]>
git.zerfleddert.de Git - proxmark3-svn/blob - client/scripting.c
1 //-----------------------------------------------------------------------------
2 // Copyright (C) 2013 m h swende <martin at swende.se>
4 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
5 // at your option, any later version. See the LICENSE.txt file for the text of
7 //-----------------------------------------------------------------------------
8 // Some lua scripting glue to proxmark core.
9 //-----------------------------------------------------------------------------
11 #include "scripting.h"
17 #include "proxmark3.h"
21 #include "mifarehost.h"
22 #include "../common/iso15693tools.h"
23 #include "iso14443crc.h"
24 #include "../common/crc16.h"
25 #include "../common/crc64.h"
26 #include "../common/polarssl/sha1.h"
27 #include "../common/polarssl/aes.h"
30 * The following params expected:
36 static int l_SendCommand(lua_State
*L
){
40 The SendCommand (native) expects the following structure:
43 uint64_t cmd; //8 bytes
44 uint64_t arg[3]; // 8*3 bytes = 24 bytes
46 uint8_t asBytes[USB_CMD_DATA_SIZE]; // 1 byte * 512 = 512 bytes (OR)
47 uint32_t asDwords[USB_CMD_DATA_SIZE/4]; // 4 byte * 128 = 512 bytes
51 ==> A 544 byte buffer will do.
55 const char *data
= luaL_checklstring(L
, 1, &size
);
56 if(size
!= sizeof(UsbCommand
))
58 printf("Got data size %d, expected %d" , (int) size
,(int) sizeof(UsbCommand
));
59 lua_pushstring(L
,"Wrong data size");
63 // UsbCommand c = (*data);
64 SendCommand((UsbCommand
* )data
);
65 return 0; // no return values
68 * @brief The following params expected:
74 static int l_WaitForResponseTimeout(lua_State
*L
){
77 size_t ms_timeout
= -1;
79 //Check number of arguments
80 int n
= lua_gettop(L
);
83 //signal error by returning Nil, errorstring
85 lua_pushstring(L
,"You need to supply at least command to wait for");
86 return 2; // two return values
91 cmd
= luaL_checkunsigned(L
,1);
95 //Did the user send a timeout ?
96 //Check if the current top of stack is an integer
97 ms_timeout
= luaL_checkunsigned(L
,2);
98 //printf("Timeout set to %dms\n" , (int) ms_timeout);
103 if(WaitForResponseTimeout(cmd
, &response
, ms_timeout
))
105 //Push it as a string
106 lua_pushlstring(L
,(const char *)&response
,sizeof(UsbCommand
));
108 return 1;// return 1 to signal one return value
112 return 1;// one return value
116 static int returnToLuaWithError(lua_State
*L
, const char* fmt
, ...)
121 vsnprintf(buffer
, sizeof(buffer
), fmt
,args
);
125 lua_pushstring(L
,buffer
);
129 static int l_mfDarkside(lua_State
*L
){
133 int retval
= mfDarkside(&key
);
135 //Push the retval on the stack
136 lua_pushinteger(L
, retval
);
138 //Push the key onto the stack
140 num_to_bytes(key
, sizeof(dest_key
), dest_key
);
142 //printf("Pushing to lua stack: %012" PRIx64 "\n",key);
143 lua_pushlstring(L
,(const char *)dest_key
, sizeof(dest_key
));
145 return 2; //Two return values
148 //static int l_PrintAndLog(lua_State *L){ return CmdHF14AMfDump(luaL_checkstring(L, 1));}
150 static int l_clearCommandBuffer(lua_State
*L
){
151 clearCommandBuffer();
155 * @brief l_foobar is a dummy function to test lua-integration with
159 static int l_foobar(lua_State
*L
)
161 //Check number of arguments
162 int n
= lua_gettop(L
);
163 printf("foobar called with %d arguments" , n
);
165 printf("Arguments discarded, stack now contains %d elements", lua_gettop(L
));
167 // todo: this is not used, where was it intended for?
168 // UsbCommand response = {CMD_MIFARE_READBL, {1337, 1338, 1339}};
170 printf("Now returning a uint64_t as a string");
171 uint64_t x
= 0xDEADBEEF;
172 uint8_t destination
[8];
173 num_to_bytes(x
,sizeof(x
),destination
);
174 lua_pushlstring(L
,(const char *)&x
,sizeof(x
));
175 lua_pushlstring(L
,(const char *)destination
,sizeof(destination
));
182 * @brief Utility to check if a key has been pressed by the user. This method does not block.
184 * @return boolean, true if kbhit, false otherwise.
186 static int l_ukbhit(lua_State
*L
)
188 lua_pushboolean(L
,ukbhit() ? true : false);
192 * @brief Calls the command line parser to deal with the command. This enables
193 * lua-scripts to do stuff like "core.console('hf mf mifare')"
197 static int l_CmdConsole(lua_State
*L
)
199 CommandReceived((char *)luaL_checkstring(L
, 1));
203 static int l_iso15693_crc(lua_State
*L
)
205 // uint16_t Iso15693Crc(uint8_t *v, int n);
207 const char *v
= luaL_checklstring(L
, 1, &size
);
208 uint16_t retval
= Iso15693Crc((uint8_t *) v
, size
);
209 lua_pushinteger(L
, (int) retval
);
213 static int l_iso14443b_crc(lua_State
*L
)
215 /* void ComputeCrc14443(int CrcType,
216 const unsigned char *Data, int Length,
217 unsigned char *TransmitFirst,
218 unsigned char *TransmitSecond)
220 unsigned char buf
[USB_CMD_DATA_SIZE
];
222 const char *data
= luaL_checklstring(L
, 1, &len
);
223 if (USB_CMD_DATA_SIZE
< len
)
224 len
= USB_CMD_DATA_SIZE
-2;
226 for (int i
= 0; i
< len
; i
+= 2) {
227 sscanf(&data
[i
], "%02x", (unsigned int *)&buf
[i
/ 2]);
229 ComputeCrc14443(CRC_14443_B
, buf
, len
, &buf
[len
], &buf
[len
+1]);
231 lua_pushlstring(L
, (const char *)&buf
, len
+2);
235 Simple AES 128 cbc hook up to OpenSSL.
238 static int l_aes128decrypt_cbc(lua_State
*L
)
240 //Check number of arguments
243 const char *p_key
= luaL_checklstring(L
, 1, &size
);
244 if(size
!= 32) return returnToLuaWithError(L
,"Wrong size of key, got %d bytes, expected 32", (int) size
);
246 const char *p_encTxt
= luaL_checklstring(L
, 2, &size
);
248 unsigned char indata
[16] = {0x00};
249 unsigned char outdata
[16] = {0x00};
250 unsigned char aes_key
[16] = {0x00};
251 unsigned char iv
[16] = {0x00};
253 // convert key to bytearray and convert input to bytearray
254 for (i
= 0; i
< 32; i
+= 2) {
255 sscanf(&p_encTxt
[i
], "%02x", (unsigned int *)&indata
[i
/ 2]);
256 sscanf(&p_key
[i
], "%02x", (unsigned int *)&aes_key
[i
/ 2]);
261 aes_setkey_dec(&ctx
, aes_key
, 128);
262 aes_crypt_cbc(&ctx
,AES_DECRYPT
,sizeof(indata
), iv
, indata
,outdata
);
263 //Push decrypted array as a string
264 lua_pushlstring(L
,(const char *)&outdata
, sizeof(outdata
));
265 return 1;// return 1 to signal one return value
267 static int l_aes128decrypt_ecb(lua_State
*L
)
269 //Check number of arguments
272 const char *p_key
= luaL_checklstring(L
, 1, &size
);
273 if(size
!= 32) return returnToLuaWithError(L
,"Wrong size of key, got %d bytes, expected 32", (int) size
);
275 const char *p_encTxt
= luaL_checklstring(L
, 2, &size
);
277 unsigned char indata
[16] = {0x00};
278 unsigned char outdata
[16] = {0x00};
279 unsigned char aes_key
[16] = {0x00};
281 // convert key to bytearray and convert input to bytearray
282 for (i
= 0; i
< 32; i
+= 2) {
283 sscanf(&p_encTxt
[i
], "%02x", (unsigned int *)&indata
[i
/ 2]);
284 sscanf(&p_key
[i
], "%02x", (unsigned int *)&aes_key
[i
/ 2]);
288 aes_setkey_dec(&ctx
, aes_key
, 128);
289 aes_crypt_ecb(&ctx
, AES_DECRYPT
, indata
, outdata
);
291 //Push decrypted array as a string
292 lua_pushlstring(L
,(const char *)&outdata
, sizeof(outdata
));
293 return 1;// return 1 to signal one return value
296 static int l_aes128encrypt_cbc(lua_State
*L
)
298 //Check number of arguments
301 const char *p_key
= luaL_checklstring(L
, 1, &size
);
302 if(size
!= 32) return returnToLuaWithError(L
,"Wrong size of key, got %d bytes, expected 32", (int) size
);
304 const char *p_txt
= luaL_checklstring(L
, 2, &size
);
306 unsigned char indata
[16] = {0x00};
307 unsigned char outdata
[16] = {0x00};
308 unsigned char aes_key
[16] = {0x00};
309 unsigned char iv
[16] = {0x00};
311 for (i
= 0; i
< 32; i
+= 2) {
312 sscanf(&p_txt
[i
], "%02x", (unsigned int *)&indata
[i
/ 2]);
313 sscanf(&p_key
[i
], "%02x", (unsigned int *)&aes_key
[i
/ 2]);
318 aes_setkey_enc(&ctx
, aes_key
, 128);
319 aes_crypt_cbc(&ctx
, AES_ENCRYPT
, sizeof(indata
), iv
, indata
, outdata
);
320 //Push encrypted array as a string
321 lua_pushlstring(L
,(const char *)&outdata
, sizeof(outdata
));
322 return 1;// return 1 to signal one return value
325 static int l_aes128encrypt_ecb(lua_State
*L
)
327 //Check number of arguments
330 const char *p_key
= luaL_checklstring(L
, 1, &size
);
331 if(size
!= 32) return returnToLuaWithError(L
,"Wrong size of key, got %d bytes, expected 32", (int) size
);
333 const char *p_txt
= luaL_checklstring(L
, 2, &size
);
335 unsigned char indata
[16] = {0x00};
336 unsigned char outdata
[16] = {0x00};
337 unsigned char aes_key
[16] = {0x00};
339 for (i
= 0; i
< 32; i
+= 2) {
340 sscanf(&p_txt
[i
], "%02x", (unsigned int *)&indata
[i
/ 2]);
341 sscanf(&p_key
[i
], "%02x", (unsigned int *)&aes_key
[i
/ 2]);
345 aes_setkey_enc(&ctx
, aes_key
, 128);
346 aes_crypt_ecb(&ctx
, AES_ENCRYPT
, indata
, outdata
);
347 //Push encrypted array as a string
348 lua_pushlstring(L
,(const char *)&outdata
, sizeof(outdata
));
349 return 1;// return 1 to signal one return value
352 static int l_crc16(lua_State
*L
)
355 const char *p_str
= luaL_checklstring(L
, 1, &size
);
357 uint16_t retval
= crc16_ccitt( (uint8_t*) p_str
, size
);
358 lua_pushinteger(L
, (int) retval
);
362 static int l_crc64(lua_State
*L
)
366 unsigned char outdata
[8] = {0x00};
368 const char *p_str
= luaL_checklstring(L
, 1, &size
);
370 crc64( (uint8_t*) p_str
, size
, &crc
);
372 outdata
[0] = (uint8_t)(crc
>> 56) & 0xff;
373 outdata
[1] = (uint8_t)(crc
>> 48) & 0xff;
374 outdata
[2] = (uint8_t)(crc
>> 40) & 0xff;
375 outdata
[3] = (uint8_t)(crc
>> 32) & 0xff;
376 outdata
[4] = (uint8_t)(crc
>> 24) & 0xff;
377 outdata
[5] = (uint8_t)(crc
>> 16) & 0xff;
378 outdata
[6] = (uint8_t)(crc
>> 8) & 0xff;
379 outdata
[7] = crc
& 0xff;
380 lua_pushlstring(L
,(const char *)&outdata
, sizeof(outdata
));
384 static int l_sha1(lua_State
*L
)
387 const char *p_str
= luaL_checklstring(L
, 1, &size
);
388 unsigned char outdata
[20] = {0x00};
389 sha1( (uint8_t*) p_str
, size
, outdata
);
390 lua_pushlstring(L
,(const char *)&outdata
, sizeof(outdata
));
394 static int l_reveng_models(lua_State
*L
){
398 int in_width
= luaL_checkinteger(L
, 1);
400 if( in_width
> 89 ) return returnToLuaWithError(L
,"Width cannot exceed 89, got %d", in_width
);
403 width
[0] = (uint8_t)in_width
;
404 int ans
= GetModels(models
, &count
, width
);
409 for (int i
= 0; i
< count
; i
++){
410 lua_pushstring(L
, (const char*)models
[i
]);
411 lua_rawseti(L
,-2,i
+1);
418 //Called with 4 parameters.
419 // inModel ,string containing the crc model name: 'CRC-8'
420 // inHexStr ,string containing the hex representation of the data that will be used for CRC calculations.
421 // reverse ,int 0/1 (bool) if 1, calculate the reverse CRC
422 // endian ,char, 'B','b','L','l','t','r' describing if Big-Endian or Little-Endian should be used in different combinations.
424 // outputs: string with hex representation of the CRC result
425 static int l_reveng_RunModel(lua_State
*L
){
427 //inModel = valid model name string - CRC-8
428 //inHexStr = input hex string to calculate crc on
429 //reverse = reverse calc option if true
430 //endian = {0 = calc default endian input and output, b = big endian input and output, B = big endian output, r = right justified
431 // l = little endian input and output, L = little endian output only, t = left justified}
432 //result = calculated crc hex string
435 const char *inModel
= luaL_checkstring(L
, 1);
436 const char *inHexStr
= luaL_checkstring(L
, 2);
437 bool reverse
= lua_toboolean(L
, 3);
438 const char endian
= luaL_checkstring(L
, 4)[0];
440 //PrintAndLog("mod: %s, hex: %s, rev %d", inModel, inHexStr, reverse);
441 //int RunModel(char *inModel, char *inHexStr, bool reverse, char endian, char *result)
442 int ans
= RunModel( (char *)inModel
, (char *)inHexStr
, reverse
, endian
, result
);
444 return returnToLuaWithError(L
,"Reveng failed");
446 lua_pushstring(L
, (const char*)result
);
451 * @brief Sets the lua path to include "./lualibs/?.lua", in order for a script to be
452 * able to do "require('foobar')" if foobar.lua is within lualibs folder.
453 * Taken from http://stackoverflow.com/questions/4125971/setting-the-global-lua-path-variable-from-c-c
458 int setLuaPath( lua_State
* L
, const char* path
)
460 lua_getglobal( L
, "package" );
461 lua_getfield( L
, -1, "path" ); // get field "path" from table at top of stack (-1)
462 const char* cur_path
= lua_tostring( L
, -1 ); // grab path string from top of stack
463 int requiredLength
= strlen(cur_path
)+ strlen(path
)+10; //A few bytes too many, whatever we can afford it
464 char * buf
= malloc(requiredLength
);
465 snprintf(buf
, requiredLength
, "%s;%s", cur_path
, path
);
466 lua_pop( L
, 1 ); // get rid of the string on the stack we just pushed on line 5
467 lua_pushstring( L
, buf
); // push the new one
468 lua_setfield( L
, -2, "path" ); // set the field "path" in table at -2 with value at top of stack
469 lua_pop( L
, 1 ); // get rid of package table from top of stack
471 return 0; // all done!
475 int set_pm3_libraries(lua_State
*L
)
478 static const luaL_Reg libs
[] = {
479 {"SendCommand", l_SendCommand
},
480 {"WaitForResponseTimeout", l_WaitForResponseTimeout
},
481 {"mfDarkside", l_mfDarkside
},
482 //{"PrintAndLog", l_PrintAndLog},
483 {"foobar", l_foobar
},
484 {"ukbhit", l_ukbhit
},
485 {"clearCommandBuffer", l_clearCommandBuffer
},
486 {"console", l_CmdConsole
},
487 {"iso15693_crc", l_iso15693_crc
},
488 {"iso14443b_crc", l_iso14443b_crc
},
489 {"aes128_decrypt", l_aes128decrypt_cbc
},
490 {"aes128_decrypt_ecb", l_aes128decrypt_ecb
},
491 {"aes128_encrypt", l_aes128encrypt_cbc
},
492 {"aes128_encrypt_ecb", l_aes128encrypt_ecb
},
496 {"reveng_models", l_reveng_models
},
497 {"reveng_runmodel", l_reveng_RunModel
},
501 lua_pushglobaltable(L
);
502 // Core library is in this table. Contains '
503 //this is 'pm3' table
506 //Put the function into the hash table.
507 for (int i
= 0; libs
[i
].name
; i
++) {
508 lua_pushcfunction(L
, libs
[i
].func
);
509 lua_setfield(L
, -2, libs
[i
].name
);//set the name, pop stack
512 lua_setfield(L
, -2, "core");
514 //-- remove the global environment table from the stack
517 //-- Last but not least, add to the LUA_PATH (package.path in lua)
518 // so we can load libraries from the ./lualib/ - directory
519 char libraries_path
[strlen(get_my_executable_directory()) + strlen(LUA_LIBRARIES_DIRECTORY
) + strlen(LUA_LIBRARIES_WILDCARD
) + 1];
520 strcpy(libraries_path
, get_my_executable_directory());
521 strcat(libraries_path
, LUA_LIBRARIES_DIRECTORY
);
522 strcat(libraries_path
, LUA_LIBRARIES_WILDCARD
);
523 setLuaPath(L
, libraries_path
);