]> git.zerfleddert.de Git - proxmark3-svn/blame - client/scripting.c
Update cmdhf14a.c
[proxmark3-svn] / client / scripting.c
CommitLineData
5b760b6c 1//-----------------------------------------------------------------------------
2// Copyright (C) 2013 m h swende <martin at swende.se>
3//
4// This code is licensed to you under the terms of the GNU GPL, version 2 or,
5// at your option, any later version. See the LICENSE.txt file for the text of
6// the license.
7//-----------------------------------------------------------------------------
8// Some lua scripting glue to proxmark core.
9//-----------------------------------------------------------------------------
10
7779d73c 11#include "scripting.h"
12
06919754 13#include <stdlib.h>
5b760b6c 14#include <lua.h>
15#include <lualib.h>
16#include <lauxlib.h>
17#include "proxmark3.h"
18#include "usb_cmd.h"
19#include "cmdmain.h"
44fffc54 20#include "util.h"
7779d73c 21#include "mifarehost.h"
77cd612f 22#include "../common/iso15693tools.h"
be2d41b7 23#include "iso14443crc.h"
b915fda3 24#include "../common/crc16.h"
d730878d 25#include "../common/crc64.h"
1c4c0b06 26#include "../common/sha1.h"
1f6417a9 27#include "aes.h"
2e163546 28#include "cmdcrc.h"
5b760b6c 29/**
30 * The following params expected:
31 * UsbCommand c
32 *@brief l_SendCommand
33 * @param L
34 * @return
35 */
36static int l_SendCommand(lua_State *L){
37
d730878d 38 /*
39 *
40 The SendCommand (native) expects the following structure:
41
42 typedef struct {
43 uint64_t cmd; //8 bytes
44 uint64_t arg[3]; // 8*3 bytes = 24 bytes
45 union {
46 uint8_t asBytes[USB_CMD_DATA_SIZE]; // 1 byte * 512 = 512 bytes (OR)
47 uint32_t asDwords[USB_CMD_DATA_SIZE/4]; // 4 byte * 128 = 512 bytes
48 } d;
49 } PACKED UsbCommand;
50
51 ==> A 544 byte buffer will do.
52 **/
53 //Pop cmd
54 size_t size;
55 const char *data = luaL_checklstring(L, 1, &size);
56 if(size != sizeof(UsbCommand))
57 {
58 printf("Got data size %d, expected %d" , (int) size,(int) sizeof(UsbCommand));
59 lua_pushstring(L,"Wrong data size");
60 return 1;
61 }
96e7a3a5 62
63// UsbCommand c = (*data);
d730878d 64 SendCommand((UsbCommand* )data);
65 return 0; // no return values
5b760b6c 66}
67/**
68 * @brief The following params expected:
69 * uint32_t cmd
70 * size_t ms_timeout
71 * @param L
72 * @return
73 */
74static int l_WaitForResponseTimeout(lua_State *L){
75
d730878d 76 uint32_t cmd = 0;
77 size_t ms_timeout = -1;
78
79 //Check number of arguments
80 int n = lua_gettop(L);
81 if(n == 0)
82 {
83 //signal error by returning Nil, errorstring
84 lua_pushnil(L);
85 lua_pushstring(L,"You need to supply at least command to wait for");
86 return 2; // two return values
87 }
88 if(n >= 1)
89 {
90 //pop cmd
91 cmd = luaL_checkunsigned(L,1);
92 }
93 if(n >= 2)
94 {
95 //Did the user send a timeout ?
96 //Check if the current top of stack is an integer
97 ms_timeout = luaL_checkunsigned(L,2);
98 //printf("Timeout set to %dms\n" , (int) ms_timeout);
99 }
100
101 UsbCommand response;
102
103 if(WaitForResponseTimeout(cmd, &response, ms_timeout))
104 {
105 //Push it as a string
106 lua_pushlstring(L,(const char *)&response,sizeof(UsbCommand));
107
108 return 1;// return 1 to signal one return value
109 }else{
110 //Push a Nil instead
111 lua_pushnil(L);
112 return 1;// one return value
113 }
5b760b6c 114}
2dcdf1a6 115
116static int returnToLuaWithError(lua_State *L, const char* fmt, ...)
117{
d730878d 118 char buffer[200];
119 va_list args;
120 va_start(args,fmt);
121 vsnprintf(buffer, sizeof(buffer), fmt,args);
122 va_end(args);
123
124 lua_pushnil(L);
125 lua_pushstring(L,buffer);
126 return 2;
2dcdf1a6 127}
128
7779d73c 129static int l_mfDarkside(lua_State *L){
2dcdf1a6 130
7779d73c 131 uint64_t key;
132
133 int retval = mfDarkside(&key);
134
d730878d 135 //Push the retval on the stack
7779d73c 136 lua_pushinteger(L, retval);
2dcdf1a6 137
d730878d 138 //Push the key onto the stack
139 uint8_t dest_key[8];
7779d73c 140 num_to_bytes(key, sizeof(dest_key), dest_key);
b9697139 141
43534cba 142 //printf("Pushing to lua stack: %012" PRIx64 "\n",key);
7779d73c 143 lua_pushlstring(L,(const char *)dest_key, sizeof(dest_key));
2dcdf1a6 144
d730878d 145 return 2; //Two return values
2dcdf1a6 146}
7779d73c 147
42daa759 148//static int l_PrintAndLog(lua_State *L){ return CmdHF14AMfDump(luaL_checkstring(L, 1));}
7779d73c 149
44fffc54 150static int l_clearCommandBuffer(lua_State *L){
d730878d 151 clearCommandBuffer();
152 return 0;
44fffc54 153}
154/**
155 * @brief l_foobar is a dummy function to test lua-integration with
156 * @param L
157 * @return
158 */
159static int l_foobar(lua_State *L)
160{
d730878d 161 //Check number of arguments
162 int n = lua_gettop(L);
163 printf("foobar called with %d arguments" , n);
164 lua_settop(L, 0);
165 printf("Arguments discarded, stack now contains %d elements", lua_gettop(L));
166
167 // todo: this is not used, where was it intended for?
168 // UsbCommand response = {CMD_MIFARE_READBL, {1337, 1338, 1339}};
169
170 printf("Now returning a uint64_t as a string");
171 uint64_t x = 0xDEADBEEF;
172 uint8_t destination[8];
173 num_to_bytes(x,sizeof(x),destination);
174 lua_pushlstring(L,(const char *)&x,sizeof(x));
175 lua_pushlstring(L,(const char *)destination,sizeof(destination));
176
177 return 2;
44fffc54 178}
179
2dcdf1a6 180
44fffc54 181/**
182 * @brief Utility to check if a key has been pressed by the user. This method does not block.
183 * @param L
184 * @return boolean, true if kbhit, false otherwise.
185 */
186static int l_ukbhit(lua_State *L)
187{
d730878d 188 lua_pushboolean(L,ukbhit() ? true : false);
189 return 1;
44fffc54 190}
0a85b725 191/**
192 * @brief Calls the command line parser to deal with the command. This enables
193 * lua-scripts to do stuff like "core.console('hf mf mifare')"
194 * @param L
195 * @return
196 */
197static int l_CmdConsole(lua_State *L)
198{
d730878d 199 CommandReceived((char *)luaL_checkstring(L, 1));
200 return 0;
0a85b725 201}
202
77cd612f 203static int l_iso15693_crc(lua_State *L)
204{
d730878d 205 // uint16_t Iso15693Crc(uint8_t *v, int n);
206 size_t size;
207 const char *v = luaL_checklstring(L, 1, &size);
208 uint16_t retval = Iso15693Crc((uint8_t *) v, size);
209 lua_pushinteger(L, (int) retval);
210 return 1;
77cd612f 211}
5b760b6c 212
be2d41b7 213static int l_iso14443b_crc(lua_State *L)
214{
215 /* void ComputeCrc14443(int CrcType,
216 const unsigned char *Data, int Length,
217 unsigned char *TransmitFirst,
218 unsigned char *TransmitSecond)
219 */
220 unsigned char buf[USB_CMD_DATA_SIZE];
221 size_t len = 0;
222 const char *data = luaL_checklstring(L, 1, &len);
223 if (USB_CMD_DATA_SIZE < len)
224 len = USB_CMD_DATA_SIZE-2;
225
226 for (int i = 0; i < len; i += 2) {
227 sscanf(&data[i], "%02x", (unsigned int *)&buf[i / 2]);
228 }
229 ComputeCrc14443(CRC_14443_B, buf, len, &buf[len], &buf[len+1]);
230
231 lua_pushlstring(L, (const char *)&buf, len+2);
232 return 1;
233}
b915fda3 234/*
235 Simple AES 128 cbc hook up to OpenSSL.
236 params: key, input
237*/
1c4c0b06 238static int l_aes128decrypt_cbc(lua_State *L)
b915fda3 239{
240 //Check number of arguments
241 int i;
d730878d 242 size_t size;
243 const char *p_key = luaL_checklstring(L, 1, &size);
244 if(size != 32) return returnToLuaWithError(L,"Wrong size of key, got %d bytes, expected 32", (int) size);
245
246 const char *p_encTxt = luaL_checklstring(L, 2, &size);
b915fda3 247
1f6417a9
MHS
248 unsigned char indata[16] = {0x00};
249 unsigned char outdata[16] = {0x00};
d730878d 250 unsigned char aes_key[16] = {0x00};
1f6417a9 251 unsigned char iv[16] = {0x00};
d730878d 252
253 // convert key to bytearray and convert input to bytearray
b915fda3 254 for (i = 0; i < 32; i += 2) {
255 sscanf(&p_encTxt[i], "%02x", (unsigned int *)&indata[i / 2]);
d730878d 256 sscanf(&p_key[i], "%02x", (unsigned int *)&aes_key[i / 2]);
b915fda3 257 }
d730878d 258
259 aes_context ctx;
260 aes_init(&ctx);
261 aes_setkey_dec(&ctx, aes_key, 128);
262 aes_crypt_cbc(&ctx,AES_DECRYPT,sizeof(indata), iv, indata,outdata );
263 //Push decrypted array as a string
264 lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
265 return 1;// return 1 to signal one return value
266}
1c4c0b06 267static int l_aes128decrypt_ecb(lua_State *L)
268{
269 //Check number of arguments
270 int i;
271 size_t size;
272 const char *p_key = luaL_checklstring(L, 1, &size);
273 if(size != 32) return returnToLuaWithError(L,"Wrong size of key, got %d bytes, expected 32", (int) size);
274
275 const char *p_encTxt = luaL_checklstring(L, 2, &size);
276
277 unsigned char indata[16] = {0x00};
278 unsigned char outdata[16] = {0x00};
279 unsigned char aes_key[16] = {0x00};
280
281 // convert key to bytearray and convert input to bytearray
282 for (i = 0; i < 32; i += 2) {
283 sscanf(&p_encTxt[i], "%02x", (unsigned int *)&indata[i / 2]);
284 sscanf(&p_key[i], "%02x", (unsigned int *)&aes_key[i / 2]);
285 }
286 aes_context ctx;
287 aes_init(&ctx);
288 aes_setkey_dec(&ctx, aes_key, 128);
289 aes_crypt_ecb(&ctx, AES_DECRYPT, indata, outdata );
290
291 //Push decrypted array as a string
292 lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
293 return 1;// return 1 to signal one return value
294}
295
296static int l_aes128encrypt_cbc(lua_State *L)
d730878d 297{
298 //Check number of arguments
299 int i;
300 size_t size;
301 const char *p_key = luaL_checklstring(L, 1, &size);
302 if(size != 32) return returnToLuaWithError(L,"Wrong size of key, got %d bytes, expected 32", (int) size);
303
304 const char *p_txt = luaL_checklstring(L, 2, &size);
305
306 unsigned char indata[16] = {0x00};
307 unsigned char outdata[16] = {0x00};
308 unsigned char aes_key[16] = {0x00};
309 unsigned char iv[16] = {0x00};
b915fda3 310
b915fda3 311 for (i = 0; i < 32; i += 2) {
d730878d 312 sscanf(&p_txt[i], "%02x", (unsigned int *)&indata[i / 2]);
b915fda3 313 sscanf(&p_key[i], "%02x", (unsigned int *)&aes_key[i / 2]);
314 }
1f6417a9 315
d730878d 316 aes_context ctx;
317 aes_init(&ctx);
318 aes_setkey_enc(&ctx, aes_key, 128);
319 aes_crypt_cbc(&ctx, AES_ENCRYPT, sizeof(indata), iv, indata, outdata );
320 //Push encrypted array as a string
b915fda3 321 lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
322 return 1;// return 1 to signal one return value
323}
324
1c4c0b06 325static int l_aes128encrypt_ecb(lua_State *L)
326{
327 //Check number of arguments
328 int i;
329 size_t size;
330 const char *p_key = luaL_checklstring(L, 1, &size);
331 if(size != 32) return returnToLuaWithError(L,"Wrong size of key, got %d bytes, expected 32", (int) size);
332
333 const char *p_txt = luaL_checklstring(L, 2, &size);
334
335 unsigned char indata[16] = {0x00};
336 unsigned char outdata[16] = {0x00};
337 unsigned char aes_key[16] = {0x00};
338
339 for (i = 0; i < 32; i += 2) {
340 sscanf(&p_txt[i], "%02x", (unsigned int *)&indata[i / 2]);
341 sscanf(&p_key[i], "%02x", (unsigned int *)&aes_key[i / 2]);
342 }
343 aes_context ctx;
344 aes_init(&ctx);
345 aes_setkey_enc(&ctx, aes_key, 128);
346 aes_crypt_ecb(&ctx, AES_ENCRYPT, indata, outdata );
347 //Push encrypted array as a string
348 lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
349 return 1;// return 1 to signal one return value
350}
351
b915fda3 352static int l_crc16(lua_State *L)
353{
354 size_t size;
355 const char *p_str = luaL_checklstring(L, 1, &size);
d730878d 356
b915fda3 357 uint16_t retval = crc16_ccitt( (uint8_t*) p_str, size);
d730878d 358 lua_pushinteger(L, (int) retval);
359 return 1;
360}
361
362static int l_crc64(lua_State *L)
363{
364 size_t size;
365 uint64_t crc = 0;
366 unsigned char outdata[8] = {0x00};
367
368 const char *p_str = luaL_checklstring(L, 1, &size);
369
370 crc64( (uint8_t*) p_str, size, &crc);
371
372 outdata[0] = (uint8_t)(crc >> 56) & 0xff;
373 outdata[1] = (uint8_t)(crc >> 48) & 0xff;
374 outdata[2] = (uint8_t)(crc >> 40) & 0xff;
375 outdata[3] = (uint8_t)(crc >> 32) & 0xff;
376 outdata[4] = (uint8_t)(crc >> 24) & 0xff;
377 outdata[5] = (uint8_t)(crc >> 16) & 0xff;
378 outdata[6] = (uint8_t)(crc >> 8) & 0xff;
379 outdata[7] = crc & 0xff;
380 lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
381 return 1;
b915fda3 382}
383
1c4c0b06 384static int l_sha1(lua_State *L)
385{
386 size_t size;
387 const char *p_str = luaL_checklstring(L, 1, &size);
388 unsigned char outdata[20] = {0x00};
389 sha1( (uint8_t*) p_str, size, outdata);
390 lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
391 return 1;
392}
393
2e163546 394static int l_reveng_models(lua_State *L){
395
396 char *models[80];
397 int count = 0;
53ee28cb 398 int in_width = luaL_checkinteger(L, 1);
2e163546 399
400 if( in_width > 89 ) return returnToLuaWithError(L,"Width cannot exceed 89, got %d", in_width);
401
d2219cae 402 uint8_t width[80];
403 width[0] = (uint8_t)in_width;
404 int ans = GetModels(models, &count, width);
2e163546 405 if (!ans) return 0;
406
407 lua_newtable(L);
408
409 for (int i = 0; i < count; i++){
410 lua_pushstring(L, (const char*)models[i]);
411 lua_rawseti(L,-2,i+1);
412 free(models[i]);
413 }
414
415 return 1;
416}
417
53ee28cb 418//Called with 4 parameters.
419// inModel ,string containing the crc model name: 'CRC-8'
420// inHexStr ,string containing the hex representation of the data that will be used for CRC calculations.
421// reverse ,int 0/1 (bool) if 1, calculate the reverse CRC
422// endian ,char, 'B','b','L','l','t','r' describing if Big-Endian or Little-Endian should be used in different combinations.
423//
424// outputs: string with hex representation of the CRC result
2e163546 425static int l_reveng_RunModel(lua_State *L){
426 //-c || -v
427 //inModel = valid model name string - CRC-8
428 //inHexStr = input hex string to calculate crc on
429 //reverse = reverse calc option if true
430 //endian = {0 = calc default endian input and output, b = big endian input and output, B = big endian output, r = right justified
431 // l = little endian input and output, L = little endian output only, t = left justified}
432 //result = calculated crc hex string
433 char result[50];
434
53ee28cb 435 const char *inModel = luaL_checkstring(L, 1);
436 const char *inHexStr = luaL_checkstring(L, 2);
437 bool reverse = lua_toboolean(L, 3);
438 const char endian = luaL_checkstring(L, 4)[0];
2e163546 439
440 //PrintAndLog("mod: %s, hex: %s, rev %d", inModel, inHexStr, reverse);
441 //int RunModel(char *inModel, char *inHexStr, bool reverse, char endian, char *result)
53ee28cb 442 int ans = RunModel( (char *)inModel, (char *)inHexStr, reverse, endian, result);
2e163546 443 if (!ans)
444 return returnToLuaWithError(L,"Reveng failed");
445
446 lua_pushstring(L, (const char*)result);
447 return 1;
448}
449
686f0a17 450/**
451 * @brief Sets the lua path to include "./lualibs/?.lua", in order for a script to be
452 * able to do "require('foobar')" if foobar.lua is within lualibs folder.
453 * Taken from http://stackoverflow.com/questions/4125971/setting-the-global-lua-path-variable-from-c-c
454 * @param L
455 * @param path
456 * @return
457 */
458int setLuaPath( lua_State* L, const char* path )
459{
d730878d 460 lua_getglobal( L, "package" );
461 lua_getfield( L, -1, "path" ); // get field "path" from table at top of stack (-1)
462 const char* cur_path = lua_tostring( L, -1 ); // grab path string from top of stack
463 int requiredLength = strlen(cur_path)+ strlen(path)+10; //A few bytes too many, whatever we can afford it
464 char * buf = malloc(requiredLength);
465 snprintf(buf, requiredLength, "%s;%s", cur_path, path);
466 lua_pop( L, 1 ); // get rid of the string on the stack we just pushed on line 5
467 lua_pushstring( L, buf ); // push the new one
468 lua_setfield( L, -2, "path" ); // set the field "path" in table at -2 with value at top of stack
469 lua_pop( L, 1 ); // get rid of package table from top of stack
470 free(buf);
471 return 0; // all done!
686f0a17 472}
473
474
f057bddb 475int set_pm3_libraries(lua_State *L)
5b760b6c 476{
686f0a17 477
d730878d 478 static const luaL_Reg libs[] = {
479 {"SendCommand", l_SendCommand},
480 {"WaitForResponseTimeout", l_WaitForResponseTimeout},
7779d73c 481 {"mfDarkside", l_mfDarkside},
d730878d 482 //{"PrintAndLog", l_PrintAndLog},
483 {"foobar", l_foobar},
484 {"ukbhit", l_ukbhit},
485 {"clearCommandBuffer", l_clearCommandBuffer},
486 {"console", l_CmdConsole},
487 {"iso15693_crc", l_iso15693_crc},
be2d41b7 488 {"iso14443b_crc", l_iso14443b_crc},
1c4c0b06 489 {"aes128_decrypt", l_aes128decrypt_cbc},
490 {"aes128_decrypt_ecb", l_aes128decrypt_ecb},
491 {"aes128_encrypt", l_aes128encrypt_cbc},
492 {"aes128_encrypt_ecb", l_aes128encrypt_ecb},
b915fda3 493 {"crc16", l_crc16},
d730878d 494 {"crc64", l_crc64},
1c4c0b06 495 {"sha1", l_sha1},
2e163546 496 {"reveng_models", l_reveng_models},
497 {"reveng_runmodel", l_reveng_RunModel},
d730878d 498 {NULL, NULL}
499 };
500
501 lua_pushglobaltable(L);
502 // Core library is in this table. Contains '
503 //this is 'pm3' table
504 lua_newtable(L);
505
506 //Put the function into the hash table.
507 for (int i = 0; libs[i].name; i++) {
508 lua_pushcfunction(L, libs[i].func);
509 lua_setfield(L, -2, libs[i].name);//set the name, pop stack
510 }
511 //Name of 'core'
512 lua_setfield(L, -2, "core");
513
514 //-- remove the global environment table from the stack
515 lua_pop(L, 1);
516
517 //-- Last but not least, add to the LUA_PATH (package.path in lua)
518 // so we can load libraries from the ./lualib/ - directory
4197a3f6 519 char libraries_path[strlen(get_my_executable_directory()) + strlen(LUA_LIBRARIES_DIRECTORY) + strlen(LUA_LIBRARIES_WILDCARD) + 1];
520 strcpy(libraries_path, get_my_executable_directory());
521 strcat(libraries_path, LUA_LIBRARIES_DIRECTORY);
522 strcat(libraries_path, LUA_LIBRARIES_WILDCARD);
523 setLuaPath(L, libraries_path);
d730878d 524
525 return 1;
5b760b6c 526}
Impressum, Datenschutz