int CmdHF14ACmdRaw(const char *cmd) {
UsbCommand c = {CMD_READER_ISO_14443a, {0, 0, 0}};
bool reply=1;
bool reply = 1;
bool crc = false;
bool power = false;
bool active = false;
bool active_select = false;
uint16_t numbits=0;
uint16_t numbits = 0;
bool bTimeout = false;
uint32_t timeout=0;
uint32_t timeout = 0;
bool topazmode = false;
bool no_rats = false;
char buf[5]="";
int i=0;
int i = 0;
uint8_t data[USB_CMD_DATA_SIZE];
uint16_t datalen=0;
uint16_t datalen = 0;
uint32_t temp;
if (strlen(cmd)<2) return usage_hf_14a_raw();
if (strlen(cmd) < 2) return usage_hf_14a_raw();
// strip
while (*cmd==' ' || *cmd=='\t') cmd++;
@@ -610,7 +612,7 @@ int CmdHF14ACmdRaw(const char *cmd) {
active_select = true;
break;
case 'b':
sscanf(cmd+i+2,"%d",&temp);
sscanf(cmd+i+2, "%d", &temp);
numbits = temp & 0xFFFF;
i+=3;
while(cmd[i]!=' ' && cmd[i]!='\0') { i++; }
@@ -618,7 +620,7 @@ int CmdHF14ACmdRaw(const char *cmd) {
break;
case 't':
bTimeout = true;
sscanf(cmd+i+2,"%d",&temp);
sscanf(cmd+i+2, "%d", &temp);
timeout = temp;
i+=3;
while(cmd[i]!=' ' && cmd[i]!='\0') { i++; }
@@ -627,10 +629,13 @@ int CmdHF14ACmdRaw(const char *cmd) {
case 'T':
topazmode = true;
break;
case '3':
no_rats = true;
break;
default:
return usage_hf_14a_raw();
}
i+=2;
i += 2;
continue;
}
if ((cmd[i]>='0' && cmd[i]<='9') ||
@@ -656,8 +661,7 @@ int CmdHF14ACmdRaw(const char *cmd) {
return 0;
}
if(crc && datalen>0 && datalen<sizeof(data)-2)
{
if (crc && datalen>0 && datalen<sizeof(data)-2) {
uint8_t first, second;
if (topazmode) {
ComputeCrc14443(CRC_14443_B, data, datalen, &first, &second);
@@ -668,14 +672,13 @@ int CmdHF14ACmdRaw(const char *cmd) {
data[datalen++] = second;
}
if(active || active_select)
{
if (active || active_select) {
c.arg[0] |= ISO14A_CONNECT;
if(active)
c.arg[0] |= ISO14A_NO_SELECT;
}
if(bTimeout){
if (bTimeout){
#define MAX_TIMEOUT 40542464 // = (2^32-1) * (8*16) / 13560000Hz * 1000ms/s
c.arg[0] |= ISO14A_SET_TIMEOUT;
if(timeout > MAX_TIMEOUT) {
@@ -685,17 +688,20 @@ int CmdHF14ACmdRaw(const char *cmd) {
c.arg[2] = 13560000 / 1000 / (8*16) * timeout; // timeout in ETUs (time to transfer 1 bit, approx. 9.4 us)
}
if(power) {
if (power) {
c.arg[0] |= ISO14A_NO_DISCONNECT;
}
if(datalen>0) {
if (datalen>0) {
c.arg[0] |= ISO14A_RAW;
}
if(topazmode) {
if (topazmode) {
c.arg[0] |= ISO14A_TOPAZMODE;
}
if (no_rats) {
c.arg[0] |= ISO14A_NO_RATS;
}
// Max buffer is USB_CMD_DATA_SIZE
datalen = (datalen > USB_CMD_DATA_SIZE) ? USB_CMD_DATA_SIZE : datalen;
@@ -707,11 +713,11 @@ int CmdHF14ACmdRaw(const char *cmd) {
SendCommand(&c);
if (reply) {
if(active_select)
if (active_select)
waitCmd(1);
if(datalen>0)
if (datalen > 0)
waitCmd(0);
} // if reply
}
return 0;
}

34
client/cmdhfmfu.c
View File

@@ -1,20 +1,13 @@
//-----------------------------------------------------------------------------
// Ultralight Code (c) 2013,2014 Midnitesnake & Andy Davies of Pentura
//
// 2015,2016,2017 Iceman, Marshmellow
// This code is licensed to you under the terms of the GNU GPL, version 2 or,
// at your option, any later version. See the LICENSE.txt file for the text of
// the license.
//-----------------------------------------------------------------------------
// High frequency MIFARE ULTRALIGHT (C) commands
//-----------------------------------------------------------------------------
#include "loclass/des.h"
#include "cmdhfmfu.h"
#include "cmdhfmf.h"
#include "cmdhf14a.h"
#include "mifare.h"
#include "util.h"
#include "protocols.h"
#include "data.h"
#define MAX_UL_BLOCKS 0x0f
#define MAX_ULC_BLOCKS 0x2b
@@ -30,6 +23,15 @@
#define MAX_MY_D_MOVE 0x25
#define MAX_MY_D_MOVE_LEAN 0x0f
#define PUBLIC_ECDA_KEYLEN 33
uint8_t public_ecda_key[PUBLIC_ECDA_KEYLEN] = {
0x04, 0x49, 0x4e, 0x1a, 0x38, 0x6d, 0x3d, 0x3c,
0xfe, 0x3d, 0xc1, 0x0e, 0x5d, 0xe6, 0x8a, 0x49,
0x9b, 0x1c, 0x20, 0x2d, 0xb5, 0xb1, 0x32, 0x39,
0x3e, 0x89, 0xed, 0x19, 0xfe, 0x5b, 0xe8, 0xbc,
0x61
};
#define KEYS_3DES_COUNT 7
uint8_t default_3des_keys[KEYS_3DES_COUNT][16] = {
{ 0x42,0x52,0x45,0x41,0x4b,0x4d,0x45,0x49,0x46,0x59,0x4f,0x55,0x43,0x41,0x4e,0x21 },// 3des std key
@@ -186,7 +188,7 @@ char *getUlev1CardSizeStr( uint8_t fsize ){
}
static void ul_switch_on_field(void) {
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0}};
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_DISCONNECT | ISO14A_NO_RATS, 0, 0}};
clearCommandBuffer();
SendCommand(&c);
}
@@ -198,7 +200,7 @@ void ul_switch_off_field(void) {
}
static int ul_send_cmd_raw( uint8_t *cmd, uint8_t cmdlen, uint8_t *response, uint16_t responseLength ) {
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_APPEND_CRC, cmdlen, 0}};
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_APPEND_CRC | ISO14A_NO_RATS, cmdlen, 0}};
memcpy(c.d.asBytes, cmd, cmdlen);
clearCommandBuffer();
SendCommand(&c);
@@ -352,7 +354,7 @@ static int ul_fudan_check( void ){
if ( !ul_select(&card) )
return UL_ERROR;
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT, 4, 0}};
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_NO_RATS, 4, 0}};
uint8_t cmd[4] = {0x30,0x00,0x02,0xa7}; //wrong crc on purpose should be 0xa8
memcpy(c.d.asBytes, cmd, 4);
@@ -577,11 +579,12 @@ static int ulev1_print_counters(){
static int ulev1_print_signature( uint8_t *data, uint8_t len){
PrintAndLog("\n--- Tag Signature");
//PrintAndLog("IC signature public key name : NXP NTAG21x 2013"); // don't know if there is other NXP public keys.. :(
PrintAndLog("IC signature public key value : 04494e1a386d3d3cfe3dc10e5de68a499b1c202db5b132393e89ed19fe5be8bc61");
PrintAndLog("IC signature public key name : NXP NTAG21x (2013)");
PrintAndLog("IC signature public key value : %s", sprint_hex(public_ecda_key, PUBLIC_ECDA_KEYLEN) );
PrintAndLog(" Elliptic curve parameters : secp128r1");
PrintAndLog(" Tag ECC Signature : %s", sprint_hex(data, len));
//to do: verify if signature is valid
// only UID is signed.
//PrintAndLog("IC signature status: %s valid", (iseccvalid() )?"":"not");
return 0;
}
@@ -1926,6 +1929,7 @@ int CmdHF14AMfURestore(const char *Cmd){
SendCommand(&c);
wait4response(b);
printf(".");
fflush(stdout);
}
printf("\n");
@@ -2213,7 +2217,7 @@ int CmdHF14AMfuGenDiverseKeys(const char *Cmd){
if ( cmdp == 'r' || cmdp == 'R') {
// read uid from tag
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT, 0, 0}};
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_RATS, 0, 0}};
clearCommandBuffer();
SendCommand(&c);
UsbCommand resp;
@@ -2323,7 +2327,7 @@ int CmdHF14AMfuPwdGen(const char *Cmd){
if ( cmdp == 'r' || cmdp == 'R') {
// read uid from tag
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT, 0, 0}};
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_RATS, 0, 0}};
clearCommandBuffer();
SendCommand(&c);
UsbCommand resp;

12
client/cmdhfmfu.h
View File

@@ -1,9 +1,15 @@
#include "cmdhfmf.h"
#include "cmdhf14a.h"
#ifndef CMDHFMFU_H__
#define CMDHFMFU_H__
#include <stdint.h>
#include <stdio.h>
#include "loclass/des.h"
#include "cmdhfmf.h"
#include "cmdhf14a.h"
#include "mifare.h"
#include "util.h"
#include "protocols.h"
#include "data.h"
typedef struct {
uint8_t version[8];
uint8_t tbo[2];

4
client/cmdhftopaz.c
View File

@@ -46,7 +46,7 @@ static struct {
static void topaz_switch_on_field(void)
{
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_SELECT | ISO14A_NO_DISCONNECT | ISO14A_TOPAZMODE, 0, 0}};
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_SELECT | ISO14A_NO_DISCONNECT | ISO14A_TOPAZMODE | ISO14A_NO_RATS, 0, 0}};
SendCommand(&c);
}
@@ -61,7 +61,7 @@ static void topaz_switch_off_field(void)
// send a raw topaz command, returns the length of the response (0 in case of error)
static int topaz_send_cmd_raw(uint8_t *cmd, uint8_t len, uint8_t *response)
{
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_TOPAZMODE, len, 0}};
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_TOPAZMODE | ISO14A_NO_RATS, len, 0}};
memcpy(c.d.asBytes, cmd, len);
SendCommand(&c);

2
client/mifarehost.c
View File

@@ -830,7 +830,7 @@ bool detect_classic_prng(){
UsbCommand resp, respA;
uint8_t cmd[] = {MIFARE_AUTH_KEYA, 0x00};
uint32_t flags = ISO14A_CONNECT | ISO14A_RAW | ISO14A_APPEND_CRC;
uint32_t flags = ISO14A_CONNECT | ISO14A_RAW | ISO14A_APPEND_CRC | ISO14A_NO_RATS;
UsbCommand c = {CMD_READER_ISO_14443a, {flags, sizeof(cmd), 0}};
memcpy(c.d.asBytes, cmd, sizeof(cmd));