]>
Commit | Line | Data |
---|---|---|
1 | //----------------------------------------------------------------------------- | |
2 | // Copyright (C) 2017 Merlok | |
3 | // | |
4 | // This code is licensed to you under the terms of the GNU GPL, version 2 or, | |
5 | // at your option, any later version. See the LICENSE.txt file for the text of | |
6 | // the license. | |
7 | //----------------------------------------------------------------------------- | |
8 | // EMV core functions | |
9 | //----------------------------------------------------------------------------- | |
10 | ||
11 | #include "emvcore.h" | |
12 | #include "emvjson.h" | |
13 | #include "util_posix.h" | |
14 | #ifdef WITH_SMARTCARD | |
15 | #include "cmdsmartcard.h" | |
16 | #endif | |
17 | ||
18 | // Got from here. Thanks) | |
19 | // https://eftlab.co.uk/index.php/site-map/knowledge-base/211-emv-aid-rid-pix | |
20 | static const char *PSElist [] = { | |
21 | "325041592E5359532E4444463031", // 2PAY.SYS.DDF01 - Visa Proximity Payment System Environment - PPSE | |
22 | "315041592E5359532E4444463031" // 1PAY.SYS.DDF01 - Visa Payment System Environment - PSE | |
23 | }; | |
24 | //static const size_t PSElistLen = sizeof(PSElist)/sizeof(char*); | |
25 | ||
26 | char *TransactionTypeStr[] = { | |
27 | "MSD", | |
28 | "VSDC", | |
29 | "qVCDCMCHIP", | |
30 | "CDA" | |
31 | }; | |
32 | ||
33 | typedef struct { | |
34 | enum CardPSVendor vendor; | |
35 | const char* aid; | |
36 | } TAIDList; | |
37 | ||
38 | static const TAIDList AIDlist [] = { | |
39 | // Visa International | |
40 | { CV_VISA, "A00000000305076010"}, // VISA ELO Credit | |
41 | { CV_VISA, "A0000000031010" }, // VISA Debit/Credit (Classic) | |
42 | { CV_VISA, "A000000003101001" }, // VISA Credit | |
43 | { CV_VISA, "A000000003101002" }, // VISA Debit | |
44 | { CV_VISA, "A0000000032010" }, // VISA Electron | |
45 | { CV_VISA, "A0000000032020" }, // VISA | |
46 | { CV_VISA, "A0000000033010" }, // VISA Interlink | |
47 | { CV_VISA, "A0000000034010" }, // VISA Specific | |
48 | { CV_VISA, "A0000000035010" }, // VISA Specific | |
49 | { CV_VISA, "A0000000036010" }, // Domestic Visa Cash Stored Value | |
50 | { CV_VISA, "A0000000036020" }, // International Visa Cash Stored Value | |
51 | { CV_VISA, "A0000000038002" }, // VISA Auth, VisaRemAuthen EMV-CAP (DPA) | |
52 | { CV_VISA, "A0000000038010" }, // VISA Plus | |
53 | { CV_VISA, "A0000000039010" }, // VISA Loyalty | |
54 | { CV_VISA, "A000000003999910" }, // VISA Proprietary ATM | |
55 | // Visa USA | |
56 | { CV_VISA, "A000000098" }, // Debit Card | |
57 | { CV_VISA, "A0000000980848" }, // Debit Card | |
58 | // Mastercard International | |
59 | { CV_MASTERCARD, "A00000000401" }, // MasterCard PayPass | |
60 | { CV_MASTERCARD, "A0000000041010" }, // MasterCard Credit | |
61 | { CV_MASTERCARD, "A00000000410101213" }, // MasterCard Credit | |
62 | { CV_MASTERCARD, "A00000000410101215" }, // MasterCard Credit | |
63 | { CV_MASTERCARD, "A0000000042010" }, // MasterCard Specific | |
64 | { CV_MASTERCARD, "A0000000043010" }, // MasterCard Specific | |
65 | { CV_MASTERCARD, "A0000000043060" }, // Maestro (Debit) | |
66 | { CV_MASTERCARD, "A000000004306001" }, // Maestro (Debit) | |
67 | { CV_MASTERCARD, "A0000000044010" }, // MasterCard Specific | |
68 | { CV_MASTERCARD, "A0000000045010" }, // MasterCard Specific | |
69 | { CV_MASTERCARD, "A0000000046000" }, // Cirrus | |
70 | { CV_MASTERCARD, "A0000000048002" }, // SecureCode Auth EMV-CAP | |
71 | { CV_MASTERCARD, "A0000000049999" }, // MasterCard PayPass | |
72 | // American Express | |
73 | { CV_AMERICANEXPRESS, "A000000025" }, | |
74 | { CV_AMERICANEXPRESS, "A0000000250000" }, | |
75 | { CV_AMERICANEXPRESS, "A00000002501" }, | |
76 | { CV_AMERICANEXPRESS, "A000000025010402" }, | |
77 | { CV_AMERICANEXPRESS, "A000000025010701" }, | |
78 | { CV_AMERICANEXPRESS, "A000000025010801" }, | |
79 | // Groupement des Cartes Bancaires "CB" | |
80 | { CV_CB, "A0000000421010" }, // Cartes Bancaire EMV Card | |
81 | { CV_CB, "A0000000422010" }, | |
82 | { CV_CB, "A0000000423010" }, | |
83 | { CV_CB, "A0000000424010" }, | |
84 | { CV_CB, "A0000000425010" }, | |
85 | // JCB CO., LTD. | |
86 | { CV_JCB, "A00000006510" }, // JCB | |
87 | { CV_JCB, "A0000000651010" }, // JCB J Smart Credit | |
88 | // Other | |
89 | { CV_OTHER, "A0000001544442" }, // Banricompras Debito - Banrisul - Banco do Estado do Rio Grande do SUL - S.A. | |
90 | { CV_OTHER, "F0000000030001" }, // BRADESCO | |
91 | { CV_OTHER, "A0000005241010" }, // RuPay - RuPay | |
92 | { CV_OTHER, "D5780000021010" } // Bankaxept - Bankaxept | |
93 | }; | |
94 | static const size_t AIDlistLen = sizeof(AIDlist)/sizeof(TAIDList); | |
95 | ||
96 | static bool APDULogging = false; | |
97 | void SetAPDULogging(bool logging) { | |
98 | APDULogging = logging; | |
99 | } | |
100 | ||
101 | enum CardPSVendor GetCardPSVendor(uint8_t * AID, size_t AIDlen) { | |
102 | char buf[100] = {0}; | |
103 | if (AIDlen < 1) | |
104 | return CV_NA; | |
105 | ||
106 | hex_to_buffer((uint8_t *)buf, AID, AIDlen, sizeof(buf) - 1, 0, 0, true); | |
107 | ||
108 | for(int i = 0; i < AIDlistLen; i ++) { | |
109 | if (strncmp(AIDlist[i].aid, buf, strlen(AIDlist[i].aid)) == 0){ | |
110 | return AIDlist[i].vendor; | |
111 | } | |
112 | } | |
113 | ||
114 | return CV_NA; | |
115 | } | |
116 | ||
117 | static bool print_cb(void *data, const struct tlv *tlv, int level, bool is_leaf) { | |
118 | emv_tag_dump(tlv, stdout, level); | |
119 | if (is_leaf) { | |
120 | dump_buffer(tlv->value, tlv->len, stdout, level); | |
121 | } | |
122 | ||
123 | return true; | |
124 | } | |
125 | ||
126 | bool TLVPrintFromBuffer(uint8_t *data, int datalen) { | |
127 | struct tlvdb *t = NULL; | |
128 | t = tlvdb_parse_multi(data, datalen); | |
129 | if (t) { | |
130 | PrintAndLogEx(NORMAL, "-------------------- TLV decoded --------------------"); | |
131 | ||
132 | tlvdb_visit(t, print_cb, NULL, 0); | |
133 | tlvdb_free(t); | |
134 | return true; | |
135 | } else { | |
136 | PrintAndLogEx(WARNING, "TLV ERROR: Can't parse response as TLV tree."); | |
137 | } | |
138 | return false; | |
139 | } | |
140 | ||
141 | void TLVPrintFromTLVLev(struct tlvdb *tlv, int level) { | |
142 | if (!tlv) | |
143 | return; | |
144 | ||
145 | tlvdb_visit(tlv, print_cb, NULL, level); | |
146 | } | |
147 | ||
148 | void TLVPrintFromTLV(struct tlvdb *tlv) { | |
149 | TLVPrintFromTLVLev(tlv, 0); | |
150 | } | |
151 | ||
152 | void TLVPrintAIDlistFromSelectTLV(struct tlvdb *tlv) { | |
153 | PrintAndLogEx(NORMAL, "|------------------|--------|-------------------------|"); | |
154 | PrintAndLogEx(NORMAL, "| AID |Priority| Name |"); | |
155 | PrintAndLogEx(NORMAL, "|------------------|--------|-------------------------|"); | |
156 | ||
157 | struct tlvdb *ttmp = tlvdb_find(tlv, 0x6f); | |
158 | if (!ttmp) | |
159 | PrintAndLogEx(NORMAL, "| none |"); | |
160 | ||
161 | while (ttmp) { | |
162 | const struct tlv *tgAID = tlvdb_get_inchild(ttmp, 0x84, NULL); | |
163 | const struct tlv *tgName = tlvdb_get_inchild(ttmp, 0x50, NULL); | |
164 | const struct tlv *tgPrio = tlvdb_get_inchild(ttmp, 0x87, NULL); | |
165 | if (!tgAID) | |
166 | break; | |
167 | PrintAndLogEx(NORMAL, "|%s| %s |%s|", | |
168 | sprint_hex_inrow_ex(tgAID->value, tgAID->len, 18), | |
169 | (tgPrio) ? sprint_hex(tgPrio->value, 1) : " ", | |
170 | (tgName) ? sprint_ascii_ex(tgName->value, tgName->len, 25) : " "); | |
171 | ||
172 | ttmp = tlvdb_find_next(ttmp, 0x6f); | |
173 | } | |
174 | ||
175 | PrintAndLogEx(NORMAL, "|------------------|--------|-------------------------|"); | |
176 | } | |
177 | ||
178 | struct tlvdb *GetPANFromTrack2(const struct tlv *track2) { | |
179 | char track2Hex[200] = {0}; | |
180 | uint8_t PAN[100] = {0}; | |
181 | int PANlen = 0; | |
182 | char *tmp = track2Hex; | |
183 | ||
184 | if (!track2) | |
185 | return NULL; | |
186 | ||
187 | for (int i = 0; i < track2->len; ++i, tmp += 2) | |
188 | sprintf(tmp, "%02x", (unsigned int)track2->value[i]); | |
189 | ||
190 | int posD = strchr(track2Hex, 'd') - track2Hex; | |
191 | if (posD < 1) | |
192 | return NULL; | |
193 | ||
194 | track2Hex[posD] = 0; | |
195 | if (strlen(track2Hex) % 2) { | |
196 | track2Hex[posD] = 'F'; | |
197 | track2Hex[posD + 1] = '\0'; | |
198 | } | |
199 | ||
200 | param_gethex_to_eol(track2Hex, 0, PAN, sizeof(PAN), &PANlen); | |
201 | ||
202 | return tlvdb_fixed(0x5a, PANlen, PAN); | |
203 | } | |
204 | ||
205 | struct tlvdb *GetdCVVRawFromTrack2(const struct tlv *track2) { | |
206 | char track2Hex[200] = {0}; | |
207 | char dCVVHex[100] = {0}; | |
208 | uint8_t dCVV[100] = {0}; | |
209 | int dCVVlen = 0; | |
210 | const int PINlen = 5; // must calculated from 9F67 MSD Offset but i have not seen this tag) | |
211 | char *tmp = track2Hex; | |
212 | ||
213 | if (!track2) | |
214 | return NULL; | |
215 | ||
216 | for (int i = 0; i < track2->len; ++i, tmp += 2) | |
217 | sprintf(tmp, "%02x", (unsigned int)track2->value[i]); | |
218 | ||
219 | int posD = strchr(track2Hex, 'd') - track2Hex; | |
220 | if (posD < 1) | |
221 | return NULL; | |
222 | ||
223 | memset(dCVVHex, '0', 32); | |
224 | // ATC | |
225 | memcpy(dCVVHex + 0, track2Hex + posD + PINlen + 11, 4); | |
226 | // PAN 5 hex | |
227 | memcpy(dCVVHex + 4, track2Hex, 5); | |
228 | // expire date | |
229 | memcpy(dCVVHex + 9, track2Hex + posD + 1, 4); | |
230 | // service code | |
231 | memcpy(dCVVHex + 13, track2Hex + posD + 5, 3); | |
232 | ||
233 | param_gethex_to_eol(dCVVHex, 0, dCVV, sizeof(dCVV), &dCVVlen); | |
234 | ||
235 | return tlvdb_fixed(0x02, dCVVlen, dCVV); | |
236 | } | |
237 | ||
238 | int EMVExchangeEx(EMVCommandChannel channel, bool ActivateField, bool LeaveFieldON, sAPDU apdu, bool IncludeLe, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) { | |
239 | uint8_t data[APDU_RES_LEN] = {0}; | |
240 | ||
241 | *ResultLen = 0; | |
242 | if (sw) *sw = 0; | |
243 | uint16_t isw = 0; | |
244 | int res = 0; | |
245 | ||
246 | if (ActivateField) { | |
247 | DropField(); | |
248 | msleep(50); | |
249 | } | |
250 | ||
251 | // COMPUTE APDU | |
252 | memcpy(data, &apdu, 5); | |
253 | if (apdu.data) | |
254 | memcpy(&data[5], apdu.data, apdu.Lc); | |
255 | ||
256 | if (APDULogging) | |
257 | PrintAndLogEx(SUCCESS, ">>>> %s", sprint_hex(data, (IncludeLe?6:5) + apdu.Lc)); | |
258 | ||
259 | switch(channel) { | |
260 | case ECC_CONTACTLESS: | |
261 | // 6 byes + data = INS + CLA + P1 + P2 + Lc + <data = Nc> + Le(?IncludeLe) | |
262 | res = ExchangeAPDU14a(data, (IncludeLe?6:5) + apdu.Lc, ActivateField, LeaveFieldON, Result, (int)MaxResultLen, (int *)ResultLen); | |
263 | if (res) { | |
264 | return res; | |
265 | } | |
266 | break; | |
267 | case ECC_CONTACT: | |
268 | //int ExchangeAPDUSC(uint8_t *datain, int datainlen, bool activateCard, bool leaveSignalON, uint8_t *dataout, int maxdataoutlen, int *dataoutlen); | |
269 | #ifdef WITH_SMARTCARD | |
270 | res = ExchangeAPDUSC(data, (IncludeLe?6:5) + apdu.Lc, ActivateField, LeaveFieldON, Result, (int)MaxResultLen, (int *)ResultLen); | |
271 | if (res) { | |
272 | return res; | |
273 | } | |
274 | #endif | |
275 | break; | |
276 | } | |
277 | ||
278 | if (APDULogging) | |
279 | PrintAndLogEx(SUCCESS, "<<<< %s", sprint_hex(Result, *ResultLen)); | |
280 | ||
281 | if (*ResultLen < 2) { | |
282 | return 200; | |
283 | } | |
284 | ||
285 | *ResultLen -= 2; | |
286 | isw = Result[*ResultLen] * 0x0100 + Result[*ResultLen + 1]; | |
287 | if (sw) | |
288 | *sw = isw; | |
289 | ||
290 | if (isw != 0x9000) { | |
291 | if (APDULogging) { | |
292 | if (*sw >> 8 == 0x61) { | |
293 | PrintAndLogEx(ERR, "APDU chaining len:%02x -->", *sw & 0xff); | |
294 | } else { | |
295 | PrintAndLogEx(ERR, "APDU(%02x%02x) ERROR: [%4X] %s", apdu.CLA, apdu.INS, isw, GetAPDUCodeDescription(*sw >> 8, *sw & 0xff)); | |
296 | return 5; | |
297 | } | |
298 | } | |
299 | } | |
300 | ||
301 | // add to tlv tree | |
302 | if (tlv) { | |
303 | struct tlvdb *t = tlvdb_parse_multi(Result, *ResultLen); | |
304 | tlvdb_add(tlv, t); | |
305 | } | |
306 | ||
307 | return 0; | |
308 | } | |
309 | ||
310 | int EMVExchange(EMVCommandChannel channel, bool LeaveFieldON, sAPDU apdu, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) { | |
311 | return EMVExchangeEx(channel, false, LeaveFieldON, apdu, (channel == ECC_CONTACTLESS), Result, MaxResultLen, ResultLen, sw, tlv); | |
312 | } | |
313 | ||
314 | int EMVSelect(EMVCommandChannel channel, bool ActivateField, bool LeaveFieldON, uint8_t *AID, size_t AIDLen, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) { | |
315 | return EMVExchangeEx(channel, ActivateField, LeaveFieldON, (sAPDU){0x00, 0xa4, 0x04, 0x00, AIDLen, AID}, (channel == ECC_CONTACTLESS), Result, MaxResultLen, ResultLen, sw, tlv); | |
316 | } | |
317 | ||
318 | int EMVSelectPSE(EMVCommandChannel channel, bool ActivateField, bool LeaveFieldON, uint8_t PSENum, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw) { | |
319 | uint8_t buf[APDU_AID_LEN] = {0}; | |
320 | *ResultLen = 0; | |
321 | int len = 0; | |
322 | int res = 0; | |
323 | switch (PSENum) { | |
324 | case 1: | |
325 | param_gethex_to_eol(PSElist[1], 0, buf, sizeof(buf), &len); | |
326 | break; | |
327 | case 2: | |
328 | param_gethex_to_eol(PSElist[0], 0, buf, sizeof(buf), &len); | |
329 | break; | |
330 | default: | |
331 | return -1; | |
332 | } | |
333 | ||
334 | // select | |
335 | res = EMVSelect(channel, ActivateField, LeaveFieldON, buf, len, Result, MaxResultLen, ResultLen, sw, NULL); | |
336 | ||
337 | return res; | |
338 | } | |
339 | ||
340 | int EMVSearchPSE(EMVCommandChannel channel, bool ActivateField, bool LeaveFieldON, uint8_t PSENum, bool decodeTLV, struct tlvdb *tlv) { | |
341 | uint8_t data[APDU_RES_LEN] = {0}; | |
342 | size_t datalen = 0; | |
343 | uint16_t sw = 0; | |
344 | int res; | |
345 | ||
346 | // select PPSE | |
347 | res = EMVSelectPSE(channel, ActivateField, true, PSENum, data, sizeof(data), &datalen, &sw); | |
348 | ||
349 | if (!res){ | |
350 | struct tlvdb *t = NULL; | |
351 | t = tlvdb_parse_multi(data, datalen); | |
352 | if (t) { | |
353 | int retrycnt = 0; | |
354 | struct tlvdb *ttmp = tlvdb_find_path(t, (tlv_tag_t[]){0x6f, 0xa5, 0xbf0c, 0x61, 0x00}); | |
355 | if (!ttmp) | |
356 | PrintAndLogEx(FAILED, "PPSE don't have records."); | |
357 | ||
358 | while (ttmp) { | |
359 | const struct tlv *tgAID = tlvdb_get_inchild(ttmp, 0x4f, NULL); | |
360 | if (tgAID) { | |
361 | res = EMVSelect(channel, false, true, (uint8_t *)tgAID->value, tgAID->len, data, sizeof(data), &datalen, &sw, tlv); | |
362 | ||
363 | // retry if error and not returned sw error | |
364 | if (res && res != 5) { | |
365 | if (++retrycnt < 3){ | |
366 | continue; | |
367 | } else { | |
368 | // card select error, proxmark error | |
369 | if (res == 1) { | |
370 | PrintAndLogEx(WARNING, "Exit..."); | |
371 | return 1; | |
372 | } | |
373 | ||
374 | retrycnt = 0; | |
375 | PrintAndLogEx(NORMAL, "Retry failed [%s]. Skiped...", sprint_hex_inrow(tgAID->value, tgAID->len)); | |
376 | } | |
377 | ||
378 | // next element | |
379 | ttmp = tlvdb_find_next(ttmp, 0x61); | |
380 | continue; | |
381 | } | |
382 | retrycnt = 0; | |
383 | ||
384 | // all is ok | |
385 | if (decodeTLV){ | |
386 | PrintAndLogEx(NORMAL, "%s:", sprint_hex_inrow(tgAID->value, tgAID->len)); | |
387 | TLVPrintFromBuffer(data, datalen); | |
388 | } | |
389 | } | |
390 | ||
391 | ttmp = tlvdb_find_next(ttmp, 0x61); | |
392 | } | |
393 | ||
394 | tlvdb_free(t); | |
395 | } else { | |
396 | PrintAndLogEx(WARNING, "PPSE ERROR: Can't get TLV from response."); | |
397 | } | |
398 | } else { | |
399 | PrintAndLogEx(WARNING, "PPSE ERROR: Can't select PPSE AID. Error: %d", res); | |
400 | } | |
401 | ||
402 | if(!LeaveFieldON) | |
403 | DropField(); | |
404 | ||
405 | return res; | |
406 | } | |
407 | ||
408 | int EMVSearch(EMVCommandChannel channel, bool ActivateField, bool LeaveFieldON, bool decodeTLV, struct tlvdb *tlv) { | |
409 | uint8_t aidbuf[APDU_AID_LEN] = {0}; | |
410 | int aidlen = 0; | |
411 | uint8_t data[APDU_RES_LEN] = {0}; | |
412 | size_t datalen = 0; | |
413 | uint16_t sw = 0; | |
414 | ||
415 | int res = 0; | |
416 | int retrycnt = 0; | |
417 | for(int i = 0; i < AIDlistLen; i ++) { | |
418 | param_gethex_to_eol(AIDlist[i].aid, 0, aidbuf, sizeof(aidbuf), &aidlen); | |
419 | res = EMVSelect(channel, (i == 0) ? ActivateField : false, (i == AIDlistLen - 1) ? LeaveFieldON : true, aidbuf, aidlen, data, sizeof(data), &datalen, &sw, tlv); | |
420 | // retry if error and not returned sw error | |
421 | if (res && res != 5) { | |
422 | if (++retrycnt < 3){ | |
423 | i--; | |
424 | } else { | |
425 | // (1) - card select error, proxmark error OR (200) - result length = 0 | |
426 | if (res == 1 || res == 200) { | |
427 | PrintAndLogEx(WARNING, "Exit..."); | |
428 | return 1; | |
429 | } | |
430 | ||
431 | retrycnt = 0; | |
432 | PrintAndLogEx(FAILED, "Retry failed [%s]. Skipped...", AIDlist[i].aid); | |
433 | } | |
434 | continue; | |
435 | } | |
436 | retrycnt = 0; | |
437 | ||
438 | if (res) | |
439 | continue; | |
440 | ||
441 | if (!datalen) | |
442 | continue; | |
443 | ||
444 | if (decodeTLV) { | |
445 | PrintAndLogEx(SUCCESS, "%s", AIDlist[i].aid); | |
446 | TLVPrintFromBuffer(data, datalen); | |
447 | } | |
448 | } | |
449 | ||
450 | return 0; | |
451 | } | |
452 | ||
453 | int EMVSelectApplication(struct tlvdb *tlv, uint8_t *AID, size_t *AIDlen) { | |
454 | // check priority. 0x00 - highest | |
455 | int prio = 0xffff; | |
456 | ||
457 | *AIDlen = 0; | |
458 | ||
459 | struct tlvdb *ttmp = tlvdb_find(tlv, 0x6f); | |
460 | if (!ttmp) | |
461 | return 1; | |
462 | ||
463 | while (ttmp) { | |
464 | const struct tlv *tgAID = tlvdb_get_inchild(ttmp, 0x84, NULL); | |
465 | const struct tlv *tgPrio = tlvdb_get_inchild(ttmp, 0x87, NULL); | |
466 | ||
467 | if (!tgAID) | |
468 | break; | |
469 | ||
470 | if (tgPrio) { | |
471 | int pt = bytes_to_num((uint8_t*)tgPrio->value, (tgPrio->len < 2) ? tgPrio->len : 2); | |
472 | if (pt < prio) { | |
473 | prio = pt; | |
474 | ||
475 | memcpy(AID, tgAID->value, tgAID->len); | |
476 | *AIDlen = tgAID->len; | |
477 | } | |
478 | } else { | |
479 | // takes the first application from list wo priority | |
480 | if (!*AIDlen) { | |
481 | memcpy(AID, tgAID->value, tgAID->len); | |
482 | *AIDlen = tgAID->len; | |
483 | } | |
484 | } | |
485 | ||
486 | ttmp = tlvdb_find_next(ttmp, 0x6f); | |
487 | } | |
488 | ||
489 | return 0; | |
490 | } | |
491 | ||
492 | int EMVGPO(EMVCommandChannel channel, bool LeaveFieldON, uint8_t *PDOL, size_t PDOLLen, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) { | |
493 | return EMVExchange(channel, LeaveFieldON, (sAPDU){0x80, 0xa8, 0x00, 0x00, PDOLLen, PDOL}, Result, MaxResultLen, ResultLen, sw, tlv); | |
494 | } | |
495 | ||
496 | int EMVReadRecord(EMVCommandChannel channel, bool LeaveFieldON, uint8_t SFI, uint8_t SFIrec, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) { | |
497 | int res = EMVExchange(channel, LeaveFieldON, (sAPDU){0x00, 0xb2, SFIrec, (SFI << 3) | 0x04, 0, NULL}, Result, MaxResultLen, ResultLen, sw, tlv); | |
498 | if (*sw == 0x6700) { | |
499 | PrintAndLogEx(INFO, ">>> trying to reissue command withouth Le..."); | |
500 | res = EMVExchangeEx(channel, false, LeaveFieldON, (sAPDU){0x00, 0xb2, SFIrec, (SFI << 3) | 0x04, 0, NULL}, false, Result, MaxResultLen, ResultLen, sw, tlv); | |
501 | } | |
502 | return res; | |
503 | } | |
504 | ||
505 | int EMVAC(EMVCommandChannel channel, bool LeaveFieldON, uint8_t RefControl, uint8_t *CDOL, size_t CDOLLen, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) { | |
506 | return EMVExchange(channel, LeaveFieldON, (sAPDU){0x80, 0xae, RefControl, 0x00, CDOLLen, CDOL}, Result, MaxResultLen, ResultLen, sw, tlv); | |
507 | } | |
508 | ||
509 | int EMVGenerateChallenge(EMVCommandChannel channel, bool LeaveFieldON, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) { | |
510 | int res = EMVExchange(channel, LeaveFieldON, (sAPDU){0x00, 0x84, 0x00, 0x00, 0x00, NULL}, Result, MaxResultLen, ResultLen, sw, tlv); | |
511 | if (*sw == 0x6700) { | |
512 | PrintAndLogEx(INFO, ">>> trying to reissue command withouth Le..."); | |
513 | res = EMVExchangeEx(channel, false, LeaveFieldON, (sAPDU){0x00, 0x84, 0x00, 0x00, 0x00, NULL}, false, Result, MaxResultLen, ResultLen, sw, tlv); | |
514 | } | |
515 | return res; | |
516 | } | |
517 | ||
518 | int EMVInternalAuthenticate(EMVCommandChannel channel, bool LeaveFieldON, uint8_t *DDOL, size_t DDOLLen, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) { | |
519 | return EMVExchange(channel, LeaveFieldON, (sAPDU){0x00, 0x88, 0x00, 0x00, DDOLLen, DDOL}, Result, MaxResultLen, ResultLen, sw, tlv); | |
520 | } | |
521 | ||
522 | int MSCComputeCryptoChecksum(EMVCommandChannel channel, bool LeaveFieldON, uint8_t *UDOL, uint8_t UDOLlen, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) { | |
523 | return EMVExchange(channel, LeaveFieldON, (sAPDU){0x80, 0x2a, 0x8e, 0x80, UDOLlen, UDOL}, Result, MaxResultLen, ResultLen, sw, tlv); | |
524 | } | |
525 | ||
526 | // Authentication | |
527 | struct emv_pk *get_ca_pk(struct tlvdb *db) { | |
528 | const struct tlv *df_tlv = tlvdb_get(db, 0x84, NULL); | |
529 | const struct tlv *caidx_tlv = tlvdb_get(db, 0x8f, NULL); | |
530 | ||
531 | if (!df_tlv || !caidx_tlv || df_tlv->len < 6 || caidx_tlv->len != 1) | |
532 | return NULL; | |
533 | ||
534 | PrintAndLogEx(NORMAL, "CA public key index 0x%0x", caidx_tlv->value[0]); | |
535 | return emv_pk_get_ca_pk(df_tlv->value, caidx_tlv->value[0]); | |
536 | } | |
537 | ||
538 | int trSDA(struct tlvdb *tlv) { | |
539 | ||
540 | struct emv_pk *pk = get_ca_pk(tlv); | |
541 | if (!pk) { | |
542 | PrintAndLogEx(WARNING, "Error: Key not found. Exit."); | |
543 | return 2; | |
544 | } | |
545 | ||
546 | struct emv_pk *issuer_pk = emv_pki_recover_issuer_cert(pk, tlv); | |
547 | if (!issuer_pk) { | |
548 | emv_pk_free(pk); | |
549 | PrintAndLogEx(WARNING, "Error: Issuer certificate not found. Exit."); | |
550 | return 2; | |
551 | } | |
552 | ||
553 | PrintAndLogEx(SUCCESS, "Issuer PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx", | |
554 | issuer_pk->rid[0], | |
555 | issuer_pk->rid[1], | |
556 | issuer_pk->rid[2], | |
557 | issuer_pk->rid[3], | |
558 | issuer_pk->rid[4], | |
559 | issuer_pk->index, | |
560 | issuer_pk->serial[0], | |
561 | issuer_pk->serial[1], | |
562 | issuer_pk->serial[2] | |
563 | ); | |
564 | ||
565 | const struct tlv *sda_tlv = tlvdb_get(tlv, 0x21, NULL); | |
566 | if (!sda_tlv || sda_tlv->len < 1) { | |
567 | emv_pk_free(issuer_pk); | |
568 | emv_pk_free(pk); | |
569 | PrintAndLogEx(WARNING, "Can't find input list for Offline Data Authentication. Exit."); | |
570 | return 3; | |
571 | } | |
572 | ||
573 | struct tlvdb *dac_db = emv_pki_recover_dac(issuer_pk, tlv, sda_tlv); | |
574 | if (dac_db) { | |
575 | const struct tlv *dac_tlv = tlvdb_get(dac_db, 0x9f45, NULL); | |
576 | PrintAndLogEx(NORMAL, "SDA verified OK. (%02hhx:%02hhx)\n", dac_tlv->value[0], dac_tlv->value[1]); | |
577 | tlvdb_add(tlv, dac_db); | |
578 | } else { | |
579 | emv_pk_free(issuer_pk); | |
580 | emv_pk_free(pk); | |
581 | PrintAndLogEx(WARNING, "SSAD verify error"); | |
582 | return 4; | |
583 | } | |
584 | ||
585 | emv_pk_free(issuer_pk); | |
586 | emv_pk_free(pk); | |
587 | return 0; | |
588 | } | |
589 | ||
590 | static const unsigned char default_ddol_value[] = {0x9f, 0x37, 0x04}; | |
591 | static struct tlv default_ddol_tlv = {.tag = 0x9f49, .len = 3, .value = default_ddol_value }; | |
592 | ||
593 | int trDDA(EMVCommandChannel channel, bool decodeTLV, struct tlvdb *tlv) { | |
594 | uint8_t buf[APDU_RES_LEN] = {0}; | |
595 | size_t len = 0; | |
596 | uint16_t sw = 0; | |
597 | ||
598 | struct emv_pk *pk = get_ca_pk(tlv); | |
599 | if (!pk) { | |
600 | PrintAndLogEx(WARNING, "Error: Key not found. Exit."); | |
601 | return 2; | |
602 | } | |
603 | ||
604 | const struct tlv *sda_tlv = tlvdb_get(tlv, 0x21, NULL); | |
605 | if (!sda_tlv || sda_tlv->len < 1) { | |
606 | emv_pk_free(pk); | |
607 | PrintAndLogEx(WARNING, "Error: Can't find input list for Offline Data Authentication. Exit."); | |
608 | return 3; | |
609 | } | |
610 | ||
611 | struct emv_pk *issuer_pk = emv_pki_recover_issuer_cert(pk, tlv); | |
612 | if (!issuer_pk) { | |
613 | emv_pk_free(pk); | |
614 | PrintAndLogEx(WARNING, "Error: Issuer certificate not found. Exit."); | |
615 | return 2; | |
616 | } | |
617 | PrintAndLogEx(SUCCESS, "Issuer PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx\n", | |
618 | issuer_pk->rid[0], | |
619 | issuer_pk->rid[1], | |
620 | issuer_pk->rid[2], | |
621 | issuer_pk->rid[3], | |
622 | issuer_pk->rid[4], | |
623 | issuer_pk->index, | |
624 | issuer_pk->serial[0], | |
625 | issuer_pk->serial[1], | |
626 | issuer_pk->serial[2] | |
627 | ); | |
628 | ||
629 | struct emv_pk *icc_pk = emv_pki_recover_icc_cert(issuer_pk, tlv, sda_tlv); | |
630 | if (!icc_pk) { | |
631 | emv_pk_free(pk); | |
632 | emv_pk_free(issuer_pk); | |
633 | PrintAndLogEx(WARNING, "Error: ICC setrificate not found. Exit."); | |
634 | return 2; | |
635 | } | |
636 | PrintAndLogEx(SUCCESS, "ICC PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx\n", | |
637 | icc_pk->rid[0], | |
638 | icc_pk->rid[1], | |
639 | icc_pk->rid[2], | |
640 | icc_pk->rid[3], | |
641 | icc_pk->rid[4], | |
642 | icc_pk->index, | |
643 | icc_pk->serial[0], | |
644 | icc_pk->serial[1], | |
645 | icc_pk->serial[2] | |
646 | ); | |
647 | ||
648 | struct emv_pk *icc_pe_pk = emv_pki_recover_icc_pe_cert(issuer_pk, tlv); | |
649 | if (!icc_pe_pk) { | |
650 | PrintAndLogEx(WARNING, "WARNING: ICC PE PK recover error. "); | |
651 | } else { | |
652 | PrintAndLogEx(SUCCESS, "ICC PE PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx\n", | |
653 | icc_pe_pk->rid[0], | |
654 | icc_pe_pk->rid[1], | |
655 | icc_pe_pk->rid[2], | |
656 | icc_pe_pk->rid[3], | |
657 | icc_pe_pk->rid[4], | |
658 | icc_pe_pk->index, | |
659 | icc_pe_pk->serial[0], | |
660 | icc_pe_pk->serial[1], | |
661 | icc_pe_pk->serial[2] | |
662 | ); | |
663 | } | |
664 | ||
665 | // 9F4B: Signed Dynamic Application Data | |
666 | const struct tlv *sdad_tlv = tlvdb_get(tlv, 0x9f4b, NULL); | |
667 | // DDA with internal authenticate OR fDDA with filled 0x9F4B tag (GPO result) | |
668 | // EMV kernel3 v2.4, contactless book C-3, C.1., page 147 | |
669 | if (sdad_tlv) { | |
670 | PrintAndLogEx(NORMAL, "\n* * Got Signed Dynamic Application Data (9F4B) form GPO. Maybe fDDA..."); | |
671 | ||
672 | const struct tlvdb *atc_db = emv_pki_recover_atc_ex(icc_pk, tlv, true); | |
673 | if (!atc_db) { | |
674 | PrintAndLogEx(WARNING, "Error: Can't recover IDN (ICC Dynamic Number)"); | |
675 | emv_pk_free(pk); | |
676 | emv_pk_free(issuer_pk); | |
677 | emv_pk_free(icc_pk); | |
678 | return 8; | |
679 | } | |
680 | ||
681 | // 9f36 Application Transaction Counter (ATC) | |
682 | const struct tlv *atc_tlv = tlvdb_get(atc_db, 0x9f36, NULL); | |
683 | if(atc_tlv) { | |
684 | PrintAndLogEx(NORMAL, "\nATC (Application Transaction Counter) [%zu] %s", atc_tlv->len, sprint_hex_inrow(atc_tlv->value, atc_tlv->len)); | |
685 | ||
686 | const struct tlv *core_atc_tlv = tlvdb_get(tlv, 0x9f36, NULL); | |
687 | if(tlv_equal(core_atc_tlv, atc_tlv)) { | |
688 | PrintAndLogEx(SUCCESS, "ATC check OK."); | |
689 | PrintAndLogEx(SUCCESS, "fDDA (fast DDA) verified OK."); | |
690 | } else { | |
691 | PrintAndLogEx(WARNING, "Error: fDDA verified, but ATC in the certificate and ATC in the record not the same."); | |
692 | } | |
693 | } else { | |
694 | PrintAndLogEx(NORMAL, "\nERROR: fDDA (fast DDA) verify error"); | |
695 | emv_pk_free(pk); | |
696 | emv_pk_free(issuer_pk); | |
697 | emv_pk_free(icc_pk); | |
698 | return 9; | |
699 | } | |
700 | } else { | |
701 | struct tlvdb *dac_db = emv_pki_recover_dac(issuer_pk, tlv, sda_tlv); | |
702 | if (dac_db) { | |
703 | const struct tlv *dac_tlv = tlvdb_get(dac_db, 0x9f45, NULL); | |
704 | PrintAndLogEx(NORMAL, "SDA verified OK. (%02hhx:%02hhx)\n", dac_tlv->value[0], dac_tlv->value[1]); | |
705 | tlvdb_add(tlv, dac_db); | |
706 | } else { | |
707 | PrintAndLogEx(WARNING, "Error: SSAD verify error"); | |
708 | emv_pk_free(pk); | |
709 | emv_pk_free(issuer_pk); | |
710 | emv_pk_free(icc_pk); | |
711 | return 4; | |
712 | } | |
713 | ||
714 | PrintAndLogEx(NORMAL, "\n* Calc DDOL"); | |
715 | const struct tlv *ddol_tlv = tlvdb_get(tlv, 0x9f49, NULL); | |
716 | if (!ddol_tlv) { | |
717 | ddol_tlv = &default_ddol_tlv; | |
718 | PrintAndLogEx(NORMAL, "DDOL [9f49] not found. Using default DDOL"); | |
719 | } | |
720 | ||
721 | struct tlv *ddol_data_tlv = dol_process(ddol_tlv, tlv, 0); | |
722 | if (!ddol_data_tlv) { | |
723 | PrintAndLogEx(WARNING, "Error: Can't create DDOL TLV"); | |
724 | emv_pk_free(pk); | |
725 | emv_pk_free(issuer_pk); | |
726 | emv_pk_free(icc_pk); | |
727 | return 5; | |
728 | } | |
729 | ||
730 | PrintAndLogEx(NORMAL, "DDOL data[%d]: %s", ddol_data_tlv->len, sprint_hex(ddol_data_tlv->value, ddol_data_tlv->len)); | |
731 | ||
732 | PrintAndLogEx(NORMAL, "\n* Internal Authenticate"); | |
733 | int res = EMVInternalAuthenticate(channel, true, (uint8_t *)ddol_data_tlv->value, ddol_data_tlv->len, buf, sizeof(buf), &len, &sw, NULL); | |
734 | if (res) { | |
735 | PrintAndLogEx(WARNING, "Internal Authenticate error(%d): %4x. Exit...", res, sw); | |
736 | free(ddol_data_tlv); | |
737 | emv_pk_free(pk); | |
738 | emv_pk_free(issuer_pk); | |
739 | emv_pk_free(icc_pk); | |
740 | return 6; | |
741 | } | |
742 | ||
743 | struct tlvdb *dda_db = NULL; | |
744 | if (buf[0] == 0x80) { | |
745 | if (len < 3 ) { | |
746 | PrintAndLogEx(WARNING, "Error: Internal Authenticate format1 parsing error. length=%d", len); | |
747 | } else { | |
748 | // 9f4b Signed Dynamic Application Data | |
749 | dda_db = tlvdb_fixed(0x9f4b, len - 2, buf + 2); | |
750 | tlvdb_add(tlv, dda_db); | |
751 | if (decodeTLV){ | |
752 | PrintAndLogEx(NORMAL, "* * Decode response format 1:"); | |
753 | TLVPrintFromTLV(dda_db); | |
754 | } | |
755 | } | |
756 | } else { | |
757 | dda_db = tlvdb_parse_multi(buf, len); | |
758 | if(!dda_db) { | |
759 | PrintAndLogEx(WARNING, "Error: Can't parse Internal Authenticate result as TLV"); | |
760 | free(ddol_data_tlv); | |
761 | emv_pk_free(pk); | |
762 | emv_pk_free(issuer_pk); | |
763 | emv_pk_free(icc_pk); | |
764 | return 7; | |
765 | } | |
766 | tlvdb_add(tlv, dda_db); | |
767 | ||
768 | if (decodeTLV) | |
769 | TLVPrintFromTLV(dda_db); | |
770 | } | |
771 | ||
772 | struct tlvdb *idn_db = emv_pki_recover_idn_ex(icc_pk, dda_db, ddol_data_tlv, true); | |
773 | free(ddol_data_tlv); | |
774 | if (!idn_db) { | |
775 | PrintAndLogEx(WARNING, "Error: Can't recover IDN (ICC Dynamic Number)"); | |
776 | tlvdb_free(dda_db); | |
777 | emv_pk_free(pk); | |
778 | emv_pk_free(issuer_pk); | |
779 | emv_pk_free(icc_pk); | |
780 | return 8; | |
781 | } | |
782 | tlvdb_free(dda_db); | |
783 | ||
784 | // 9f4c ICC Dynamic Number | |
785 | const struct tlv *idn_tlv = tlvdb_get(idn_db, 0x9f4c, NULL); | |
786 | if(idn_tlv) { | |
787 | PrintAndLogEx(NORMAL, "\nIDN (ICC Dynamic Number) [%zu] %s", idn_tlv->len, sprint_hex_inrow(idn_tlv->value, idn_tlv->len)); | |
788 | PrintAndLogEx(NORMAL, "DDA verified OK."); | |
789 | tlvdb_add(tlv, idn_db); | |
790 | tlvdb_free(idn_db); | |
791 | } else { | |
792 | PrintAndLogEx(NORMAL, "\nERROR: DDA verify error"); | |
793 | tlvdb_free(idn_db); | |
794 | ||
795 | emv_pk_free(pk); | |
796 | emv_pk_free(issuer_pk); | |
797 | emv_pk_free(icc_pk); | |
798 | return 9; | |
799 | } | |
800 | } | |
801 | ||
802 | emv_pk_free(pk); | |
803 | emv_pk_free(issuer_pk); | |
804 | emv_pk_free(icc_pk); | |
805 | return 0; | |
806 | } | |
807 | ||
808 | int trCDA(struct tlvdb *tlv, struct tlvdb *ac_tlv, struct tlv *pdol_data_tlv, struct tlv *ac_data_tlv) { | |
809 | ||
810 | struct emv_pk *pk = get_ca_pk(tlv); | |
811 | if (!pk) { | |
812 | PrintAndLogEx(WARNING, "Error: Key not found. Exit."); | |
813 | return 2; | |
814 | } | |
815 | ||
816 | const struct tlv *sda_tlv = tlvdb_get(tlv, 0x21, NULL); | |
817 | if (!sda_tlv || sda_tlv->len < 1) { | |
818 | PrintAndLogEx(WARNING, "Error: Can't find input list for Offline Data Authentication. Exit."); | |
819 | emv_pk_free(pk); | |
820 | return 3; | |
821 | } | |
822 | ||
823 | struct emv_pk *issuer_pk = emv_pki_recover_issuer_cert(pk, tlv); | |
824 | if (!issuer_pk) { | |
825 | PrintAndLogEx(WARNING, "Error: Issuer certificate not found. Exit."); | |
826 | emv_pk_free(pk); | |
827 | return 2; | |
828 | } | |
829 | PrintAndLogEx(SUCCESS, "Issuer PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx\n", | |
830 | issuer_pk->rid[0], | |
831 | issuer_pk->rid[1], | |
832 | issuer_pk->rid[2], | |
833 | issuer_pk->rid[3], | |
834 | issuer_pk->rid[4], | |
835 | issuer_pk->index, | |
836 | issuer_pk->serial[0], | |
837 | issuer_pk->serial[1], | |
838 | issuer_pk->serial[2] | |
839 | ); | |
840 | ||
841 | struct emv_pk *icc_pk = emv_pki_recover_icc_cert(issuer_pk, tlv, sda_tlv); | |
842 | if (!icc_pk) { | |
843 | PrintAndLogEx(WARNING, "Error: ICC setrificate not found. Exit."); | |
844 | emv_pk_free(pk); | |
845 | emv_pk_free(issuer_pk); | |
846 | return 2; | |
847 | } | |
848 | PrintAndLogEx(SUCCESS, "ICC PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx\n", | |
849 | icc_pk->rid[0], | |
850 | icc_pk->rid[1], | |
851 | icc_pk->rid[2], | |
852 | icc_pk->rid[3], | |
853 | icc_pk->rid[4], | |
854 | icc_pk->index, | |
855 | icc_pk->serial[0], | |
856 | icc_pk->serial[1], | |
857 | icc_pk->serial[2] | |
858 | ); | |
859 | ||
860 | struct tlvdb *dac_db = emv_pki_recover_dac(issuer_pk, tlv, sda_tlv); | |
861 | if (dac_db) { | |
862 | const struct tlv *dac_tlv = tlvdb_get(dac_db, 0x9f45, NULL); | |
863 | PrintAndLogEx(NORMAL, "SSAD verified OK. (%02hhx:%02hhx)", dac_tlv->value[0], dac_tlv->value[1]); | |
864 | tlvdb_add(tlv, dac_db); | |
865 | } else { | |
866 | PrintAndLogEx(WARNING, "Error: SSAD verify error"); | |
867 | emv_pk_free(pk); | |
868 | emv_pk_free(issuer_pk); | |
869 | emv_pk_free(icc_pk); | |
870 | return 4; | |
871 | } | |
872 | ||
873 | PrintAndLogEx(NORMAL, "\n* * Check Signed Dynamic Application Data (SDAD)"); | |
874 | struct tlvdb *idn_db = emv_pki_perform_cda_ex(icc_pk, tlv, ac_tlv, | |
875 | pdol_data_tlv, // pdol | |
876 | ac_data_tlv, // cdol1 | |
877 | NULL, // cdol2 | |
878 | true); | |
879 | if (idn_db) { | |
880 | const struct tlv *idn_tlv = tlvdb_get(idn_db, 0x9f4c, NULL); | |
881 | PrintAndLogEx(NORMAL, "\nIDN (ICC Dynamic Number) [%zu] %s", idn_tlv->len, sprint_hex_inrow(idn_tlv->value, idn_tlv->len)); | |
882 | PrintAndLogEx(NORMAL, "CDA verified OK."); | |
883 | tlvdb_add(tlv, idn_db); | |
884 | } else { | |
885 | PrintAndLogEx(NORMAL, "\nERROR: CDA verify error"); | |
886 | } | |
887 | ||
888 | emv_pk_free(pk); | |
889 | emv_pk_free(issuer_pk); | |
890 | emv_pk_free(icc_pk); | |
891 | return 0; | |
892 | } | |
893 | ||
894 | int RecoveryCertificates(struct tlvdb *tlvRoot, json_t *root) { | |
895 | ||
896 | struct emv_pk *pk = get_ca_pk(tlvRoot); | |
897 | if (!pk) { | |
898 | PrintAndLog("ERROR: Key not found. Exit."); | |
899 | return 1; | |
900 | } | |
901 | ||
902 | struct emv_pk *issuer_pk = emv_pki_recover_issuer_cert(pk, tlvRoot); | |
903 | if (!issuer_pk) { | |
904 | emv_pk_free(pk); | |
905 | PrintAndLog("WARNING: Issuer certificate not found. Exit."); | |
906 | return 2; | |
907 | } | |
908 | PrintAndLogEx(SUCCESS, "Issuer PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx", | |
909 | issuer_pk->rid[0], | |
910 | issuer_pk->rid[1], | |
911 | issuer_pk->rid[2], | |
912 | issuer_pk->rid[3], | |
913 | issuer_pk->rid[4], | |
914 | issuer_pk->index, | |
915 | issuer_pk->serial[0], | |
916 | issuer_pk->serial[1], | |
917 | issuer_pk->serial[2] | |
918 | ); | |
919 | ||
920 | JsonSaveBufAsHex(root, "$.ApplicationData.RID", issuer_pk->rid, 5); | |
921 | ||
922 | char *issuer_pk_c = emv_pk_dump_pk(issuer_pk); | |
923 | JsonSaveStr(root, "$.ApplicationData.IssuerPublicKeyDec", issuer_pk_c); | |
924 | JsonSaveBufAsHex(root, "$.ApplicationData.IssuerPublicKeyModulus", issuer_pk->modulus, issuer_pk->mlen); | |
925 | free(issuer_pk_c); | |
926 | ||
927 | struct emv_pk *icc_pk = emv_pki_recover_icc_cert(issuer_pk, tlvRoot, NULL); | |
928 | if (!icc_pk) { | |
929 | emv_pk_free(pk); | |
930 | emv_pk_free(issuer_pk); | |
931 | PrintAndLogEx(WARNING, "WARNING: ICC certificate not found. Exit."); | |
932 | return 2; | |
933 | } | |
934 | PrintAndLogEx(SUCCESS, "ICC PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx\n", | |
935 | icc_pk->rid[0], | |
936 | icc_pk->rid[1], | |
937 | icc_pk->rid[2], | |
938 | icc_pk->rid[3], | |
939 | icc_pk->rid[4], | |
940 | icc_pk->index, | |
941 | icc_pk->serial[0], | |
942 | icc_pk->serial[1], | |
943 | icc_pk->serial[2] | |
944 | ); | |
945 | ||
946 | char *icc_pk_c = emv_pk_dump_pk(icc_pk); | |
947 | JsonSaveStr(root, "$.ApplicationData.ICCPublicKeyDec", icc_pk_c); | |
948 | JsonSaveBufAsHex(root, "$.ApplicationData.ICCPublicKeyModulus", icc_pk->modulus, icc_pk->mlen); | |
949 | free(issuer_pk_c); | |
950 | ||
951 | return 0; | |
952 | } |