]> git.zerfleddert.de Git - proxmark3-svn/blobdiff - client/cmdhf.c
Fixed issue with dumping iclass tags > 2KB in size
[proxmark3-svn] / client / cmdhf.c
index a55c41b2bbe2d209eec7a8d468488cebd1f29e78..22063bbbe566e22e139524ad98ba2cc817c9b641 100644 (file)
@@ -23,6 +23,7 @@
 #include "cmdhficlass.h"
 #include "cmdhfmf.h"
 #include "cmdhfmfu.h"
+#include "protocols.h"
 
 static int CmdHelp(const char *Cmd);
 
@@ -33,156 +34,6 @@ int CmdHFTune(const char *Cmd)
   return 0;
 }
 
-//The following data is taken from http://www.proxmark.org/forum/viewtopic.php?pid=13501#p13501
-/*
-ISO14443A (usually NFC tags)
-       26 (7bits) = REQA
-       30 = Read (usage: 30+1byte block number+2bytes ISO14443A-CRC - answer: 16bytes)
-       A2 = Write (usage: A2+1byte block number+4bytes data+2bytes ISO14443A-CRC - answer: 0A [ACK] or 00 [NAK])
-       52 (7bits) = WUPA (usage: 52(7bits) - answer: 2bytes ATQA)
-       93 20 = Anticollision (usage: 9320 - answer: 4bytes UID+1byte UID-bytes-xor)
-       93 70 = Select (usage: 9370+5bytes 9320 answer - answer: 1byte SAK)
-       95 20 = Anticollision of cascade level2
-       95 70 = Select of cascade level2
-       50 00 = Halt (usage: 5000+2bytes ISO14443A-CRC - no answer from card)
-Mifare
-       60 = Authenticate with KeyA
-       61 = Authenticate with KeyB
-       40 (7bits) = Used to put Chinese Changeable UID cards in special mode (must be followed by 43 (8bits) - answer: 0A)
-       C0 = Decrement
-       C1 = Increment
-       C2 = Restore
-       B0 = Transfer
-Ultralight C
-       A0 = Compatibility Write (to accomodate MIFARE commands)
-       1A = Step1 Authenticate
-       AF = Step2 Authenticate
-
-
-ISO14443B
-       05 = REQB
-       1D = ATTRIB
-       50 = HALT
-SRIX4K (tag does not respond to 05)
-       06 00 = INITIATE
-       0E xx = SELECT ID (xx = Chip-ID)
-       0B = Get UID
-       08 yy = Read Block (yy = block number)
-       09 yy dd dd dd dd = Write Block (yy = block number; dd dd dd dd = data to be written)
-       0C = Reset to Inventory
-       0F = Completion
-       0A 11 22 33 44 55 66 = Authenticate (11 22 33 44 55 66 = data to authenticate)
-
-
-ISO15693
-       MANDATORY COMMANDS (all ISO15693 tags must support those)
-               01 = Inventory (usage: 260100+2bytes ISO15693-CRC - answer: 12bytes)
-               02 = Stay Quiet
-       OPTIONAL COMMANDS (not all tags support them)
-               20 = Read Block (usage: 0220+1byte block number+2bytes ISO15693-CRC - answer: 4bytes)
-               21 = Write Block (usage: 0221+1byte block number+4bytes data+2bytes ISO15693-CRC - answer: 4bytes)
-               22 = Lock Block
-               23 = Read Multiple Blocks (usage: 0223+1byte 1st block to read+1byte last block to read+2bytes ISO15693-CRC)
-               25 = Select
-               26 = Reset to Ready
-               27 = Write AFI
-               28 = Lock AFI
-               29 = Write DSFID
-               2A = Lock DSFID
-               2B = Get_System_Info (usage: 022B+2bytes ISO15693-CRC - answer: 14 or more bytes)
-               2C = Read Multiple Block Security Status (usage: 022C+1byte 1st block security to read+1byte last block security to read+2bytes ISO15693-CRC)
-
-EM Microelectronic CUSTOM COMMANDS
-       A5 = Active EAS (followed by 1byte IC Manufacturer code+1byte EAS type)
-       A7 = Write EAS ID (followed by 1byte IC Manufacturer code+2bytes EAS value)
-       B8 = Get Protection Status for a specific block (followed by 1byte IC Manufacturer code+1byte block number+1byte of how many blocks after the previous is needed the info)
-       E4 = Login (followed by 1byte IC Manufacturer code+4bytes password)
-NXP/Philips CUSTOM COMMANDS
-       A0 = Inventory Read
-       A1 = Fast Inventory Read
-       A2 = Set EAS
-       A3 = Reset EAS
-       A4 = Lock EAS
-       A5 = EAS Alarm
-       A6 = Password Protect EAS
-       A7 = Write EAS ID
-       A8 = Read EPC
-       B0 = Inventory Page Read
-       B1 = Fast Inventory Page Read
-       B2 = Get Random Number
-       B3 = Set Password
-       B4 = Write Password
-       B5 = Lock Password
-       B6 = Bit Password Protection
-       B7 = Lock Page Protection Condition
-       B8 = Get Multiple Block Protection Status
-       B9 = Destroy SLI
-       BA = Enable Privacy
-       BB = 64bit Password Protection
-       40 = Long Range CMD (Standard ISO/TR7003:1990)
-               */
-
-#define ICLASS_CMD_ACTALL           0x0A
-#define ICLASS_CMD_READ_OR_IDENTIFY 0x0C
-#define ICLASS_CMD_SELECT           0x81
-#define ICLASS_CMD_PAGESEL          0x84
-#define ICLASS_CMD_READCHECK_KD     0x88
-#define ICLASS_CMD_READCHECK_KC     0x18
-#define ICLASS_CMD_CHECK            0x05
-#define ICLASS_CMD_DETECT           0x0F
-#define ICLASS_CMD_HALT             0x00
-#define ICLASS_CMD_UPDATE                      0x87
-#define ICLASS_CMD_ACT              0x8E
-#define ICLASS_CMD_READ4            0x06
-
-
-#define ISO14443A_CMD_REQA       0x26
-#define ISO14443A_CMD_READBLOCK  0x30
-#define ISO14443A_CMD_WUPA       0x52
-#define ISO14443A_CMD_ANTICOLL_OR_SELECT     0x93
-#define ISO14443A_CMD_ANTICOLL_OR_SELECT_2   0x95
-#define ISO14443A_CMD_WRITEBLOCK 0xA0 // or 0xA2 ?
-#define ISO14443A_CMD_HALT       0x50
-#define ISO14443A_CMD_RATS       0xE0
-
-#define MIFARE_AUTH_KEYA           0x60
-#define MIFARE_AUTH_KEYB           0x61
-#define MIFARE_MAGICMODE           0x40
-#define MIFARE_CMD_INC          0xC0
-#define MIFARE_CMD_DEC          0xC1
-#define MIFARE_CMD_RESTORE      0xC2
-#define MIFARE_CMD_TRANSFER     0xB0
-
-#define MIFARE_ULC_WRITE        0xA0
-#define MIFARE_ULC_AUTH_1       0x1A
-#define MIFARE_ULC_AUTH_2        0xAF
-
-#define ISO14443B_REQB         0x05
-#define ISO14443B_ATTRIB       0x1D
-#define ISO14443B_HALT         0x50
-
-//First byte is 26
-#define ISO15693_INVENTORY     0x01
-#define ISO15693_STAYQUIET     0x02
-//First byte is 02
-#define ISO15693_READBLOCK            0x20
-#define ISO15693_WRITEBLOCK           0x21
-#define ISO15693_LOCKBLOCK            0x22
-#define ISO15693_READ_MULTI_BLOCK     0x23
-#define ISO15693_SELECT               0x25
-#define ISO15693_RESET_TO_READY       0x26
-#define ISO15693_WRITE_AFI            0x27
-#define ISO15693_LOCK_AFI             0x28
-#define ISO15693_WRITE_DSFID          0x29
-#define ISO15693_LOCK_DSFID           0x2A
-#define ISO15693_GET_SYSTEM_INFO      0x2B
-#define ISO15693_READ_MULTI_SECSTATUS 0x2C
-
-
-#define ISO_14443A 0
-#define ICLASS     1
-#define ISO_14443B 2
-
 
 void annotateIso14443a(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize)
 {
@@ -211,19 +62,21 @@ void annotateIso14443a(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize)
                        snprintf(exp,size,"ANTICOLL-2"); break;
                }
        }
-       case ISO14443A_CMD_REQA:       snprintf(exp,size,"REQA"); break;
-       case ISO14443A_CMD_READBLOCK:  snprintf(exp,size,"READBLOCK(%d)",cmd[1]); break;
-       case ISO14443A_CMD_WRITEBLOCK: snprintf(exp,size,"WRITEBLOCK(%d)",cmd[1]); break;
-       case ISO14443A_CMD_HALT:       snprintf(exp,size,"HALT"); break;
-       case ISO14443A_CMD_RATS:       snprintf(exp,size,"RATS"); break;
-       case MIFARE_CMD_INC:          snprintf(exp,size,"INC(%d)",cmd[1]); break;
-       case MIFARE_CMD_DEC:          snprintf(exp,size,"DEC(%d)",cmd[1]); break;
-       case MIFARE_CMD_RESTORE:      snprintf(exp,size,"RESTORE(%d)",cmd[1]); break;
-       case MIFARE_CMD_TRANSFER:     snprintf(exp,size,"TRANSFER(%d)",cmd[1]); break;
-       case MIFARE_AUTH_KEYA:        snprintf(exp,size,"AUTH-A(%d)",cmd[1]); break;
-       case MIFARE_AUTH_KEYB:        snprintf(exp,size,"AUTH-B(%d)",cmd[1]); break;
-       case MIFARE_MAGICMODE:        snprintf(exp,size,"MAGIC"); break;
-       default:                      snprintf(exp,size,"?"); break;
+       case ISO14443A_CMD_REQA:                snprintf(exp,size,"REQA"); break;
+       case ISO14443A_CMD_READBLOCK:   snprintf(exp,size,"READBLOCK(%d)",cmd[1]); break;
+       case ISO14443A_CMD_WRITEBLOCK:  snprintf(exp,size,"WRITEBLOCK(%d)",cmd[1]); break;
+       case ISO14443A_CMD_HALT:                snprintf(exp,size,"HALT"); break;
+       case ISO14443A_CMD_RATS:                snprintf(exp,size,"RATS"); break;
+       case MIFARE_CMD_INC:                    snprintf(exp,size,"INC(%d)",cmd[1]); break;
+       case MIFARE_CMD_DEC:                    snprintf(exp,size,"DEC(%d)",cmd[1]); break;
+       case MIFARE_CMD_RESTORE:                snprintf(exp,size,"RESTORE(%d)",cmd[1]); break;
+       case MIFARE_CMD_TRANSFER:               snprintf(exp,size,"TRANSFER(%d)",cmd[1]); break;
+       case MIFARE_AUTH_KEYA:                  snprintf(exp,size,"AUTH-A(%d)",cmd[1]); break;
+       case MIFARE_AUTH_KEYB:                  snprintf(exp,size,"AUTH-B(%d)",cmd[1]); break;
+       case MIFARE_MAGICWUPC1:                 snprintf(exp,size,"MAGIC WUPC1"); break;
+       case MIFARE_MAGICWUPC2:                 snprintf(exp,size,"MAGIC WUPC2"); break;
+       case MIFARE_MAGICWIPEC:                 snprintf(exp,size,"MAGIC WIPEC"); break;
+       default:                                                snprintf(exp,size,"?"); break;
        }
        return;
 }
@@ -287,13 +140,33 @@ void annotateIso15693(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize)
                }
        }
 }
+
+/**
+06 00 = INITIATE
+0E xx = SELECT ID (xx = Chip-ID)
+0B = Get UID
+08 yy = Read Block (yy = block number)
+09 yy dd dd dd dd = Write Block (yy = block number; dd dd dd dd = data to be written)
+0C = Reset to Inventory
+0F = Completion
+0A 11 22 33 44 55 66 = Authenticate (11 22 33 44 55 66 = data to authenticate)
+**/
+
 void annotateIso14443b(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize)
 {
        switch(cmd[0]){
        case ISO14443B_REQB   : snprintf(exp,size,"REQB");break;
        case ISO14443B_ATTRIB : snprintf(exp,size,"ATTRIB");break;
        case ISO14443B_HALT   : snprintf(exp,size,"HALT");break;
-       default:                snprintf(exp,size ,"?");break;
+       case ISO14443B_INITIATE     : snprintf(exp,size,"INITIATE");break;
+       case ISO14443B_SELECT       : snprintf(exp,size,"SELECT(%d)",cmd[1]);break;
+       case ISO14443B_GET_UID      : snprintf(exp,size,"GET UID");break;
+       case ISO14443B_READ_BLK     : snprintf(exp,size,"READ_BLK(%d)", cmd[1]);break;
+       case ISO14443B_WRITE_BLK    : snprintf(exp,size,"WRITE_BLK(%d)",cmd[1]);break;
+       case ISO14443B_RESET        : snprintf(exp,size,"RESET");break;
+       case ISO14443B_COMPLETION   : snprintf(exp,size,"COMPLETION");break;
+       case ISO14443B_AUTHENTICATE : snprintf(exp,size,"AUTHENTICATE");break;
+       default                     : snprintf(exp,size ,"?");break;
        }
 
 }
@@ -412,31 +285,12 @@ uint16_t printTraceLine(uint16_t tracepos, uint16_t traceLen, uint8_t *trace, ui
        if (tracepos + data_len + parity_len > traceLen) {
                return traceLen;
        }
-
        uint8_t *frame = trace + tracepos;
        tracepos += data_len;
        uint8_t *parityBytes = trace + tracepos;
        tracepos += parity_len;
 
-       //--- Draw the data column
-       char line[16][110];
-       for (int j = 0; j < data_len; j++) {
-               int oddparity = 0x01;
-               int k;
-
-               for (k=0 ; k<8 ; k++) {
-                       oddparity ^= (((frame[j] & 0xFF) >> k) & 0x01);
-               }
-
-               uint8_t parityBits = parityBytes[j>>3];
-
-               if (isResponse && (oddparity != ((parityBits >> (7-(j&0x0007))) & 0x01))) {
-                       sprintf(line[j/16]+((j%16)*4), "%02x! ", frame[j]);
-               } else {
-                       sprintf(line[j/16]+((j%16)*4), "%02x  ", frame[j]);
-               }
-       }
-       //--- Draw the CRC column
+       //Check the CRC status
        uint8_t crcStatus = 2;
 
        if (data_len > 2) {
@@ -464,6 +318,43 @@ uint16_t printTraceLine(uint16_t tracepos, uint16_t traceLen, uint8_t *trace, ui
        //0 CRC-command, CRC not ok
        //1 CRC-command, CRC ok
        //2 Not crc-command
+
+       //--- Draw the data column
+       //char line[16][110];
+       char line[16][110];
+
+       for (int j = 0; j < data_len && j/16 < 16; j++) {
+
+               int oddparity = 0x01;
+               int k;
+
+               for (k=0 ; k<8 ; k++) {
+                       oddparity ^= (((frame[j] & 0xFF) >> k) & 0x01);
+               }
+               uint8_t parityBits = parityBytes[j>>3];
+               if (isResponse && (oddparity != ((parityBits >> (7-(j&0x0007))) & 0x01))) {
+                       snprintf(line[j/16]+(( j % 16) * 4),110, "%02x! ", frame[j]);
+
+               } else {
+                       snprintf(line[j/16]+(( j % 16) * 4),110, "%02x  ", frame[j]);
+               }
+
+       }
+       if(crcStatus == 1)
+       {//CRC-command
+               char *pos1 = line[(data_len-2)/16]+(((data_len-2) % 16) * 4)-1;
+               (*pos1) = '[';
+               char *pos2 = line[(data_len)/16]+(((data_len) % 16) * 4)-2;
+               (*pos2) = ']';
+       }
+       if(data_len == 0)
+       {
+               if(data_len == 0){
+                       sprintf(line[0],"<empty trace - possible error>");
+               }
+       }
+       //--- Draw the CRC column
+
        char *crc = (crcStatus == 0 ? "!crc" : (crcStatus == 1 ? " ok " : "    "));
 
        EndOfTransmissionTimestamp = timestamp + duration;
@@ -478,8 +369,8 @@ uint16_t printTraceLine(uint16_t tracepos, uint16_t traceLen, uint8_t *trace, ui
                        annotateIso14443b(explanation,sizeof(explanation),frame,data_len);
        }
 
-       int num_lines = (data_len - 1)/16 + 1;
-       for (int j = 0; j < num_lines; j++) {
+       int num_lines = MIN((data_len - 1)/16 + 1, 16);
+       for (int j = 0; j < num_lines ; j++) {
                if (j == 0) {
                        PrintAndLog(" %9d | %9d | %s | %-64s| %s| %s",
                                (timestamp - first_timestamp),
Impressum, Datenschutz