]> git.zerfleddert.de Git - proxmark3-svn/blame - common/protocols.c
fix memory overflow in hf mf nested (issue #479)
[proxmark3-svn] / common / protocols.c
CommitLineData
1defcf60 1#include <string.h>
b67f7ec3
MHS
2#include <stdint.h>
3#include <stdarg.h>
1defcf60 4#include "protocols.h"
3606ac0a 5
6// ATA55xx shared presets & routines
7uint32_t GetT55xxClockBit(uint32_t clock) {
8 switch (clock) {
9 case 128:
10 return T55x7_BITRATE_RF_128;
11 case 100:
12 return T55x7_BITRATE_RF_100;
13 case 64:
14 return T55x7_BITRATE_RF_64;
15 case 50:
16 return T55x7_BITRATE_RF_50;
17 case 40:
18 return T55x7_BITRATE_RF_40;
19 case 32:
20 return T55x7_BITRATE_RF_32;
21 case 16:
22 return T55x7_BITRATE_RF_16;
23 case 8:
24 return T55x7_BITRATE_RF_8;
25 default:
26 return 0;
27 }
28}
29
1defcf60
MHS
30#ifndef ON_DEVICE
31#include "ui.h"
32#define prnt PrintAndLog
b67f7ec3 33
3606ac0a 34// iclass / picopass chip config structures and shared routines
b67f7ec3 35typedef struct {
b82d8098 36 uint8_t app_limit; //[8]
37 uint8_t otp[2]; //[9-10]
38 uint8_t block_writelock;//[11]
39 uint8_t chip_config; //[12]
40 uint8_t mem_config; //[13]
41 uint8_t eas; //[14]
42 uint8_t fuses; //[15]
3606ac0a 43} picopass_conf_block;
b67f7ec3
MHS
44
45typedef struct {
46 uint8_t csn[8];
47 picopass_conf_block conf;
48 uint8_t epurse[8];
49 uint8_t key_d[8];
50 uint8_t key_c[8];
51 uint8_t app_issuer_area[8];
3606ac0a 52} picopass_hdr;
b67f7ec3 53
3606ac0a 54uint8_t isset(uint8_t val, uint8_t mask) {
b67f7ec3
MHS
55 return (val & mask);
56}
57
3606ac0a 58uint8_t notset(uint8_t val, uint8_t mask) {
b67f7ec3
MHS
59 return !(val & mask);
60}
61
3606ac0a 62void fuse_config(const picopass_hdr *hdr) {
b67f7ec3
MHS
63 uint8_t fuses = hdr->conf.fuses;
64
67e344df 65 if (isset(fuses,FUSE_FPERS))prnt(" Mode: Personalization [Programmable]");
66 else prnt(" Mode: Application [Locked]");
b67f7ec3
MHS
67
68 if (isset(fuses, FUSE_CODING1))
67e344df 69 prnt("Coding: RFU");
b67f7ec3
MHS
70 else
71 {
67e344df 72 if( isset( fuses , FUSE_CODING0)) prnt("Coding: ISO 14443-2 B/ISO 15693");
73 else prnt("Coding: ISO 14443B only");
b67f7ec3 74 }
67e344df 75 if( isset (fuses,FUSE_CRYPT1 | FUSE_CRYPT0 )) prnt(" Crypt: Secured page, keys not locked");
76 if( isset (fuses,FUSE_CRYPT1) && notset( fuses, FUSE_CRYPT0 )) prnt(" Crypt: Secured page, keys not locked");
77 if( notset (fuses,FUSE_CRYPT1) && isset( fuses, FUSE_CRYPT0 )) prnt(" Crypt: Non secured page");
78 if( notset (fuses,FUSE_CRYPT1) && notset( fuses, FUSE_CRYPT0 )) prnt(" Crypt: No auth possible. Read only if RA is enabled");
b67f7ec3 79
67e344df 80 if( isset( fuses, FUSE_RA)) prnt(" RA: Read access enabled");
81 else prnt(" RA: Read access not enabled");
b67f7ec3 82}
b82d8098 83
bbd19bec 84void getMemConfig(uint8_t mem_cfg, uint8_t chip_cfg, uint8_t *max_blk, uint8_t *app_areas, uint8_t *kb) {
b82d8098 85 // mem-bit 5, mem-bit 7, chip-bit 4: defines chip type
86 if(isset(chip_cfg, 0x10) && notset(mem_cfg, 0x80) && notset(mem_cfg, 0x20)) {
bbd19bec 87 *kb = 2;
88 *app_areas = 2;
89 *max_blk = 31;
b82d8098 90 } else if(isset(chip_cfg, 0x10) && isset(mem_cfg, 0x80) && notset(mem_cfg, 0x20)) {
bbd19bec 91 *kb = 16;
92 *app_areas = 2;
93 *max_blk = 255; //16kb
b82d8098 94 } else if(notset(chip_cfg, 0x10) && notset(mem_cfg, 0x80) && notset(mem_cfg, 0x20)) {
bbd19bec 95 *kb = 16;
96 *app_areas = 16;
97 *max_blk = 255; //16kb
b82d8098 98 } else if(isset(chip_cfg, 0x10) && isset(mem_cfg, 0x80) && isset(mem_cfg, 0x20)) {
bbd19bec 99 *kb = 32;
100 *app_areas = 3;
101 *max_blk = 255; //16kb
b82d8098 102 } else if(notset(chip_cfg, 0x10) && notset(mem_cfg, 0x80) && isset(mem_cfg, 0x20)) {
bbd19bec 103 *kb = 32;
104 *app_areas = 17;
105 *max_blk = 255; //16kb
b82d8098 106 } else {
bbd19bec 107 *kb = 32;
108 *app_areas = 2;
109 *max_blk = 255;
b82d8098 110 }
111}
112
3606ac0a 113void mem_app_config(const picopass_hdr *hdr) {
b67f7ec3 114 uint8_t mem = hdr->conf.mem_config;
b82d8098 115 uint8_t chip = hdr->conf.chip_config;
b67f7ec3 116 uint8_t applimit = hdr->conf.app_limit;
aa53efc3 117 if (applimit < 6) applimit = 26;
b82d8098 118 uint8_t kb = 2;
bbd19bec 119 uint8_t app_areas = 2;
b82d8098 120 uint8_t max_blk = 31;
bbd19bec 121 getMemConfig(mem, chip, &max_blk, &app_areas, &kb);
67e344df 122 prnt(" Mem: %u KBits/%u App Areas (%u * 8 bytes) [%02X]", kb, app_areas, max_blk, mem);
123 prnt(" AA1: blocks 06-%02X", applimit);
124 prnt(" AA2: blocks %02X-%02X", applimit+1, max_blk);
b67f7ec3 125}
3606ac0a 126void print_picopass_info(const picopass_hdr *hdr) {
b67f7ec3 127 fuse_config(hdr);
aa53efc3 128 mem_app_config(hdr);
b67f7ec3 129}
3606ac0a 130void printIclassDumpInfo(uint8_t* iclass_dump) {
1defcf60
MHS
131 print_picopass_info((picopass_hdr *) iclass_dump);
132}
133
134/*
3606ac0a 135void test() {
b67f7ec3
MHS
136 picopass_hdr hdr = {0x27,0xaf,0x48,0x01,0xf9,0xff,0x12,0xe0,0x12,0xff,0xff,0xff,0x7f,0x1f,0xff,0x3c};
137 prnt("Picopass configuration:");
138 print_picopass_info(&hdr);
139}
3606ac0a 140int main(int argc, char *argv[]) {
b67f7ec3
MHS
141 test();
142 return 0;
143}
1defcf60 144*/
3606ac0a 145
146#endif
147//ON_DEVICE
Impressum, Datenschutz