FIDO U2F NFC authenticators (#697)
[proxmark3-svn] / client / emv / emvcore.c
1 //-----------------------------------------------------------------------------
2 // Copyright (C) 2017 Merlok
3 //
4 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
5 // at your option, any later version. See the LICENSE.txt file for the text of
6 // the license.
7 //-----------------------------------------------------------------------------
8 // EMV core functions
9 //-----------------------------------------------------------------------------
10
11 #include "emvcore.h"
12 #include "emvjson.h"
13 #include "util_posix.h"
14
15 // Got from here. Thanks)
16 // https://eftlab.co.uk/index.php/site-map/knowledge-base/211-emv-aid-rid-pix
17 static const char *PSElist [] = {
18 "325041592E5359532E4444463031", // 2PAY.SYS.DDF01 - Visa Proximity Payment System Environment - PPSE
19 "315041592E5359532E4444463031" // 1PAY.SYS.DDF01 - Visa Payment System Environment - PSE
20 };
21 //static const size_t PSElistLen = sizeof(PSElist)/sizeof(char*);
22
23 char *TransactionTypeStr[] = {
24 "MSD",
25 "VSDC",
26 "qVCDCMCHIP",
27 "CDA"
28 };
29
30 typedef struct {
31 enum CardPSVendor vendor;
32 const char* aid;
33 } TAIDList;
34
35 static const TAIDList AIDlist [] = {
36 // Visa International
37 { CV_VISA, "A00000000305076010"}, // VISA ELO Credit
38 { CV_VISA, "A0000000031010" }, // VISA Debit/Credit (Classic)
39 { CV_VISA, "A000000003101001" }, // VISA Credit
40 { CV_VISA, "A000000003101002" }, // VISA Debit
41 { CV_VISA, "A0000000032010" }, // VISA Electron
42 { CV_VISA, "A0000000032020" }, // VISA
43 { CV_VISA, "A0000000033010" }, // VISA Interlink
44 { CV_VISA, "A0000000034010" }, // VISA Specific
45 { CV_VISA, "A0000000035010" }, // VISA Specific
46 { CV_VISA, "A0000000036010" }, // Domestic Visa Cash Stored Value
47 { CV_VISA, "A0000000036020" }, // International Visa Cash Stored Value
48 { CV_VISA, "A0000000038002" }, // VISA Auth, VisaRemAuthen EMV-CAP (DPA)
49 { CV_VISA, "A0000000038010" }, // VISA Plus
50 { CV_VISA, "A0000000039010" }, // VISA Loyalty
51 { CV_VISA, "A000000003999910" }, // VISA Proprietary ATM
52 // Visa USA
53 { CV_VISA, "A000000098" }, // Debit Card
54 { CV_VISA, "A0000000980848" }, // Debit Card
55 // Mastercard International
56 { CV_MASTERCARD, "A00000000401" }, // MasterCard PayPass
57 { CV_MASTERCARD, "A0000000041010" }, // MasterCard Credit
58 { CV_MASTERCARD, "A00000000410101213" }, // MasterCard Credit
59 { CV_MASTERCARD, "A00000000410101215" }, // MasterCard Credit
60 { CV_MASTERCARD, "A0000000042010" }, // MasterCard Specific
61 { CV_MASTERCARD, "A0000000043010" }, // MasterCard Specific
62 { CV_MASTERCARD, "A0000000043060" }, // Maestro (Debit)
63 { CV_MASTERCARD, "A000000004306001" }, // Maestro (Debit)
64 { CV_MASTERCARD, "A0000000044010" }, // MasterCard Specific
65 { CV_MASTERCARD, "A0000000045010" }, // MasterCard Specific
66 { CV_MASTERCARD, "A0000000046000" }, // Cirrus
67 { CV_MASTERCARD, "A0000000048002" }, // SecureCode Auth EMV-CAP
68 { CV_MASTERCARD, "A0000000049999" }, // MasterCard PayPass
69 // American Express
70 { CV_AMERICANEXPRESS, "A000000025" },
71 { CV_AMERICANEXPRESS, "A0000000250000" },
72 { CV_AMERICANEXPRESS, "A00000002501" },
73 { CV_AMERICANEXPRESS, "A000000025010402" },
74 { CV_AMERICANEXPRESS, "A000000025010701" },
75 { CV_AMERICANEXPRESS, "A000000025010801" },
76 // Groupement des Cartes Bancaires "CB"
77 { CV_CB, "A0000000421010" }, // Cartes Bancaire EMV Card
78 { CV_CB, "A0000000422010" },
79 { CV_CB, "A0000000423010" },
80 { CV_CB, "A0000000424010" },
81 { CV_CB, "A0000000425010" },
82 // JCB CO., LTD.
83 { CV_JCB, "A00000006510" }, // JCB
84 { CV_JCB, "A0000000651010" }, // JCB J Smart Credit
85 // Other
86 { CV_OTHER, "A0000001544442" }, // Banricompras Debito - Banrisul - Banco do Estado do Rio Grande do SUL - S.A.
87 { CV_OTHER, "F0000000030001" }, // BRADESCO
88 { CV_OTHER, "A0000005241010" }, // RuPay - RuPay
89 { CV_OTHER, "D5780000021010" } // Bankaxept - Bankaxept
90 };
91 static const size_t AIDlistLen = sizeof(AIDlist)/sizeof(TAIDList);
92
93 static bool APDULogging = false;
94 void SetAPDULogging(bool logging) {
95 APDULogging = logging;
96 }
97
98 enum CardPSVendor GetCardPSVendor(uint8_t * AID, size_t AIDlen) {
99 char buf[100] = {0};
100 if (AIDlen < 1)
101 return CV_NA;
102
103 hex_to_buffer((uint8_t *)buf, AID, AIDlen, sizeof(buf) - 1, 0, 0, true);
104
105 for(int i = 0; i < AIDlistLen; i ++) {
106 if (strncmp(AIDlist[i].aid, buf, strlen(AIDlist[i].aid)) == 0){
107 return AIDlist[i].vendor;
108 }
109 }
110
111 return CV_NA;
112 }
113
114 static bool print_cb(void *data, const struct tlv *tlv, int level, bool is_leaf) {
115 emv_tag_dump(tlv, stdout, level);
116 if (is_leaf) {
117 dump_buffer(tlv->value, tlv->len, stdout, level);
118 }
119
120 return true;
121 }
122
123 void TLVPrintFromBuffer(uint8_t *data, int datalen) {
124 struct tlvdb *t = NULL;
125 t = tlvdb_parse_multi(data, datalen);
126 if (t) {
127 PrintAndLog("-------------------- TLV decoded --------------------");
128
129 tlvdb_visit(t, print_cb, NULL, 0);
130 tlvdb_free(t);
131 } else {
132 PrintAndLog("TLV ERROR: Can't parse response as TLV tree.");
133 }
134 }
135
136 void TLVPrintFromTLVLev(struct tlvdb *tlv, int level) {
137 if (!tlv)
138 return;
139
140 tlvdb_visit(tlv, print_cb, NULL, level);
141 }
142
143 void TLVPrintFromTLV(struct tlvdb *tlv) {
144 TLVPrintFromTLVLev(tlv, 0);
145 }
146
147 void TLVPrintAIDlistFromSelectTLV(struct tlvdb *tlv) {
148 PrintAndLog("|------------------|--------|-------------------------|");
149 PrintAndLog("| AID |Priority| Name |");
150 PrintAndLog("|------------------|--------|-------------------------|");
151
152 struct tlvdb *ttmp = tlvdb_find(tlv, 0x6f);
153 if (!ttmp)
154 PrintAndLog("| none |");
155
156 while (ttmp) {
157 const struct tlv *tgAID = tlvdb_get_inchild(ttmp, 0x84, NULL);
158 const struct tlv *tgName = tlvdb_get_inchild(ttmp, 0x50, NULL);
159 const struct tlv *tgPrio = tlvdb_get_inchild(ttmp, 0x87, NULL);
160 if (!tgAID)
161 break;
162 PrintAndLog("|%s| %s |%s|",
163 sprint_hex_inrow_ex(tgAID->value, tgAID->len, 18),
164 (tgPrio) ? sprint_hex(tgPrio->value, 1) : " ",
165 (tgName) ? sprint_ascii_ex(tgName->value, tgName->len, 25) : " ");
166
167 ttmp = tlvdb_find_next(ttmp, 0x6f);
168 }
169
170 PrintAndLog("|------------------|--------|-------------------------|");
171 }
172
173 struct tlvdb *GetPANFromTrack2(const struct tlv *track2) {
174 char track2Hex[200] = {0};
175 uint8_t PAN[100] = {0};
176 int PANlen = 0;
177 char *tmp = track2Hex;
178
179 if (!track2)
180 return NULL;
181
182 for (int i = 0; i < track2->len; ++i, tmp += 2)
183 sprintf(tmp, "%02x", (unsigned int)track2->value[i]);
184
185 int posD = strchr(track2Hex, 'd') - track2Hex;
186 if (posD < 1)
187 return NULL;
188
189 track2Hex[posD] = 0;
190 if (strlen(track2Hex) % 2) {
191 track2Hex[posD] = 'F';
192 track2Hex[posD + 1] = '\0';
193 }
194
195 param_gethex_to_eol(track2Hex, 0, PAN, sizeof(PAN), &PANlen);
196
197 return tlvdb_fixed(0x5a, PANlen, PAN);
198 }
199
200 struct tlvdb *GetdCVVRawFromTrack2(const struct tlv *track2) {
201 char track2Hex[200] = {0};
202 char dCVVHex[100] = {0};
203 uint8_t dCVV[100] = {0};
204 int dCVVlen = 0;
205 const int PINlen = 5; // must calculated from 9F67 MSD Offset but i have not seen this tag)
206 char *tmp = track2Hex;
207
208 if (!track2)
209 return NULL;
210
211 for (int i = 0; i < track2->len; ++i, tmp += 2)
212 sprintf(tmp, "%02x", (unsigned int)track2->value[i]);
213
214 int posD = strchr(track2Hex, 'd') - track2Hex;
215 if (posD < 1)
216 return NULL;
217
218 memset(dCVVHex, '0', 32);
219 // ATC
220 memcpy(dCVVHex + 0, track2Hex + posD + PINlen + 11, 4);
221 // PAN 5 hex
222 memcpy(dCVVHex + 4, track2Hex, 5);
223 // expire date
224 memcpy(dCVVHex + 9, track2Hex + posD + 1, 4);
225 // service code
226 memcpy(dCVVHex + 13, track2Hex + posD + 5, 3);
227
228 param_gethex_to_eol(dCVVHex, 0, dCVV, sizeof(dCVV), &dCVVlen);
229
230 return tlvdb_fixed(0x02, dCVVlen, dCVV);
231 }
232
233 int EMVExchangeEx(bool ActivateField, bool LeaveFieldON, sAPDU apdu, bool IncludeLe, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) {
234 uint8_t data[APDU_RES_LEN] = {0};
235
236 *ResultLen = 0;
237 if (sw) *sw = 0;
238 uint16_t isw = 0;
239
240 if (ActivateField){
241 DropField();
242 msleep(50);
243 }
244
245 // COMPUTE APDU
246 memcpy(data, &apdu, 5);
247 if (apdu.data)
248 memcpy(&data[5], apdu.data, apdu.Lc);
249
250 if (APDULogging)
251 PrintAndLog(">>>> %s", sprint_hex(data, (IncludeLe?6:5) + apdu.Lc));
252
253 // 6 byes + data = INS + CLA + P1 + P2 + Lc + <data = Nc> + Le(?IncludeLe)
254 int res = ExchangeAPDU14a(data, (IncludeLe?6:5) + apdu.Lc, ActivateField, LeaveFieldON, Result, (int)MaxResultLen, (int *)ResultLen);
255
256 if (res) {
257 return res;
258 }
259
260 if (APDULogging)
261 PrintAndLog("<<<< %s", sprint_hex(Result, *ResultLen));
262
263 *ResultLen -= 2;
264 isw = Result[*ResultLen] * 0x0100 + Result[*ResultLen + 1];
265 if (sw)
266 *sw = isw;
267
268 if (isw != 0x9000) {
269 if (APDULogging) {
270 if (*sw >> 8 == 0x61) {
271 PrintAndLog("APDU chaining len:%02x -->", *sw & 0xff);
272 } else {
273 PrintAndLog("APDU(%02x%02x) ERROR: [%4X] %s", apdu.CLA, apdu.INS, isw, GetAPDUCodeDescription(*sw >> 8, *sw & 0xff));
274 return 5;
275 }
276 }
277 }
278
279 // add to tlv tree
280 if (tlv) {
281 struct tlvdb *t = tlvdb_parse_multi(Result, *ResultLen);
282 tlvdb_add(tlv, t);
283 }
284
285 return 0;
286 }
287
288 int EMVExchange(bool LeaveFieldON, sAPDU apdu, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) {
289 return EMVExchangeEx(false, LeaveFieldON, apdu, true, Result, MaxResultLen, ResultLen, sw, tlv);
290 }
291
292 int EMVSelect(bool ActivateField, bool LeaveFieldON, uint8_t *AID, size_t AIDLen, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) {
293 return EMVExchangeEx(ActivateField, LeaveFieldON, (sAPDU){0x00, 0xa4, 0x04, 0x00, AIDLen, AID}, true, Result, MaxResultLen, ResultLen, sw, tlv);
294 }
295
296 int EMVSelectPSE(bool ActivateField, bool LeaveFieldON, uint8_t PSENum, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw) {
297 uint8_t buf[APDU_AID_LEN] = {0};
298 *ResultLen = 0;
299 int len = 0;
300 int res = 0;
301 switch (PSENum) {
302 case 1:
303 param_gethex_to_eol(PSElist[1], 0, buf, sizeof(buf), &len);
304 break;
305 case 2:
306 param_gethex_to_eol(PSElist[0], 0, buf, sizeof(buf), &len);
307 break;
308 default:
309 return -1;
310 }
311
312 // select
313 res = EMVSelect(ActivateField, LeaveFieldON, buf, len, Result, MaxResultLen, ResultLen, sw, NULL);
314
315 return res;
316 }
317
318 int EMVSearchPSE(bool ActivateField, bool LeaveFieldON, bool decodeTLV, struct tlvdb *tlv) {
319 uint8_t data[APDU_RES_LEN] = {0};
320 size_t datalen = 0;
321 uint16_t sw = 0;
322 int res;
323
324 // select PPSE
325 res = EMVSelectPSE(ActivateField, true, 2, data, sizeof(data), &datalen, &sw);
326
327 if (!res){
328 struct tlvdb *t = NULL;
329 t = tlvdb_parse_multi(data, datalen);
330 if (t) {
331 int retrycnt = 0;
332 struct tlvdb *ttmp = tlvdb_find_path(t, (tlv_tag_t[]){0x6f, 0xa5, 0xbf0c, 0x61, 0x00});
333 if (!ttmp)
334 PrintAndLog("PPSE don't have records.");
335
336 while (ttmp) {
337 const struct tlv *tgAID = tlvdb_get_inchild(ttmp, 0x4f, NULL);
338 if (tgAID) {
339 res = EMVSelect(false, true, (uint8_t *)tgAID->value, tgAID->len, data, sizeof(data), &datalen, &sw, tlv);
340
341 // retry if error and not returned sw error
342 if (res && res != 5) {
343 if (++retrycnt < 3){
344 continue;
345 } else {
346 // card select error, proxmark error
347 if (res == 1) {
348 PrintAndLog("Exit...");
349 return 1;
350 }
351
352 retrycnt = 0;
353 PrintAndLog("Retry failed [%s]. Skiped...", sprint_hex_inrow(tgAID->value, tgAID->len));
354 }
355
356 // next element
357 ttmp = tlvdb_find_next(ttmp, 0x61);
358 continue;
359 }
360 retrycnt = 0;
361
362 // all is ok
363 if (decodeTLV){
364 PrintAndLog("%s:", sprint_hex_inrow(tgAID->value, tgAID->len));
365 TLVPrintFromBuffer(data, datalen);
366 }
367 }
368
369 ttmp = tlvdb_find_next(ttmp, 0x61);
370 }
371
372 tlvdb_free(t);
373 } else {
374 PrintAndLog("PPSE ERROR: Can't get TLV from response.");
375 }
376 } else {
377 PrintAndLog("PPSE ERROR: Can't select PPSE AID. Error: %d", res);
378 }
379
380 if(!LeaveFieldON)
381 DropField();
382
383 return res;
384 }
385
386 int EMVSearch(bool ActivateField, bool LeaveFieldON, bool decodeTLV, struct tlvdb *tlv) {
387 uint8_t aidbuf[APDU_AID_LEN] = {0};
388 int aidlen = 0;
389 uint8_t data[APDU_RES_LEN] = {0};
390 size_t datalen = 0;
391 uint16_t sw = 0;
392
393 int res = 0;
394 int retrycnt = 0;
395 for(int i = 0; i < AIDlistLen; i ++) {
396 param_gethex_to_eol(AIDlist[i].aid, 0, aidbuf, sizeof(aidbuf), &aidlen);
397 res = EMVSelect((i == 0) ? ActivateField : false, (i == AIDlistLen - 1) ? LeaveFieldON : true, aidbuf, aidlen, data, sizeof(data), &datalen, &sw, tlv);
398 // retry if error and not returned sw error
399 if (res && res != 5) {
400 if (++retrycnt < 3){
401 i--;
402 } else {
403 // card select error, proxmark error
404 if (res == 1) {
405 PrintAndLog("Exit...");
406 return 1;
407 }
408
409 retrycnt = 0;
410 PrintAndLog("Retry failed [%s]. Skiped...", AIDlist[i].aid);
411 }
412 continue;
413 }
414 retrycnt = 0;
415
416 if (res)
417 continue;
418
419 if (decodeTLV){
420 PrintAndLog("%s:", AIDlist[i].aid);
421 TLVPrintFromBuffer(data, datalen);
422 }
423 }
424
425 return 0;
426 }
427
428 int EMVSelectApplication(struct tlvdb *tlv, uint8_t *AID, size_t *AIDlen) {
429 // check priority. 0x00 - highest
430 int prio = 0xffff;
431
432 *AIDlen = 0;
433
434 struct tlvdb *ttmp = tlvdb_find(tlv, 0x6f);
435 if (!ttmp)
436 return 1;
437
438 while (ttmp) {
439 const struct tlv *tgAID = tlvdb_get_inchild(ttmp, 0x84, NULL);
440 const struct tlv *tgPrio = tlvdb_get_inchild(ttmp, 0x87, NULL);
441
442 if (!tgAID)
443 break;
444
445 if (tgPrio) {
446 int pt = bytes_to_num((uint8_t*)tgPrio->value, (tgPrio->len < 2) ? tgPrio->len : 2);
447 if (pt < prio) {
448 prio = pt;
449
450 memcpy(AID, tgAID->value, tgAID->len);
451 *AIDlen = tgAID->len;
452 }
453 } else {
454 // takes the first application from list wo priority
455 if (!*AIDlen) {
456 memcpy(AID, tgAID->value, tgAID->len);
457 *AIDlen = tgAID->len;
458 }
459 }
460
461 ttmp = tlvdb_find_next(ttmp, 0x6f);
462 }
463
464 return 0;
465 }
466
467 int EMVGPO(bool LeaveFieldON, uint8_t *PDOL, size_t PDOLLen, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) {
468 return EMVExchange(LeaveFieldON, (sAPDU){0x80, 0xa8, 0x00, 0x00, PDOLLen, PDOL}, Result, MaxResultLen, ResultLen, sw, tlv);
469 }
470
471 int EMVReadRecord(bool LeaveFieldON, uint8_t SFI, uint8_t SFIrec, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) {
472 int res = EMVExchange(LeaveFieldON, (sAPDU){0x00, 0xb2, SFIrec, (SFI << 3) | 0x04, 0, NULL}, Result, MaxResultLen, ResultLen, sw, tlv);
473 if (*sw == 0x6700) {
474 PrintAndLog(">>> trying to reissue command withouth Le...");
475 res = EMVExchangeEx(false, LeaveFieldON, (sAPDU){0x00, 0xb2, SFIrec, (SFI << 3) | 0x04, 0, NULL}, false, Result, MaxResultLen, ResultLen, sw, tlv);
476 }
477 return res;
478 }
479
480 int EMVAC(bool LeaveFieldON, uint8_t RefControl, uint8_t *CDOL, size_t CDOLLen, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) {
481 return EMVExchange(LeaveFieldON, (sAPDU){0x80, 0xae, RefControl, 0x00, CDOLLen, CDOL}, Result, MaxResultLen, ResultLen, sw, tlv);
482 }
483
484 int EMVGenerateChallenge(bool LeaveFieldON, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) {
485 int res = EMVExchange(LeaveFieldON, (sAPDU){0x00, 0x84, 0x00, 0x00, 0x00, NULL}, Result, MaxResultLen, ResultLen, sw, tlv);
486 if (*sw == 0x6700) {
487 PrintAndLog(">>> trying to reissue command withouth Le...");
488 res = EMVExchangeEx(false, LeaveFieldON, (sAPDU){0x00, 0x84, 0x00, 0x00, 0x00, NULL}, false, Result, MaxResultLen, ResultLen, sw, tlv);
489 }
490 return res;
491 }
492
493 int EMVInternalAuthenticate(bool LeaveFieldON, uint8_t *DDOL, size_t DDOLLen, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) {
494 return EMVExchange(LeaveFieldON, (sAPDU){0x00, 0x88, 0x00, 0x00, DDOLLen, DDOL}, Result, MaxResultLen, ResultLen, sw, tlv);
495 }
496
497 int MSCComputeCryptoChecksum(bool LeaveFieldON, uint8_t *UDOL, uint8_t UDOLlen, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) {
498 return EMVExchange(LeaveFieldON, (sAPDU){0x80, 0x2a, 0x8e, 0x80, UDOLlen, UDOL}, Result, MaxResultLen, ResultLen, sw, tlv);
499 }
500
501 // Authentication
502 static struct emv_pk *get_ca_pk(struct tlvdb *db) {
503 const struct tlv *df_tlv = tlvdb_get(db, 0x84, NULL);
504 const struct tlv *caidx_tlv = tlvdb_get(db, 0x8f, NULL);
505
506 if (!df_tlv || !caidx_tlv || df_tlv->len < 6 || caidx_tlv->len != 1)
507 return NULL;
508
509 PrintAndLog("CA public key index 0x%0x", caidx_tlv->value[0]);
510 return emv_pk_get_ca_pk(df_tlv->value, caidx_tlv->value[0]);
511 }
512
513 int trSDA(struct tlvdb *tlv) {
514
515 struct emv_pk *pk = get_ca_pk(tlv);
516 if (!pk) {
517 PrintAndLog("ERROR: Key not found. Exit.");
518 return 2;
519 }
520
521 struct emv_pk *issuer_pk = emv_pki_recover_issuer_cert(pk, tlv);
522 if (!issuer_pk) {
523 emv_pk_free(pk);
524 PrintAndLog("ERROR: Issuer certificate not found. Exit.");
525 return 2;
526 }
527
528 PrintAndLog("Issuer PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx",
529 issuer_pk->rid[0],
530 issuer_pk->rid[1],
531 issuer_pk->rid[2],
532 issuer_pk->rid[3],
533 issuer_pk->rid[4],
534 issuer_pk->index,
535 issuer_pk->serial[0],
536 issuer_pk->serial[1],
537 issuer_pk->serial[2]
538 );
539
540 const struct tlv *sda_tlv = tlvdb_get(tlv, 0x21, NULL);
541 if (!sda_tlv || sda_tlv->len < 1) {
542 emv_pk_free(issuer_pk);
543 emv_pk_free(pk);
544 PrintAndLog("ERROR: Can't find input list for Offline Data Authentication. Exit.");
545 return 3;
546 }
547
548 struct tlvdb *dac_db = emv_pki_recover_dac(issuer_pk, tlv, sda_tlv);
549 if (dac_db) {
550 const struct tlv *dac_tlv = tlvdb_get(dac_db, 0x9f45, NULL);
551 PrintAndLog("SDA verified OK. (%02hhx:%02hhx)\n", dac_tlv->value[0], dac_tlv->value[1]);
552 tlvdb_add(tlv, dac_db);
553 } else {
554 emv_pk_free(issuer_pk);
555 emv_pk_free(pk);
556 PrintAndLog("ERROR: SSAD verify error");
557 return 4;
558 }
559
560 emv_pk_free(issuer_pk);
561 emv_pk_free(pk);
562 return 0;
563 }
564
565 static const unsigned char default_ddol_value[] = {0x9f, 0x37, 0x04};
566 static struct tlv default_ddol_tlv = {.tag = 0x9f49, .len = 3, .value = default_ddol_value };
567
568 int trDDA(bool decodeTLV, struct tlvdb *tlv) {
569 uint8_t buf[APDU_RES_LEN] = {0};
570 size_t len = 0;
571 uint16_t sw = 0;
572
573 struct emv_pk *pk = get_ca_pk(tlv);
574 if (!pk) {
575 PrintAndLog("ERROR: Key not found. Exit.");
576 return 2;
577 }
578
579 const struct tlv *sda_tlv = tlvdb_get(tlv, 0x21, NULL);
580 if (!sda_tlv || sda_tlv->len < 1) {
581 emv_pk_free(pk);
582 PrintAndLog("ERROR: Can't find input list for Offline Data Authentication. Exit.");
583 return 3;
584 }
585
586 struct emv_pk *issuer_pk = emv_pki_recover_issuer_cert(pk, tlv);
587 if (!issuer_pk) {
588 emv_pk_free(pk);
589 PrintAndLog("ERROR: Issuer certificate not found. Exit.");
590 return 2;
591 }
592 printf("Issuer PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx\n",
593 issuer_pk->rid[0],
594 issuer_pk->rid[1],
595 issuer_pk->rid[2],
596 issuer_pk->rid[3],
597 issuer_pk->rid[4],
598 issuer_pk->index,
599 issuer_pk->serial[0],
600 issuer_pk->serial[1],
601 issuer_pk->serial[2]
602 );
603
604 struct emv_pk *icc_pk = emv_pki_recover_icc_cert(issuer_pk, tlv, sda_tlv);
605 if (!icc_pk) {
606 emv_pk_free(pk);
607 emv_pk_free(issuer_pk);
608 PrintAndLog("ERROR: ICC setrificate not found. Exit.");
609 return 2;
610 }
611 printf("ICC PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx\n",
612 icc_pk->rid[0],
613 icc_pk->rid[1],
614 icc_pk->rid[2],
615 icc_pk->rid[3],
616 icc_pk->rid[4],
617 icc_pk->index,
618 icc_pk->serial[0],
619 icc_pk->serial[1],
620 icc_pk->serial[2]
621 );
622
623 struct emv_pk *icc_pe_pk = emv_pki_recover_icc_pe_cert(issuer_pk, tlv);
624 if (!icc_pe_pk) {
625 PrintAndLog("WARNING: ICC PE PK recover error. ");
626 } else {
627 printf("ICC PE PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx\n",
628 icc_pe_pk->rid[0],
629 icc_pe_pk->rid[1],
630 icc_pe_pk->rid[2],
631 icc_pe_pk->rid[3],
632 icc_pe_pk->rid[4],
633 icc_pe_pk->index,
634 icc_pe_pk->serial[0],
635 icc_pe_pk->serial[1],
636 icc_pe_pk->serial[2]
637 );
638 }
639
640 // 9F4B: Signed Dynamic Application Data
641 const struct tlv *sdad_tlv = tlvdb_get(tlv, 0x9f4b, NULL);
642 // DDA with internal authenticate OR fDDA with filled 0x9F4B tag (GPO result)
643 // EMV kernel3 v2.4, contactless book C-3, C.1., page 147
644 if (sdad_tlv) {
645 PrintAndLog("\n* * Got Signed Dynamic Application Data (9F4B) form GPO. Maybe fDDA...");
646
647 const struct tlvdb *atc_db = emv_pki_recover_atc_ex(icc_pk, tlv, true);
648 if (!atc_db) {
649 PrintAndLog("ERROR: Can't recover IDN (ICC Dynamic Number)");
650 emv_pk_free(pk);
651 emv_pk_free(issuer_pk);
652 emv_pk_free(icc_pk);
653 return 8;
654 }
655
656 // 9f36 Application Transaction Counter (ATC)
657 const struct tlv *atc_tlv = tlvdb_get(atc_db, 0x9f36, NULL);
658 if(atc_tlv) {
659 PrintAndLog("\nATC (Application Transaction Counter) [%zu] %s", atc_tlv->len, sprint_hex_inrow(atc_tlv->value, atc_tlv->len));
660
661 const struct tlv *core_atc_tlv = tlvdb_get(tlv, 0x9f36, NULL);
662 if(tlv_equal(core_atc_tlv, atc_tlv)) {
663 PrintAndLog("ATC check OK.");
664 PrintAndLog("fDDA (fast DDA) verified OK.");
665 } else {
666 PrintAndLog("ERROR: fDDA verified, but ATC in the certificate and ATC in the record not the same.");
667 }
668 } else {
669 PrintAndLog("\nERROR: fDDA (fast DDA) verify error");
670 emv_pk_free(pk);
671 emv_pk_free(issuer_pk);
672 emv_pk_free(icc_pk);
673 return 9;
674 }
675 } else {
676 struct tlvdb *dac_db = emv_pki_recover_dac(issuer_pk, tlv, sda_tlv);
677 if (dac_db) {
678 const struct tlv *dac_tlv = tlvdb_get(dac_db, 0x9f45, NULL);
679 printf("SDA verified OK. (%02hhx:%02hhx)\n", dac_tlv->value[0], dac_tlv->value[1]);
680 tlvdb_add(tlv, dac_db);
681 } else {
682 PrintAndLog("ERROR: SSAD verify error");
683 emv_pk_free(pk);
684 emv_pk_free(issuer_pk);
685 emv_pk_free(icc_pk);
686 return 4;
687 }
688
689 PrintAndLog("\n* Calc DDOL");
690 const struct tlv *ddol_tlv = tlvdb_get(tlv, 0x9f49, NULL);
691 if (!ddol_tlv) {
692 ddol_tlv = &default_ddol_tlv;
693 PrintAndLog("DDOL [9f49] not found. Using default DDOL");
694 }
695
696 struct tlv *ddol_data_tlv = dol_process(ddol_tlv, tlv, 0);
697 if (!ddol_data_tlv) {
698 PrintAndLog("ERROR: Can't create DDOL TLV");
699 emv_pk_free(pk);
700 emv_pk_free(issuer_pk);
701 emv_pk_free(icc_pk);
702 return 5;
703 }
704
705 PrintAndLog("DDOL data[%d]: %s", ddol_data_tlv->len, sprint_hex(ddol_data_tlv->value, ddol_data_tlv->len));
706
707 PrintAndLog("\n* Internal Authenticate");
708 int res = EMVInternalAuthenticate(true, (uint8_t *)ddol_data_tlv->value, ddol_data_tlv->len, buf, sizeof(buf), &len, &sw, NULL);
709 if (res) {
710 PrintAndLog("Internal Authenticate error(%d): %4x. Exit...", res, sw);
711 free(ddol_data_tlv);
712 emv_pk_free(pk);
713 emv_pk_free(issuer_pk);
714 emv_pk_free(icc_pk);
715 return 6;
716 }
717
718 struct tlvdb *dda_db = NULL;
719 if (buf[0] == 0x80) {
720 if (len < 3 ) {
721 PrintAndLog("ERROR: Internal Authenticate format1 parsing error. length=%d", len);
722 } else {
723 // 9f4b Signed Dynamic Application Data
724 dda_db = tlvdb_fixed(0x9f4b, len - 2, buf + 2);
725 tlvdb_add(tlv, dda_db);
726 if (decodeTLV){
727 PrintAndLog("* * Decode response format 1:");
728 TLVPrintFromTLV(dda_db);
729 }
730 }
731 } else {
732 dda_db = tlvdb_parse_multi(buf, len);
733 if(!dda_db) {
734 PrintAndLog("ERROR: Can't parse Internal Authenticate result as TLV");
735 free(ddol_data_tlv);
736 emv_pk_free(pk);
737 emv_pk_free(issuer_pk);
738 emv_pk_free(icc_pk);
739 return 7;
740 }
741 tlvdb_add(tlv, dda_db);
742
743 if (decodeTLV)
744 TLVPrintFromTLV(dda_db);
745 }
746
747 struct tlvdb *idn_db = emv_pki_recover_idn_ex(icc_pk, dda_db, ddol_data_tlv, true);
748 free(ddol_data_tlv);
749 if (!idn_db) {
750 PrintAndLog("ERROR: Can't recover IDN (ICC Dynamic Number)");
751 tlvdb_free(dda_db);
752 emv_pk_free(pk);
753 emv_pk_free(issuer_pk);
754 emv_pk_free(icc_pk);
755 return 8;
756 }
757 tlvdb_free(dda_db);
758
759 // 9f4c ICC Dynamic Number
760 const struct tlv *idn_tlv = tlvdb_get(idn_db, 0x9f4c, NULL);
761 if(idn_tlv) {
762 PrintAndLog("\nIDN (ICC Dynamic Number) [%zu] %s", idn_tlv->len, sprint_hex_inrow(idn_tlv->value, idn_tlv->len));
763 PrintAndLog("DDA verified OK.");
764 tlvdb_add(tlv, idn_db);
765 tlvdb_free(idn_db);
766 } else {
767 PrintAndLog("\nERROR: DDA verify error");
768 tlvdb_free(idn_db);
769
770 emv_pk_free(pk);
771 emv_pk_free(issuer_pk);
772 emv_pk_free(icc_pk);
773 return 9;
774 }
775 }
776
777 emv_pk_free(pk);
778 emv_pk_free(issuer_pk);
779 emv_pk_free(icc_pk);
780 return 0;
781 }
782
783 int trCDA(struct tlvdb *tlv, struct tlvdb *ac_tlv, struct tlv *pdol_data_tlv, struct tlv *ac_data_tlv) {
784
785 struct emv_pk *pk = get_ca_pk(tlv);
786 if (!pk) {
787 PrintAndLog("ERROR: Key not found. Exit.");
788 return 2;
789 }
790
791 const struct tlv *sda_tlv = tlvdb_get(tlv, 0x21, NULL);
792 if (!sda_tlv || sda_tlv->len < 1) {
793 PrintAndLog("ERROR: Can't find input list for Offline Data Authentication. Exit.");
794 emv_pk_free(pk);
795 return 3;
796 }
797
798 struct emv_pk *issuer_pk = emv_pki_recover_issuer_cert(pk, tlv);
799 if (!issuer_pk) {
800 PrintAndLog("ERROR: Issuer certificate not found. Exit.");
801 emv_pk_free(pk);
802 return 2;
803 }
804 printf("Issuer PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx\n",
805 issuer_pk->rid[0],
806 issuer_pk->rid[1],
807 issuer_pk->rid[2],
808 issuer_pk->rid[3],
809 issuer_pk->rid[4],
810 issuer_pk->index,
811 issuer_pk->serial[0],
812 issuer_pk->serial[1],
813 issuer_pk->serial[2]
814 );
815
816 struct emv_pk *icc_pk = emv_pki_recover_icc_cert(issuer_pk, tlv, sda_tlv);
817 if (!icc_pk) {
818 PrintAndLog("ERROR: ICC setrificate not found. Exit.");
819 emv_pk_free(pk);
820 emv_pk_free(issuer_pk);
821 return 2;
822 }
823 printf("ICC PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx\n",
824 icc_pk->rid[0],
825 icc_pk->rid[1],
826 icc_pk->rid[2],
827 icc_pk->rid[3],
828 icc_pk->rid[4],
829 icc_pk->index,
830 icc_pk->serial[0],
831 icc_pk->serial[1],
832 icc_pk->serial[2]
833 );
834
835 struct tlvdb *dac_db = emv_pki_recover_dac(issuer_pk, tlv, sda_tlv);
836 if (dac_db) {
837 const struct tlv *dac_tlv = tlvdb_get(dac_db, 0x9f45, NULL);
838 PrintAndLog("SSAD verified OK. (%02hhx:%02hhx)", dac_tlv->value[0], dac_tlv->value[1]);
839 tlvdb_add(tlv, dac_db);
840 } else {
841 PrintAndLog("ERROR: SSAD verify error");
842 emv_pk_free(pk);
843 emv_pk_free(issuer_pk);
844 emv_pk_free(icc_pk);
845 return 4;
846 }
847
848 PrintAndLog("\n* * Check Signed Dynamic Application Data (SDAD)");
849 struct tlvdb *idn_db = emv_pki_perform_cda_ex(icc_pk, tlv, ac_tlv,
850 pdol_data_tlv, // pdol
851 ac_data_tlv, // cdol1
852 NULL, // cdol2
853 true);
854 if (idn_db) {
855 const struct tlv *idn_tlv = tlvdb_get(idn_db, 0x9f4c, NULL);
856 PrintAndLog("\nIDN (ICC Dynamic Number) [%zu] %s", idn_tlv->len, sprint_hex_inrow(idn_tlv->value, idn_tlv->len));
857 PrintAndLog("CDA verified OK.");
858 tlvdb_add(tlv, idn_db);
859 } else {
860 PrintAndLog("\nERROR: CDA verify error");
861 }
862
863 emv_pk_free(pk);
864 emv_pk_free(issuer_pk);
865 emv_pk_free(icc_pk);
866 return 0;
867 }
868
869 int RecoveryCertificates(struct tlvdb *tlvRoot, json_t *root) {
870
871 struct emv_pk *pk = get_ca_pk(tlvRoot);
872 if (!pk) {
873 PrintAndLog("ERROR: Key not found. Exit.");
874 return 1;
875 }
876
877 struct emv_pk *issuer_pk = emv_pki_recover_issuer_cert(pk, tlvRoot);
878 if (!issuer_pk) {
879 emv_pk_free(pk);
880 PrintAndLog("WARNING: Issuer certificate not found. Exit.");
881 return 2;
882 }
883 PrintAndLog("Issuer PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx",
884 issuer_pk->rid[0],
885 issuer_pk->rid[1],
886 issuer_pk->rid[2],
887 issuer_pk->rid[3],
888 issuer_pk->rid[4],
889 issuer_pk->index,
890 issuer_pk->serial[0],
891 issuer_pk->serial[1],
892 issuer_pk->serial[2]
893 );
894
895 JsonSaveBufAsHex(root, "$.ApplicationData.RID", issuer_pk->rid, 5);
896
897 char *issuer_pk_c = emv_pk_dump_pk(issuer_pk);
898 JsonSaveStr(root, "$.ApplicationData.IssuerPublicKeyDec", issuer_pk_c);
899 JsonSaveBufAsHex(root, "$.ApplicationData.IssuerPublicKeyModulus", issuer_pk->modulus, issuer_pk->mlen);
900 free(issuer_pk_c);
901
902 struct emv_pk *icc_pk = emv_pki_recover_icc_cert(issuer_pk, tlvRoot, NULL);
903 if (!icc_pk) {
904 emv_pk_free(pk);
905 emv_pk_free(issuer_pk);
906 PrintAndLog("WARNING: ICC certificate not found. Exit.");
907 return 2;
908 }
909 printf("ICC PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx\n",
910 icc_pk->rid[0],
911 icc_pk->rid[1],
912 icc_pk->rid[2],
913 icc_pk->rid[3],
914 icc_pk->rid[4],
915 icc_pk->index,
916 icc_pk->serial[0],
917 icc_pk->serial[1],
918 icc_pk->serial[2]
919 );
920
921 char *icc_pk_c = emv_pk_dump_pk(icc_pk);
922 JsonSaveStr(root, "$.ApplicationData.ICCPublicKeyDec", icc_pk_c);
923 JsonSaveBufAsHex(root, "$.ApplicationData.ICCPublicKeyModulus", icc_pk->modulus, icc_pk->mlen);
924 free(issuer_pk_c);
925
926 return 0;
927 }
Impressum, Datenschutz