'lf hitag writer': add Hitag2 password auth

[proxmark3-svn] / client / cmdlfhitag.c
diff --git a/client/cmdlfhitag.c b/client/cmdlfhitag.c

index cd23f88cdfeac4ad89ad8ba71f703e2374d23e2e..be8072226e89b52f620b36216687ac7624fce0ed 100644 (file)
--- a/client/cmdlfhitag.c
+++ b/client/cmdlfhitag.c
@@ -22,15 +22,13 @@
  #include "hitag.h"
  #include "cmdmain.h"
  
  #include "hitag.h"
  #include "cmdmain.h"
  
-static int CmdHelp(const char *Cmd);
-
-size_t nbytes(size_t nbits) {
-       return (nbits/8)+((nbits%8)>0);
+static size_t nbytes(size_t nbits) {
+       return (nbits/8) + ((nbits%8)>0);
  }
  
  }
  
-int CmdLFHitagList(const char *Cmd)
-{
-       uint8_t *got = malloc(USB_CMD_DATA_SIZE);
+
+static int CmdLFHitagList(const char *Cmd) {
+       uint8_t *got = malloc(USB_CMD_DATA_SIZE);
         // Query for the actual size of the trace
         UsbCommand response;
         GetFromBigBuf(got, USB_CMD_DATA_SIZE, 0, &response, -1, false);
         // Query for the actual size of the trace
         UsbCommand response;
         GetFromBigBuf(got, USB_CMD_DATA_SIZE, 0, &response, -1, false);
@@ -45,7 +43,7 @@ int CmdLFHitagList(const char *Cmd)
                 got = p;
                 GetFromBigBuf(got, traceLen, 0, NULL, -1, false);
         }
                 got = p;
                 GetFromBigBuf(got, traceLen, 0, NULL, -1, false);
         }
-       
+
         PrintAndLog("recorded activity (TraceLen = %d bytes):");
         PrintAndLog(" ETU     :nbits: who bytes");
         PrintAndLog("---------+-----+----+-----------");
         PrintAndLog("recorded activity (TraceLen = %d bytes):");
         PrintAndLog(" ETU     :nbits: who bytes");
         PrintAndLog("---------+-----+----+-----------");
@@ -57,11 +55,11 @@ int CmdLFHitagList(const char *Cmd)
  
         char filename[FILE_PATH_SIZE]  = { 0x00 };
         FILE* pf = NULL;
  
         char filename[FILE_PATH_SIZE]  = { 0x00 };
         FILE* pf = NULL;
-       
-       if (len > FILE_PATH_SIZE) 
+
+       if (len > FILE_PATH_SIZE)
                 len = FILE_PATH_SIZE;
         memcpy(filename, Cmd, len);
                 len = FILE_PATH_SIZE;
         memcpy(filename, Cmd, len);
-   
+
         if (strlen(filename) > 0) {
                 if ((pf = fopen(filename,"wb")) == NULL) {
                         PrintAndLog("Error: Could not open file [%s]",filename);
         if (strlen(filename) > 0) {
                 if ((pf = fopen(filename,"wb")) == NULL) {
                         PrintAndLog("Error: Could not open file [%s]",filename);
@@ -71,7 +69,7 @@ int CmdLFHitagList(const char *Cmd)
         }
  
         for (;;) {
         }
  
         for (;;) {
-  
+
                 if(i > traceLen) { break; }
  
                 bool isResponse;
                 if(i > traceLen) { break; }
  
                 bool isResponse;
@@ -95,7 +93,7 @@ int CmdLFHitagList(const char *Cmd)
                 int len = nbytes(bits);
  
                 if (len > 100) {
                 int len = nbytes(bits);
  
                 if (len > 100) {
-                 break;
+                       break;
                 }
                 if (i + len > traceLen) { break;}
  
                 }
                 if (i + len > traceLen) { break;}
  
@@ -104,7 +102,7 @@ int CmdLFHitagList(const char *Cmd)
                 int fillupBits = 8 - (bits % 8);
                 byte_t framefilled[bits+fillupBits];
                 byte_t* ff = framefilled;
                 int fillupBits = 8 - (bits % 8);
                 byte_t framefilled[bits+fillupBits];
                 byte_t* ff = framefilled;
-               
+
                 int response_bit[200] = {0};
                 int z = 0;
                 for (int y = 0; y < len; y++) {
                 int response_bit[200] = {0};
                 int z = 0;
                 for (int y = 0; y < len; y++) {
@@ -133,12 +131,12 @@ int CmdLFHitagList(const char *Cmd)
  
                 char line[1000] = "";
                 for (j = 0; j < len; j++) {
  
                 char line[1000] = "";
                 for (j = 0; j < len; j++) {
-                 //if((parityBits >> (len - j - 1)) & 0x01) {
-                 if (isResponse && (oddparity8(frame[j]) != ((parityBits >> (len - j - 1)) & 0x01))) {
-                       sprintf(line+(j*4), "%02x!  ", frame[j]);
-                 } else {
-                       sprintf(line+(j*4), "%02x   ", frame[j]);
-                 }
+                       //if((parityBits >> (len - j - 1)) & 0x01) {
+                       if (isResponse && (oddparity8(frame[j]) != ((parityBits >> (len - j - 1)) & 0x01))) {
+                               sprintf(line+(j*4), "%02x!  ", frame[j]);
+                       } else {
+                               sprintf(line+(j*4), "%02x   ", frame[j]);
+                       }
                 }
  
                 PrintAndLog(" +%7d:  %3d: %s %s",
                 }
  
                 PrintAndLog(" +%7d:  %3d: %s %s",
@@ -154,11 +152,11 @@ int CmdLFHitagList(const char *Cmd)
                                 (isResponse ? "TAG" : "   "),
                                 line);
                 }
                                 (isResponse ? "TAG" : "   "),
                                 line);
                 }
-               
+
                 prev = timestamp;
                 i += (len + 9);
         }
                 prev = timestamp;
                 i += (len + 9);
         }
-  
+
         if (pf) {
                 fclose(pf);
                 PrintAndLog("Recorded activity succesfully written to file: %s", filename);
         if (pf) {
                 fclose(pf);
                 PrintAndLog("Recorded activity succesfully written to file: %s", filename);
@@ -168,22 +166,24 @@ int CmdLFHitagList(const char *Cmd)
         return 0;
  }
  
         return 0;
  }
  
-int CmdLFHitagSnoop(const char *Cmd) {
-  UsbCommand c = {CMD_SNOOP_HITAG};
-  SendCommand(&c);
-  return 0;
+
+static int CmdLFHitagSnoop(const char *Cmd) {
+       UsbCommand c = {CMD_SNOOP_HITAG};
+       SendCommand(&c);
+       return 0;
  }
  
  }
  
-int CmdLFHitagSim(const char *Cmd) {
-    
-  UsbCommand c = {CMD_SIMULATE_HITAG};
+
+static int CmdLFHitagSim(const char *Cmd) {
+
+       UsbCommand c = {CMD_SIMULATE_HITAG};
         char filename[FILE_PATH_SIZE] = { 0x00 };
         FILE* pf;
         bool tag_mem_supplied;
         int len = strlen(Cmd);
         if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;
         memcpy(filename, Cmd, len);
         char filename[FILE_PATH_SIZE] = { 0x00 };
         FILE* pf;
         bool tag_mem_supplied;
         int len = strlen(Cmd);
         if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;
         memcpy(filename, Cmd, len);
-       
+
         if (strlen(filename) > 0) {
                 if ((pf = fopen(filename,"rb+")) == NULL) {
                         PrintAndLog("Error: Could not open file [%s]",filename);
         if (strlen(filename) > 0) {
                 if ((pf = fopen(filename,"rb+")) == NULL) {
                         PrintAndLog("Error: Could not open file [%s]",filename);
@@ -199,56 +199,114 @@ int CmdLFHitagSim(const char *Cmd) {
         } else {
                 tag_mem_supplied = false;
         }
         } else {
                 tag_mem_supplied = false;
         }
-       
+
         // Does the tag comes with memory
         c.arg[0] = (uint32_t)tag_mem_supplied;
  
         // Does the tag comes with memory
         c.arg[0] = (uint32_t)tag_mem_supplied;
  
-  SendCommand(&c);
-  return 0;
+       SendCommand(&c);
+       return 0;
+}
+
+
+static bool getHitagUid(uint32_t *uid) {
+       // ToDo: this is for Hitag2 only (??)
+       
+       UsbCommand c = {CMD_READER_HITAG, {RHT2F_UID_ONLY}};
+
+       SendCommand(&c);
+
+       UsbCommand resp;
+       if (!WaitForResponseTimeout(CMD_ACK, &resp, 2500)) {
+               PrintAndLogEx(WARNING, "timeout while waiting for reply.");
+               return false;
+       }
+
+       if (resp.arg[0] == false) {
+               PrintAndLogEx(DEBUG, "DEBUG: Error - failed getting UID");
+               return false;
+       }
+
+       if (uid)
+               *uid = bytes_to_num(resp.d.asBytes, 4);
+
+       return true;
  }
  
  }
  
+
+static int CmdLFHitagInfo(const char *Cmd) {
+       char ctmp = param_getchar(Cmd, 0);
+       if (ctmp != '\0') {
+               PrintAndLog("Usage:   lf hitag info [h]");
+               PrintAndLog("Options:");
+               PrintAndLog("       h          This help");
+               PrintAndLog("Examples:");
+               PrintAndLog("         lf hitag info");
+               return 0;
+       }
+
+       // read UID
+       uint32_t uid = 0;
+       if (getHitagUid(&uid) == false)
+               return 1;
+
+       PrintAndLogEx(SUCCESS, "UID: %08X", uid);
+
+       // how to detemine Hitag types?
+       // read block3,  get configuration byte.
+       // PrintAndLogEx(FAILED, _RED_("TODO: This is a hardcoded example!"));
+
+       // common configurations.
+       // printHitagConfiguration(0x06);
+       //printHitagConfiguration( 0x0E );
+       //printHitagConfiguration( 0x02 );
+       //printHitagConfiguration( 0x00 );
+       //printHitagConfiguration( 0x04 );
+       return 0;
+}
+
+
  int CmdLFHitagReader(const char *Cmd) {
  int CmdLFHitagReader(const char *Cmd) {
-       UsbCommand c = {CMD_READER_HITAG};//, {param_get32ex(Cmd,0,0,10),param_get32ex(Cmd,1,0,16),param_get32ex(Cmd,2,0,16),param_get32ex(Cmd,3,0,16)}};
+       UsbCommand c = {CMD_READER_HITAG};
         hitag_data* htd = (hitag_data*)c.d.asBytes;
         hitag_data* htd = (hitag_data*)c.d.asBytes;
-       hitag_function htf = param_get32ex(Cmd,0,0,10);
-       
+       hitag_function htf = param_get32ex(Cmd, 0, 0, 10);
+
         switch (htf) {
                 case 01: { //RHTSF_CHALLENGE
                         c = (UsbCommand){ CMD_READ_HITAG_S };
         switch (htf) {
                 case 01: { //RHTSF_CHALLENGE
                         c = (UsbCommand){ CMD_READ_HITAG_S };
-                       num_to_bytes(param_get32ex(Cmd,1,0,16),4,htd->auth.NrAr);
-                       num_to_bytes(param_get32ex(Cmd,2,0,16),4,htd->auth.NrAr+4);
-                       c.arg[1] = param_get64ex(Cmd,3,0,0); //firstpage
-                       c.arg[2] = param_get64ex(Cmd,4,0,0); //tag mode
+                       num_to_bytes(param_get32ex(Cmd, 1, 0, 16), 4, htd->auth.NrAr);
+                       num_to_bytes(param_get32ex(Cmd, 2, 0, 16), 4, htd->auth.NrAr+4);
+                       c.arg[1] = param_get64ex(Cmd, 3, 0, 0); //firstpage
+                       c.arg[2] = param_get64ex(Cmd, 4, 0, 0); //tag mode
                 } break;
                 case 02: { //RHTSF_KEY
                         c = (UsbCommand){ CMD_READ_HITAG_S };
                 } break;
                 case 02: { //RHTSF_KEY
                         c = (UsbCommand){ CMD_READ_HITAG_S };
-                       num_to_bytes(param_get64ex(Cmd,1,0,16),6,htd->crypto.key);
-                       c.arg[1] = param_get64ex(Cmd,2,0,0); //firstpage
-                       c.arg[2] = param_get64ex(Cmd,3,0,0); //tag mode
+                       num_to_bytes(param_get64ex(Cmd, 1, 0, 16), 6, htd->crypto.key);
+                       c.arg[1] = param_get64ex(Cmd, 2, 0, 0); //firstpage
+                       c.arg[2] = param_get64ex(Cmd, 3, 0, 0); //tag mode
                 } break;
                 case 03: { //RHTSF_CHALLENGE BLOCK
                         c = (UsbCommand){ CMD_READ_HITAG_S_BLK };
                 } break;
                 case 03: { //RHTSF_CHALLENGE BLOCK
                         c = (UsbCommand){ CMD_READ_HITAG_S_BLK };
-                       num_to_bytes(param_get32ex(Cmd,1,0,16),4,htd->auth.NrAr);
-                       num_to_bytes(param_get32ex(Cmd,2,0,16),4,htd->auth.NrAr+4);
-                       c.arg[1] = param_get64ex(Cmd,3,0,0); //firstpage
-                       c.arg[2] = param_get64ex(Cmd,4,0,0); //tag mode
+                       num_to_bytes(param_get32ex(Cmd, 1, 0, 16), 4, htd->auth.NrAr);
+                       num_to_bytes(param_get32ex(Cmd, 2, 0, 16), 4, htd->auth.NrAr+4);
+                       c.arg[1] = param_get64ex(Cmd, 3, 0, 0); //firstpage
+                       c.arg[2] = param_get64ex(Cmd, 4, 0, 0); //tag mode
                 } break;
                 case 04: { //RHTSF_KEY BLOCK
                         c = (UsbCommand){ CMD_READ_HITAG_S_BLK };
                 } break;
                 case 04: { //RHTSF_KEY BLOCK
                         c = (UsbCommand){ CMD_READ_HITAG_S_BLK };
-                       num_to_bytes(param_get64ex(Cmd,1,0,16),6,htd->crypto.key);
-                       c.arg[1] = param_get64ex(Cmd,2,0,0); //firstpage
-                       c.arg[2] = param_get64ex(Cmd,3,0,0); //tag mode
+                       num_to_bytes(param_get64ex(Cmd, 1, 0, 16), 6, htd->crypto.key);
+                       c.arg[1] = param_get64ex(Cmd, 2, 0, 0); //firstpage
+                       c.arg[2] = param_get64ex(Cmd, 3, 0, 0); //tag mode
                 } break;
                 case RHT2F_PASSWORD: {
                 } break;
                 case RHT2F_PASSWORD: {
-                       num_to_bytes(param_get32ex(Cmd,1,0,16),4,htd->pwd.password);
+                       num_to_bytes(param_get32ex(Cmd, 1, 0, 16), 4, htd->pwd.password);
                 } break;
                 case RHT2F_AUTHENTICATE: {
                 } break;
                 case RHT2F_AUTHENTICATE: {
-                       num_to_bytes(param_get32ex(Cmd,1,0,16),4,htd->auth.NrAr);
-                       num_to_bytes(param_get32ex(Cmd,2,0,16),4,htd->auth.NrAr+4);
+                       num_to_bytes(param_get32ex(Cmd, 1, 0, 16), 4, htd->auth.NrAr);
+                       num_to_bytes(param_get32ex(Cmd, 2, 0, 16), 4, htd->auth.NrAr+4);
                 } break;
                 case RHT2F_CRYPTO: {
                 } break;
                 case RHT2F_CRYPTO: {
-                       num_to_bytes(param_get64ex(Cmd,1,0,16),6,htd->crypto.key);
-                       //                      num_to_bytes(param_get32ex(Cmd,2,0,16),4,htd->auth.NrAr+4);
+                       num_to_bytes(param_get64ex(Cmd, 1, 0, 16), 6, htd->crypto.key);
+                       //          num_to_bytes(param_get32ex(Cmd,2,0,16),4,htd->auth.NrAr+4);
                 } break;
                 case RHT2F_TEST_AUTH_ATTEMPTS: {
                         // No additional parameters needed
                 } break;
                 case RHT2F_TEST_AUTH_ATTEMPTS: {
                         // No additional parameters needed
@@ -261,19 +319,20 @@ int CmdLFHitagReader(const char *Cmd) {
                         PrintAndLog("");
                         PrintAndLog("Usage: hitag reader <Reader Function #>");
                         PrintAndLog("Reader Functions:");
                         PrintAndLog("");
                         PrintAndLog("Usage: hitag reader <Reader Function #>");
                         PrintAndLog("Reader Functions:");
-                       PrintAndLog(" HitagS (0*)");
-                       PrintAndLog("  01 <nr> <ar> (Challenge) <firstPage> <tagmode> read all pages from a Hitag S tag");
-                       PrintAndLog("  02 <key> (set to 0 if no authentication is needed) <firstPage> <tagmode> read all pages from a Hitag S tag");
-                       PrintAndLog("  03 <nr> <ar> (Challenge) <firstPage> <tagmode> read all blocks from a Hitag S tag");
-                       PrintAndLog("  04 <key> (set to 0 if no authentication is needed) <firstPage> <tagmode> read all blocks from a Hitag S tag");
-                       PrintAndLog("  Valid tagmodes are 0=STANDARD, 1=ADVANCED, 2=FAST_ADVANCED (default is ADVANCED)");
-                       PrintAndLog(" Hitag1 (1*)");
-                       PrintAndLog(" Hitag2 (2*)");
-                       PrintAndLog("  21 <password> (password mode)");
-                       PrintAndLog("  22 <nr> <ar> (authentication)");
-                       PrintAndLog("  23 <key> (authentication) key is in format: ISK high + ISK low");
-                       PrintAndLog("  25 (test recorded authentications)");
-                       PrintAndLog("  26 just read UID");
+                       PrintAndLog("  HitagS (0*):");
+                       PrintAndLog("    01 <nr> <ar> (Challenge) <firstPage> <tagmode> read all pages from a Hitag S tag");
+                       PrintAndLog("    02 <key> (set to 0 if no authentication is needed) <firstPage> <tagmode> read all pages from a Hitag S tag");
+                       PrintAndLog("    03 <nr> <ar> (Challenge) <firstPage> <tagmode> read all blocks from a Hitag S tag");
+                       PrintAndLog("    04 <key> (set to 0 if no authentication is needed) <firstPage> <tagmode> read all blocks from a Hitag S tag");
+                       PrintAndLog("    Valid tagmodes are 0=STANDARD, 1=ADVANCED, 2=FAST_ADVANCED (default is ADVANCED)");
+                       PrintAndLog("  Hitag1 (1*):");
+                       PrintAndLog("    (not yet implemented)");
+                       PrintAndLog("  Hitag2 (2*):");
+                       PrintAndLog("    21 <password> (password mode)");
+                       PrintAndLog("    22 <nr> <ar> (authentication)");
+                       PrintAndLog("    23 <key> (authentication) key is in format: ISK high + ISK low");
+                       PrintAndLog("    25 (test recorded authentications)");
+                       PrintAndLog("    26 just read UID");
                         return 1;
                 } break;
         }
                         return 1;
                 } break;
         }
@@ -286,13 +345,19 @@ int CmdLFHitagReader(const char *Cmd) {
         SendCommand(&c);
  
         UsbCommand resp;
         SendCommand(&c);
  
         UsbCommand resp;
-       WaitForResponse(CMD_ACK,&resp);
+       if (!WaitForResponseTimeout(CMD_ACK, &resp, 4000)) {
+               PrintAndLogEx(WARNING, "timeout while waiting for reply.");
+               return 1;
+       }
  
         // Check the return status, stored in the first argument
  
         // Check the return status, stored in the first argument
-       if (resp.arg[0] == false) return 1;
-       
+       if (resp.arg[0] == false)  {
+               PrintAndLogEx(DEBUG, "DEBUG: Error - hitag failed");
+               return 1;
+       }
+
         uint32_t id = bytes_to_num(resp.d.asBytes,4);
         uint32_t id = bytes_to_num(resp.d.asBytes,4);
-               
+
         if (htf == RHT2F_UID_ONLY){
                 PrintAndLog("Valid Hitag2 tag found - UID: %08x",id);
         } else {
         if (htf == RHT2F_UID_ONLY){
                 PrintAndLog("Valid Hitag2 tag found - UID: %08x",id);
         } else {
@@ -312,12 +377,11 @@ int CmdLFHitagReader(const char *Cmd) {
                 PrintAndLog("Succesfully saved tag memory to [%s]",filename);
         }
  
                 PrintAndLog("Succesfully saved tag memory to [%s]",filename);
         }
  
-
         return 0;
  }
  
  
         return 0;
  }
  
  
-int CmdLFHitagSimS(const char *Cmd) {
+static int CmdLFHitagSimS(const char *Cmd) {
         UsbCommand c = { CMD_SIMULATE_HITAG_S };
         char filename[FILE_PATH_SIZE] = { 0x00 };
         FILE* pf;
         UsbCommand c = { CMD_SIMULATE_HITAG_S };
         char filename[FILE_PATH_SIZE] = { 0x00 };
         FILE* pf;
@@ -350,7 +414,8 @@ int CmdLFHitagSimS(const char *Cmd) {
         return 0;
  }
  
         return 0;
  }
  
-int CmdLFHitagCheckChallenges(const char *Cmd) {
+
+static int CmdLFHitagCheckChallenges(const char *Cmd) {
         UsbCommand c = { CMD_TEST_HITAGS_TRACES };
         char filename[FILE_PATH_SIZE] = { 0x00 };
         FILE* pf;
         UsbCommand c = { CMD_TEST_HITAGS_TRACES };
         char filename[FILE_PATH_SIZE] = { 0x00 };
         FILE* pf;
@@ -358,7 +423,7 @@ int CmdLFHitagCheckChallenges(const char *Cmd) {
         int len = strlen(Cmd);
         if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;
         memcpy(filename, Cmd, len);
         int len = strlen(Cmd);
         if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;
         memcpy(filename, Cmd, len);
-       
+
         if (strlen(filename) > 0) {
                 if ((pf = fopen(filename,"rb+")) == NULL) {
                         PrintAndLog("Error: Could not open file [%s]",filename);
         if (strlen(filename) > 0) {
                 if ((pf = fopen(filename,"rb+")) == NULL) {
                         PrintAndLog("Error: Could not open file [%s]",filename);
@@ -369,87 +434,101 @@ int CmdLFHitagCheckChallenges(const char *Cmd) {
                         PrintAndLog("Error: File reading error");
                         fclose(pf);
                         return 1;
                         PrintAndLog("Error: File reading error");
                         fclose(pf);
                         return 1;
-        }
+               }
                 fclose(pf);
         } else {
                 file_given = false;
         }
                 fclose(pf);
         } else {
                 file_given = false;
         }
-       
+
         //file with all the challenges to try
         c.arg[0] = (uint32_t)file_given;
         c.arg[1] = param_get64ex(Cmd,2,0,0); //get mode
  
         //file with all the challenges to try
         c.arg[0] = (uint32_t)file_given;
         c.arg[1] = param_get64ex(Cmd,2,0,0); //get mode
  
-  SendCommand(&c);
-  return 0;
+       SendCommand(&c);
+       return 0;
  }
  
  
  }
  
  
-int CmdLFHitagWP(const char *Cmd) {
+static int CmdLFHitagWriter(const char *Cmd) {
         UsbCommand c = { CMD_WR_HITAG_S };
         hitag_data* htd = (hitag_data*)c.d.asBytes;
         hitag_function htf = param_get32ex(Cmd,0,0,10);
         switch (htf) {
         UsbCommand c = { CMD_WR_HITAG_S };
         hitag_data* htd = (hitag_data*)c.d.asBytes;
         hitag_function htf = param_get32ex(Cmd,0,0,10);
         switch (htf) {
-               case 03: { //WHTSF_CHALLENGE
+               case WHTSF_CHALLENGE: {
                         num_to_bytes(param_get64ex(Cmd,1,0,16),8,htd->auth.NrAr);
                         c.arg[2]= param_get32ex(Cmd, 2, 0, 10);
                         num_to_bytes(param_get32ex(Cmd,3,0,16),4,htd->auth.data);
                 } break;
                         num_to_bytes(param_get64ex(Cmd,1,0,16),8,htd->auth.NrAr);
                         c.arg[2]= param_get32ex(Cmd, 2, 0, 10);
                         num_to_bytes(param_get32ex(Cmd,3,0,16),4,htd->auth.data);
                 } break;
-               case 04:
-               case 24:
-               { //WHTSF_KEY
+               case WHTSF_KEY:
+               case WHT2F_CRYPTO: {
                         num_to_bytes(param_get64ex(Cmd,1,0,16),6,htd->crypto.key);
                         c.arg[2]= param_get32ex(Cmd, 2, 0, 10);
                         num_to_bytes(param_get32ex(Cmd,3,0,16),4,htd->crypto.data);
                         num_to_bytes(param_get64ex(Cmd,1,0,16),6,htd->crypto.key);
                         c.arg[2]= param_get32ex(Cmd, 2, 0, 10);
                         num_to_bytes(param_get32ex(Cmd,3,0,16),4,htd->crypto.data);
-
+               } break;
+               case WHT2F_PASSWORD: {
+                       num_to_bytes(param_get64ex(Cmd, 1, 0, 16), 4, htd->pwd.password);
+                       c.arg[2] = param_get32ex(Cmd, 2, 0, 10);
+                       num_to_bytes(param_get32ex(Cmd, 3, 0, 16), 4, htd->crypto.data);
                 } break;
                 default: {
                         PrintAndLog("Error: unkown writer function %d",htf);
                         PrintAndLog("Hitag writer functions");
                 } break;
                 default: {
                         PrintAndLog("Error: unkown writer function %d",htf);
                         PrintAndLog("Hitag writer functions");
-                       PrintAndLog(" HitagS (0*)");
-                       PrintAndLog("  03 <nr,ar> (Challenge) <page> <byte0...byte3> write page on a Hitag S tag");
-                       PrintAndLog("  04 <key> (set to 0 if no authentication is needed) <page> <byte0...byte3> write page on a Hitag S tag");
-                       PrintAndLog(" Hitag1 (1*)");
-                       PrintAndLog(" Hitag2 (2*)");
-                       PrintAndLog("  24 <key> (set to 0 if no authentication is needed) <page> <byte0...byte3> write page on a Hitag S tag");
+                       PrintAndLog("  HitagS (0*):");
+                       PrintAndLog("    03 <nr,ar> (Challenge) <page> <byte0...byte3> write page on a Hitag S tag");
+                       PrintAndLog("    04 <key> (set to 0 if no authentication is needed) <page> <byte0...byte3> write page on a Hitag S tag");
+                       PrintAndLog("  Hitag1 (1*)");
+                       PrintAndLog("    (not yet implemented)");
+                       PrintAndLog("  Hitag2 (2*):");
+                       PrintAndLog("    24 <key> (set to 0 if no authentication is needed) <page> <byte0...byte3> write page on a Hitag S tag");
+                       PrintAndLog("    27 <password> <page> <byte0...byte3> write page on a Hitag2 tag");
                         return 1;
                 } break;
         }
         // Copy the hitag function into the first argument
         c.arg[0] = htf;
  
                         return 1;
                 } break;
         }
         // Copy the hitag function into the first argument
         c.arg[0] = htf;
  
-  // Send the command to the proxmark
-  SendCommand(&c);
-  
-  UsbCommand resp;
-  WaitForResponse(CMD_ACK,&resp);
-  
-  // Check the return status, stored in the first argument
-  if (resp.arg[0] == false) return 1;
-  return 0;
+       // Send the command to the proxmark
+       SendCommand(&c);
+
+       UsbCommand resp;
+       if (!WaitForResponseTimeout(CMD_ACK, &resp, 4000)) {
+               PrintAndLogEx(WARNING, "timeout while waiting for reply.");
+               return 1;
+       }
+
+       // Check the return status, stored in the first argument
+       if (resp.arg[0] == false) {
+               PrintAndLogEx(DEBUG, "DEBUG: Error - hitag write failed");
+               return 1;
+       }
+       return 0;
  }
  
  
  }
  
  
-static command_t CommandTable[] = 
+static int CmdHelp(const char *Cmd);
+
+static command_t CommandTable[] =
  {
  {
-  {"help",             CmdHelp,           1, "This help"},
-  {"list",             CmdLFHitagList,    1, "<outfile> List Hitag trace history"},
-  {"reader",           CmdLFHitagReader,  1, "Act like a Hitag Reader"},
-  {"sim",              CmdLFHitagSim,     1, "<infile> Simulate Hitag transponder"},
-  {"snoop",            CmdLFHitagSnoop,   1, "Eavesdrop Hitag communication"},
-  {"writer",                   CmdLFHitagWP,      1, "Act like a Hitag Writer" },
-  {"simS",             CmdLFHitagSimS,    1, "<hitagS.hts> Simulate HitagS transponder" }, 
-  {"checkChallenges",  CmdLFHitagCheckChallenges,   1, "<challenges.cc> <tagmode> test all challenges" }, {
-                               NULL,NULL, 0, NULL }
+       {"help",             CmdHelp,                   1, "This help"},
+       {"list",             CmdLFHitagList,            0, "<outfile> List Hitag trace history"},
+       {"info",             CmdLFHitagInfo,            0, "Tag information" },
+       {"reader",           CmdLFHitagReader,          0, "Act like a Hitag Reader"},
+       {"sim",              CmdLFHitagSim,             0, "Simulate Hitag transponder"},
+       {"snoop",            CmdLFHitagSnoop,           0, "Eavesdrop Hitag communication"},
+       {"writer",           CmdLFHitagWriter,          0, "Act like a Hitag Writer" },
+       {"simS",             CmdLFHitagSimS,            0, "Simulate HitagS transponder" },
+       {"checkChallenges",  CmdLFHitagCheckChallenges, 0, "Test challenges from a file" },
+       { NULL,              NULL,                      0, NULL }
  };
  
  };
  
-int CmdLFHitag(const char *Cmd)
-{
-  CmdsParse(CommandTable, Cmd);
-  return 0;
+
+static int CmdHelp(const char *Cmd) {
+       CmdsHelp(CommandTable);
+       return 0;
  }
  
  }
  
-int CmdHelp(const char *Cmd)
-{
-  CmdsHelp(CommandTable);
-  return 0;
+
+int CmdLFHitag(const char *Cmd) {
+       CmdsParse(CommandTable, Cmd);
+       return 0;
  }
  }