[proxmark3-svn] / armsrc / mifaredesfire.c

#include "mifaredesfire.h"

#define MAX_APPLICATION_COUNT 28
#define MAX_FILE_COUNT 16
#define MAX_FRAME_SIZE 60
#define NOT_YET_AUTHENTICATED 255
#define FRAME_PAYLOAD_SIZE (MAX_FRAME_SIZE - 5)

// the block number for the ISO14443-4 PCB
uint8_t pcb_blocknum = 0;
// Deselect card by sending a s-block. the crc is precalced for speed
static  uint8_t deselect_cmd[] = {0xc2,0xe0,0xb4};

//static uint8_t __msg[MAX_FRAME_SIZE] = { 0x0A, 0x00, 0x00, /* ..., */ 0x00 };
/*                                       PCB   CID   CMD    PAYLOAD    */
//static uint8_t __res[MAX_FRAME_SIZE];

bool InitDesfireCard(){

	// Make sure it is off.
//	FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
//	SpinDelay(300);
	
	byte_t cardbuf[USB_CMD_DATA_SIZE];
	memset(cardbuf,0,sizeof(cardbuf));
	
	iso14a_set_tracing(TRUE);
	iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
	
	iso14a_card_select_t *card = (iso14a_card_select_t*)cardbuf;
	int len = iso14443a_select_card(NULL,card,NULL);

	if (!len) {
		if (MF_DBGLEVEL >= 1) {
			Dbprintf("Can't select card");
		}
		OnError();
		return false;
	}
	return true;
}

// ARG0 flag enums
enum  {
 NONE		= 	0x00,
 INIT 		=	0x01,
 DISCONNECT =	0x02,
 FOO		= 	0x04,
 BAR		= 	0x08,
} CmdOptions ;

void MifareSendCommand(uint8_t arg0, uint8_t arg1, uint8_t *datain){
	
	/* ARG0 contains flags.
		0x01 = init card.
		0x02 = No Disconnect
		0x03
	*/
	uint8_t flags = arg0;
	size_t datalen = arg1;
	uint8_t resp[RECV_RES_SIZE];
	memset(resp,0,sizeof(resp));
	
	if (MF_DBGLEVEL >= 4) {
		Dbprintf(" flags : %02X", flags);
		Dbprintf(" len   : %02X", datalen);
		print_result(" RX    : ", datain, datalen);
	}
	
	if ( flags & INIT ){
		if ( !InitDesfireCard() )
			return;
	}
	
	int len = DesfireAPDU(datain, datalen, resp);
	print_result(" <--: ", resp, len);	
	if ( !len ) {
		if (MF_DBGLEVEL >= 4) {
			print_result("ERR <--: ", resp, len);	
		}
		OnError();
		return;
	}
	
	// reset the pcb_blocknum,
	pcb_blocknum = 0;
	
	if ( flags & DISCONNECT )
		OnSuccess();
	
	cmd_send(CMD_ACK,1,len,0,resp,len);
}

void MifareDesfireGetInformation(){
		
	int len = 0;
	uint8_t resp[USB_CMD_DATA_SIZE];
	uint8_t dataout[USB_CMD_DATA_SIZE];
	byte_t cardbuf[USB_CMD_DATA_SIZE];
	
	memset(resp,0,sizeof(resp));
	memset(dataout,0, sizeof(dataout));
	memset(cardbuf,0,sizeof(cardbuf));
	
	/*
		1 = PCB					1
		2 = cid					2
		3 = desfire command		3 
		4-5 = crc				4  key
								5-6 crc								
		PCB == 0x0A because sending CID byte.
		CID == 0x00 first card?		
	*/
	iso14a_clear_trace();
	iso14a_set_tracing(TRUE);
	iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);

	// card select - information
	iso14a_card_select_t *card = (iso14a_card_select_t*)cardbuf;
	byte_t isOK = iso14443a_select_card(NULL, card, NULL);
	if (isOK != 1) {
		if (MF_DBGLEVEL >= 1) {
			Dbprintf("Can't select card");
		}
		OnError();
		return;
	}

	memcpy(dataout,card->uid,7);

	LED_A_ON();
	LED_B_OFF();
	LED_C_OFF();
	
	uint8_t cmd[] = {GET_VERSION};	
	size_t cmd_len = sizeof(cmd);
	
	len =  DesfireAPDU(cmd, cmd_len, resp);
	if ( !len ) {
		print_result("ERROR <--: ", resp, len);	
		OnError();
		return;
	}
	
	LED_A_OFF();
	LED_B_ON();
	memcpy(dataout+7,resp+3,7);
	
	// ADDITION_FRAME 1
	cmd[0] = ADDITIONAL_FRAME;
	len =  DesfireAPDU(cmd, cmd_len, resp);
	if ( !len ) {
		print_result("ERROR <--: ", resp, len);	
		OnError();
		return;
	}	
	
	LED_B_OFF();
	LED_C_ON();
	memcpy(dataout+7+7,resp+3,7);

	// ADDITION_FRAME 2
	len =  DesfireAPDU(cmd, cmd_len, resp);
	if ( !len ) {
		print_result("ERROR <--: ", resp, len);	
		OnError();
		return;
	}
	
	memcpy(dataout+7+7+7,resp+3,14);
	
	cmd_send(CMD_ACK,1,0,0,dataout,sizeof(dataout));
		
	// reset the pcb_blocknum,
	pcb_blocknum = 0;
	OnSuccess();
}

void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno,  uint8_t *datain){

	uint8_t null_key_data[8] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
	//uint8_t new_key_data[8]  = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 };
	int res = 0;
	
	desfirekey_t default_key = Desfire_des_key_new_with_version (null_key_data);

	// res = Desfire_select_application (tags[i], aid);
	if (res < 0) {
		print_result("default key: ", default_key->data, 24 );
		return;
	}
				
	return;
	//                pcb  cid  cmd               key   crc1  cr2   	
	//uint8_t cmd2[] = {0x02,0x00,GET_KEY_VERSION, 0x00, 0x00, 0x00 };

	//uint8_t* bigbuffer = mifare_get_bigbufptr();
	byte_t isOK = 1;
	uint8_t resp[256];
	uint8_t key[24];
	uint8_t IV[16];
Commit	Line	Data
f38a1528	1	#include "mifaredesfire.h"
	2
	3	#define MAX_APPLICATION_COUNT 28
	4	#define MAX_FILE_COUNT 16
	5	#define MAX_FRAME_SIZE 60
	6	#define NOT_YET_AUTHENTICATED 255
	7	#define FRAME_PAYLOAD_SIZE (MAX_FRAME_SIZE - 5)
	8
313ee67e	9	// the block number for the ISO14443-4 PCB
	10	uint8_t pcb_blocknum = 0;
	11	// Deselect card by sending a s-block. the crc is precalced for speed
	12	static uint8_t deselect_cmd[] = {0xc2,0xe0,0xb4};
	13
f38a1528	14	//static uint8_t __msg[MAX_FRAME_SIZE] = { 0x0A, 0x00, 0x00, /* ..., */ 0x00 };
	15	/* PCB CID CMD PAYLOAD */
	16	//static uint8_t __res[MAX_FRAME_SIZE];
	17
313ee67e	18	bool InitDesfireCard(){
	19
	20	// Make sure it is off.
	21	// FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
	22	// SpinDelay(300);
	23
	24	byte_t cardbuf[USB_CMD_DATA_SIZE];
	25	memset(cardbuf,0,sizeof(cardbuf));
	26
	27	iso14a_set_tracing(TRUE);
	28	iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
f38a1528	29
313ee67e	30	iso14a_card_select_t card = (iso14a_card_select_t)cardbuf;
313ee67e	31	int len = iso14443a_select_card(NULL,card,NULL);
f38a1528	32
313ee67e	33	if (!len) {
	34	if (MF_DBGLEVEL >= 1) {
	35	Dbprintf("Can't select card");
	36	}
	37	OnError();
	38	return false;
	39	}
	40	return true;
	41	}
	42
75465377	43	// ARG0 flag enums
	44	enum {
	45	NONE = 0x00,
	46	INIT = 0x01,
	47	DISCONNECT = 0x02,
	48	FOO = 0x04,
	49	BAR = 0x08,
	50	} CmdOptions ;
	51
313ee67e	52	void MifareSendCommand(uint8_t arg0, uint8_t arg1, uint8_t *datain){
	53
	54	/* ARG0 contains flags.
	55	0x01 = init card.
75465377	56	0x02 = No Disconnect
313ee67e	57	0x03
	58	*/
	59	uint8_t flags = arg0;
	60	size_t datalen = arg1;
f38a1528	61	uint8_t resp[RECV_RES_SIZE];
313ee67e	62	memset(resp,0,sizeof(resp));
	63
	64	if (MF_DBGLEVEL >= 4) {
75465377	65	Dbprintf(" flags : %02X", flags);
	66	Dbprintf(" len : %02X", datalen);
	67	print_result(" RX : ", datain, datalen);
313ee67e	68	}
313ee67e	69
75465377	70	if ( flags & INIT ){
313ee67e	71	if ( !InitDesfireCard() )
	72	return;
	73	}
	74
	75	int len = DesfireAPDU(datain, datalen, resp);
75465377	76	print_result(" <--: ", resp, len);
313ee67e	77	if ( !len ) {
	78	if (MF_DBGLEVEL >= 4) {
	79	print_result("ERR <--: ", resp, len);
	80	}
	81	OnError();
	82	return;
	83	}
313ee67e	84
75465377	85	// reset the pcb_blocknum,
	86	pcb_blocknum = 0;
	87
	88	if ( flags & DISCONNECT )
	89	OnSuccess();
	90
	91	cmd_send(CMD_ACK,1,len,0,resp,len);
313ee67e	92	}
	93
	94	void MifareDesfireGetInformation(){
	95
	96	int len = 0;
	97	uint8_t resp[USB_CMD_DATA_SIZE];
	98	uint8_t dataout[USB_CMD_DATA_SIZE];
	99	byte_t cardbuf[USB_CMD_DATA_SIZE];
f38a1528	100
	101	memset(resp,0,sizeof(resp));
	102	memset(dataout,0, sizeof(dataout));
313ee67e	103	memset(cardbuf,0,sizeof(cardbuf));
f38a1528	104
	105	/*
	106	1 = PCB 1
	107	2 = cid 2
	108	3 = desfire command 3
	109	4-5 = crc 4 key
313ee67e	110	5-6 crc
f38a1528	111	PCB == 0x0A because sending CID byte.
313ee67e	112	CID == 0x00 first card?
f38a1528	113	*/
f38a1528	114	iso14a_clear_trace();
	115	iso14a_set_tracing(TRUE);
	116	iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
	117
	118	// card select - information
313ee67e	119	iso14a_card_select_t card = (iso14a_card_select_t)cardbuf;
f38a1528	120	byte_t isOK = iso14443a_select_card(NULL, card, NULL);
	121	if (isOK != 1) {
	122	if (MF_DBGLEVEL >= 1) {
	123	Dbprintf("Can't select card");
	124	}
	125	OnError();
	126	return;
	127	}
	128
f38a1528	129	memcpy(dataout,card->uid,7);
	130
	131	LED_A_ON();
	132	LED_B_OFF();
	133	LED_C_OFF();
	134
313ee67e	135	uint8_t cmd[] = {GET_VERSION};
	136	size_t cmd_len = sizeof(cmd);
	137
	138	len = DesfireAPDU(cmd, cmd_len, resp);
	139	if ( !len ) {
f38a1528	140	print_result("ERROR <--: ", resp, len);
	141	OnError();
	142	return;
	143	}
313ee67e	144
	145	LED_A_OFF();
	146	LED_B_ON();
f38a1528	147	memcpy(dataout+7,resp+3,7);
	148
	149	// ADDITION_FRAME 1
313ee67e	150	cmd[0] = ADDITIONAL_FRAME;
	151	len = DesfireAPDU(cmd, cmd_len, resp);
	152	if ( !len ) {
f38a1528	153	print_result("ERROR <--: ", resp, len);
	154	OnError();
	155	return;
	156	}
313ee67e	157
	158	LED_B_OFF();
	159	LED_C_ON();
f38a1528	160	memcpy(dataout+7+7,resp+3,7);
	161
	162	// ADDITION_FRAME 2
313ee67e	163	len = DesfireAPDU(cmd, cmd_len, resp);
313ee67e	164	if ( !len ) {
f38a1528	165	print_result("ERROR <--: ", resp, len);
	166	OnError();
	167	return;
	168	}
	169
	170	memcpy(dataout+7+7+7,resp+3,14);
	171
f38a1528	172	cmd_send(CMD_ACK,1,0,0,dataout,sizeof(dataout));
313ee67e	173
	174	// reset the pcb_blocknum,
	175	pcb_blocknum = 0;
f38a1528	176	OnSuccess();
	177	}
	178
	179	void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain){
	180
	181	uint8_t null_key_data[8] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
b44e5233	182	//uint8_t new_key_data[8] = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 };
b44e5233	183	int res = 0;
f38a1528	184
b44e5233	185	desfirekey_t default_key = Desfire_des_key_new_with_version (null_key_data);
f38a1528	186
b44e5233	187	// res = Desfire_select_application (tags[i], aid);
f38a1528	188	if (res < 0) {
b44e5233	189	print_result("default key: ", default_key->data, 24 );
b44e5233	190	return;
f38a1528	191	}
	192
	193	return;
	194	// pcb cid cmd key crc1 cr2
	195	//uint8_t cmd2[] = {0x02,0x00,GET_KEY_VERSION, 0x00, 0x00, 0x00 };
	196
	197	//uint8_t* bigbuffer = mifare_get_bigbufptr();
	198	byte_t isOK = 1;
	199	uint8_t resp[256];
	200	uint8_t key[24];
	201	uint8_t IV[16];
	202
	203