]> git.zerfleddert.de Git - proxmark3-svn/blobdiff - client/emv/cmdemv.c
projects / proxmark3-svn / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add hf list 15 (#754)
[proxmark3-svn] / client / emv / cmdemv.c
diff --git a/client/emv/cmdemv.c b/client/emv/cmdemv.c
index b188555e3d0a350349d3ed9d12fb48fbf5931cad..d9a43cb9a305fa972372720601934386490fec24 100644 (file)
--- a/client/emv/cmdemv.c
+++ b/client/emv/cmdemv.c
@@ -1,5 +1,5 @@
 //-----------------------------------------------------------------------------
 //-----------------------------------------------------------------------------
-// Copyright (C) 2017 Merlok
+// Copyright (C) 2017, 2018 Merlok
 //
 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
 // at your option, any later version. See the LICENSE.txt file for the text of
 //
 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
 // at your option, any later version. See the LICENSE.txt file for the text of
@@ -8,95 +8,82 @@
 // EMV commands
 //-----------------------------------------------------------------------------
 
 // EMV commands
 //-----------------------------------------------------------------------------
 
+#include <ctype.h>
+#include "mifare.h"
 #include "cmdemv.h"
 #include "cmdemv.h"
+#include "emvjson.h"
+#include "emv_pki.h"
+#include "test/cryptotest.h"
+#include "cliparser/cliparser.h"
+#include <jansson.h>
 
 
-int UsageCmdHFEMVSelect(void) {
-       PrintAndLog("HELP :  Executes select applet command:\n");
-       PrintAndLog("Usage:  hf emv select [-s][-k][-a][-t] <HEX applet AID>\n");
-       PrintAndLog("  Options:");
-       PrintAndLog("  -s       : select card");
-       PrintAndLog("  -k       : keep field for next command");
-       PrintAndLog("  -a       : show APDU reqests and responses\n");
-       PrintAndLog("  -t       : TLV decode results\n");
-       PrintAndLog("Samples:");
-       PrintAndLog(" hf emv select -s a00000000101 -> select card, select applet");
-       PrintAndLog(" hf emv select -s -t a00000000101 -> select card, select applet, show result in TLV");
-       return 0;
+#define TLV_ADD(tag, value)( tlvdb_change_or_add_node(tlvRoot, tag, sizeof(value) - 1, (const unsigned char *)value) )
+void ParamLoadDefaults(struct tlvdb *tlvRoot) {
+       //9F02:(Amount, authorized (Numeric)) len:6
+       TLV_ADD(0x9F02, "\x00\x00\x00\x00\x01\x00");
+       //9F1A:(Terminal Country Code) len:2
+       TLV_ADD(0x9F1A, "ru");
+       //5F2A:(Transaction Currency Code) len:2
+       // USD 840, EUR 978, RUR 810, RUB 643, RUR 810(old), UAH 980, AZN 031, n/a 999
+       TLV_ADD(0x5F2A, "\x09\x80");
+       //9A:(Transaction Date) len:3
+       TLV_ADD(0x9A,   "\x00\x00\x00");
+       //9C:(Transaction Type) len:1   |  00 => Goods and service #01 => Cash
+       TLV_ADD(0x9C,   "\x00");
+       // 9F37 Unpredictable Number len:4
+       TLV_ADD(0x9F37, "\x01\x02\x03\x04");
+       // 9F6A Unpredictable Number (MSD for UDOL) len:4
+       TLV_ADD(0x9F6A, "\x01\x02\x03\x04");
+       //9F66:(Terminal Transaction Qualifiers (TTQ)) len:4
+       TLV_ADD(0x9F66, "\x26\x00\x00\x00"); // qVSDC
 }
 
 }
 
-int CmdHFEMVSelect(const char *cmd) {
+int CmdEMVSelect(const char *cmd) {
        uint8_t data[APDU_AID_LEN] = {0};
        int datalen = 0;
        uint8_t data[APDU_AID_LEN] = {0};
        int datalen = 0;
-       bool activateField = false;
-       bool leaveSignalON = false;
-       bool decodeTLV = false;
-
-       if (strlen(cmd) < 1) {
-               UsageCmdHFEMVSelect();
-               return 0;
-       }
-       
-       SetAPDULogging(false);
-       
-       int cmdp = 0;
-       while(param_getchar(cmd, cmdp) != 0x00) {
-               char c = param_getchar(cmd, cmdp);
-               if ((c == '-') && (param_getlength(cmd, cmdp) == 2))
-                       switch (param_getchar_indx(cmd, 1, cmdp)) {
-                               case 'h':
-                               case 'H':
-                                       UsageCmdHFEMVSelect();
-                                       return 0;
-                               case 's':
-                               case 'S':
-                                       activateField = true;
-                                       break;
-                               case 'k':
-                               case 'K':
-                                       leaveSignalON = true;
-                                       break;
-                               case 'a':
-                               case 'A':
-                                       SetAPDULogging(true);
-                                       break;
-                               case 't':
-                               case 'T':
-                                       decodeTLV = true;
-                                       break;
-                               default:
-                                       PrintAndLog("Unknown parameter '%c'", param_getchar_indx(cmd, 1, cmdp));
-                                       return 1;
-               }
 
 
-               if (isxdigit(c)) {
-                       switch(param_gethex_to_eol(cmd, cmdp, data, sizeof(data), &datalen)) {
-                       case 1:
-                               PrintAndLog("Invalid HEX value.");
-                               return 1;
-                       case 2:
-                               PrintAndLog("AID too large.");
-                               return 1;
-                       case 3:
-                               PrintAndLog("Hex must have even number of digits.");
-                               return 1;
-                       }
-                       
-                       // we get all the hex to end of line with spaces
-                       break;
-               }
+       CLIParserInit("emv select", 
+               "Executes select applet command", 
+               "Usage:\n\temv select -s a00000000101 -> select card, select applet\n\temv select -st a00000000101 -> select card, select applet, show result in TLV\n");
 
 
-
-               cmdp++;
-       }
+       void* argtable[] = {
+               arg_param_begin,
+               arg_lit0("sS",  "select",  "activate field and select card"),
+               arg_lit0("kK",  "keep",    "keep field for next command"),
+               arg_lit0("aA",  "apdu",    "show APDU reqests and responses"),
+               arg_lit0("tT",  "tlv",     "TLV decode results"),
+#ifdef WITH_SMARTCARD
+               arg_lit0("wW",  "wired",   "Send data via contact (iso7816) interface. Contactless interface set by default."),
+#endif
+               arg_strx0(NULL,  NULL,     "<HEX applet AID>", NULL),
+               arg_param_end
+       };
+       CLIExecWithReturn(cmd, argtable, true);
+       
+       bool activateField = arg_get_lit(1);
+       bool leaveSignalON = arg_get_lit(2);
+       bool APDULogging = arg_get_lit(3);
+       bool decodeTLV = arg_get_lit(4);
+       EMVCommandChannel channel = ECC_CONTACTLESS;
+#ifdef WITH_SMARTCARD
+       if (arg_get_lit(5))
+               channel = ECC_CONTACT;
+       CLIGetHexWithReturn(6, data, &datalen);
+#else
+       CLIGetHexWithReturn(5, data, &datalen);
+#endif
+       CLIParserFree();
+       
+       SetAPDULogging(APDULogging);
        
        // exec
        uint8_t buf[APDU_RES_LEN] = {0};
        size_t len = 0;
        uint16_t sw = 0;
        
        // exec
        uint8_t buf[APDU_RES_LEN] = {0};
        size_t len = 0;
        uint16_t sw = 0;
-       int res = EMVSelect(activateField, leaveSignalON, data, datalen, buf, sizeof(buf), &len, &sw, NULL);
+       int res = EMVSelect(channel, activateField, leaveSignalON, data, datalen, buf, sizeof(buf), &len, &sw, NULL);
 
        if (sw)
 
        if (sw)
-               PrintAndLog("APDU response status: %04x - %s", sw, GetAPDUCodeDescription(sw >> 8, sw & 0xff)); 
+               PrintAndLogEx(INFO, "APDU response status: %04x - %s", sw, GetAPDUCodeDescription(sw >> 8, sw & 0xff)); 
        
        if (res)
                return res;
        
        if (res)
                return res;
@@ -107,75 +94,48 @@ int CmdHFEMVSelect(const char *cmd) {
        return 0;
 }
 
        return 0;
 }
 
-int UsageCmdHFEMVSearch(void) {
-       PrintAndLog("HELP :  Tries to select all applets from applet list:\n");
-       PrintAndLog("Usage:  hf emv search [-s][-k][-a][-t]\n");
-       PrintAndLog("  Options:");
-       PrintAndLog("  -s       : select card");
-       PrintAndLog("  -k       : keep field for next command");
-       PrintAndLog("  -a       : show APDU reqests and responses\n");
-       PrintAndLog("  -t       : TLV decode results of selected applets\n");
-       PrintAndLog("Samples:");
-       PrintAndLog(" hf emv search -s -> select card and search");
-       PrintAndLog(" hf emv search -s -t -> select card, search and show result in TLV");
-       return 0;
-}
+int CmdEMVSearch(const char *cmd) {
 
 
-int CmdHFEMVSearch(const char *cmd) {
-
-       bool activateField = false;
-       bool leaveSignalON = false;
-       bool decodeTLV = false;
-
-       if (strlen(cmd) < 1) {
-               UsageCmdHFEMVSearch();
-               return 0;
-       }
-       
-       SetAPDULogging(false);
-       
-       int cmdp = 0;
-       while(param_getchar(cmd, cmdp) != 0x00) {
-               char c = param_getchar(cmd, cmdp);
-               if ((c == '-') && (param_getlength(cmd, cmdp) == 2))
-                       switch (param_getchar_indx(cmd, 1, cmdp)) {
-                               case 'h':
-                               case 'H':
-                                       UsageCmdHFEMVSearch();
-                                       return 0;
-                               case 's':
-                               case 'S':
-                                       activateField = true;
-                                       break;
-                               case 'k':
-                               case 'K':
-                                       leaveSignalON = true;
-                                       break;
-                               case 'a':
-                               case 'A':
-                                       SetAPDULogging(true);
-                                       break;
-                               case 't':
-                               case 'T':
-                                       decodeTLV = true;
-                                       break;
-                               default:
-                                       PrintAndLog("Unknown parameter '%c'", param_getchar_indx(cmd, 1, cmdp));
-                                       return 1;
-               }
-               cmdp++;
-       }
+       CLIParserInit("emv search", 
+               "Tries to select all applets from applet list:\n", 
+               "Usage:\n\temv search -s -> select card and search\n\temv search -st -> select card, search and show result in TLV\n");
 
 
+       void* argtable[] = {
+               arg_param_begin,
+               arg_lit0("sS",  "select",  "activate field and select card"),
+               arg_lit0("kK",  "keep",    "keep field ON for next command"),
+               arg_lit0("aA",  "apdu",    "show APDU reqests and responses"),
+               arg_lit0("tT",  "tlv",     "TLV decode results of selected applets"),
+#ifdef WITH_SMARTCARD
+               arg_lit0("wW",  "wired",   "Send data via contact (iso7816) interface. Contactless interface set by default."),
+#endif
+               arg_param_end
+       };
+       CLIExecWithReturn(cmd, argtable, true);
+       
+       bool activateField = arg_get_lit(1);
+       bool leaveSignalON = arg_get_lit(2);
+       bool APDULogging = arg_get_lit(3);
+       bool decodeTLV = arg_get_lit(4);
+       EMVCommandChannel channel = ECC_CONTACTLESS;
+#ifdef WITH_SMARTCARD  
+       if (arg_get_lit(5))
+               channel = ECC_CONTACT;
+#endif
+       CLIParserFree();
+       
+       SetAPDULogging(APDULogging);
+       
        struct tlvdb *t = NULL;
        const char *al = "Applets list";
        t = tlvdb_fixed(1, strlen(al), (const unsigned char *)al);
 
        struct tlvdb *t = NULL;
        const char *al = "Applets list";
        t = tlvdb_fixed(1, strlen(al), (const unsigned char *)al);
 
-       if (EMVSearch(activateField, leaveSignalON, decodeTLV, t)) {
+       if (EMVSearch(channel, activateField, leaveSignalON, decodeTLV, t)) {
                tlvdb_free(t);
                return 2;
        }
        
                tlvdb_free(t);
                return 2;
        }
        
-       PrintAndLog("Search completed.");
+       PrintAndLogEx(SUCCESS, "Search completed.");
 
        // print list here
        if (!decodeTLV) {  
 
        // print list here
        if (!decodeTLV) {  
@@ -187,83 +147,218 @@ int CmdHFEMVSearch(const char *cmd) {
        return 0;
 }
 
        return 0;
 }
 
-int UsageCmdHFEMVPPSE(void) {
-       PrintAndLog("HELP :  Executes PSE/PPSE select command. It returns list of applet on the card:\n");
-       PrintAndLog("Usage:  hf emv pse [-s][-k][-1][-2][-a][-t]\n");
-       PrintAndLog("  Options:");
-       PrintAndLog("  -s       : select card");
-       PrintAndLog("  -k       : keep field for next command");
-       PrintAndLog("  -1       : ppse (1PAY.SYS.DDF01)");
-       PrintAndLog("  -2       : pse (2PAY.SYS.DDF01)");
-       PrintAndLog("  -a       : show APDU reqests and responses\n");
-       PrintAndLog("  -t       : TLV decode results\n");
-       PrintAndLog("Samples:");
-       PrintAndLog(" hf emv pse -s -1 -> select, get pse");
-       PrintAndLog(" hf emv pse -s -k -2 -> select, get ppse, keep field");
-       PrintAndLog(" hf emv pse -s -t -2 -> select, get ppse, show result in TLV");
+int CmdEMVPPSE(const char *cmd) {
+       
+       CLIParserInit("emv pse", 
+               "Executes PSE/PPSE select command. It returns list of applet on the card:\n", 
+               "Usage:\n\temv pse -s1 -> select, get pse\n\temv pse -st2 -> select, get ppse, show result in TLV\n");
+
+       void* argtable[] = {
+               arg_param_begin,
+               arg_lit0("sS",  "select",  "activate field and select card"),
+               arg_lit0("kK",  "keep",    "keep field ON for next command"),
+               arg_lit0("1",   "pse",     "pse (1PAY.SYS.DDF01) mode"),
+               arg_lit0("2",   "ppse",    "ppse (2PAY.SYS.DDF01) mode (default mode)"),
+               arg_lit0("aA",  "apdu",    "show APDU reqests and responses"),
+               arg_lit0("tT",  "tlv",     "TLV decode results of selected applets"),
+#ifdef WITH_SMARTCARD
+               arg_lit0("wW",  "wired",   "Send data via contact (iso7816) interface. Contactless interface set by default."),
+#endif
+               arg_param_end
+       };
+       CLIExecWithReturn(cmd, argtable, true);
+       
+       bool activateField = arg_get_lit(1);
+       bool leaveSignalON = arg_get_lit(2);
+       uint8_t PSENum = 2;
+       if (arg_get_lit(3))
+               PSENum = 1;
+       if (arg_get_lit(4))
+               PSENum = 2;
+       bool APDULogging = arg_get_lit(5);
+       bool decodeTLV = arg_get_lit(6);
+       EMVCommandChannel channel = ECC_CONTACTLESS;
+#ifdef WITH_SMARTCARD
+       if (arg_get_lit(7))
+               channel = ECC_CONTACT;
+#endif
+       CLIParserFree();    
+       
+       SetAPDULogging(APDULogging);
+       
+       // exec
+       uint8_t buf[APDU_RES_LEN] = {0};
+       size_t len = 0;
+       uint16_t sw = 0;
+       int res = EMVSelectPSE(channel, activateField, leaveSignalON, PSENum, buf, sizeof(buf), &len, &sw);
+       
+       if (sw)
+               PrintAndLogEx(INFO, "APDU response status: %04x - %s", sw, GetAPDUCodeDescription(sw >> 8, sw & 0xff)); 
+
+       if (res)
+               return res;
+       
+       
+       if (decodeTLV)
+               TLVPrintFromBuffer(buf, len);
+
        return 0;
 }
 
        return 0;
 }
 
-int CmdHFEMVPPSE(const char *cmd) {
+int CmdEMVGPO(const char *cmd) {
+       uint8_t data[APDU_RES_LEN] = {0};
+       int datalen = 0;
+
+       CLIParserInit("emv gpo", 
+               "Executes Get Processing Options command. It returns data in TLV format (0x77 - format2) or plain format (0x80 - format1).\nNeeds a EMV applet to be selected.", 
+               "Usage:\n\temv gpo -k -> execute GPO\n"
+                       "\temv gpo -t 01020304 -> execute GPO with 4-byte PDOL data, show result in TLV\n"
+                       "\temv gpo -pmt 9F 37 04 -> load params from file, make PDOL data from PDOL, execute GPO with PDOL, show result in TLV\n"); 
+
+       void* argtable[] = {
+               arg_param_begin,
+               arg_lit0("kK",  "keep",    "keep field ON for next command"),
+               arg_lit0("pP",  "params",  "load parameters from `emv/defparams.json` file for PDOLdata making from PDOL and parameters"),
+               arg_lit0("mM",  "make",    "make PDOLdata from PDOL (tag 9F38) and parameters (by default uses default parameters)"),
+               arg_lit0("aA",  "apdu",    "show APDU reqests and responses"),
+               arg_lit0("tT",  "tlv",     "TLV decode results of selected applets"),
+#ifdef WITH_SMARTCARD
+               arg_lit0("wW",  "wired",   "Send data via contact (iso7816) interface. Contactless interface set by default."),
+#endif
+               arg_strx0(NULL,  NULL,     "<HEX PDOLdata/PDOL>", NULL),
+               arg_param_end
+       };
+       CLIExecWithReturn(cmd, argtable, true);
        
        
-       uint8_t PSENum = 2;
-       bool activateField = false;
-       bool leaveSignalON = false;
-       bool decodeTLV = false;
-
-       if (strlen(cmd) < 1) {
-               UsageCmdHFEMVPPSE();
-               return 0;
-       }
-
-       SetAPDULogging(false);
-       
-       int cmdp = 0;
-       while(param_getchar(cmd, cmdp) != 0x00) {
-               char c = param_getchar(cmd, cmdp);
-               if ((c == '-') && (param_getlength(cmd, cmdp) == 2))
-                       switch (param_getchar_indx(cmd, 1, cmdp)) {
-                               case 'h':
-                               case 'H':
-                                       UsageCmdHFEMVPPSE();
-                                       return 0;
-                               case 's':
-                               case 'S':
-                                       activateField = true;
-                                       break;
-                               case 'k':
-                               case 'K':
-                                       leaveSignalON = true;
-                                       break;
-                               case 'a':
-                               case 'A':
-                                       SetAPDULogging(true);
-                                       break;
-                               case 't':
-                               case 'T':
-                                       decodeTLV = true;
-                                       break;
-                               case '1':
-                                       PSENum = 1;
-                                       break;
-                               case '2':
-                                       PSENum = 2;
-                                       break;
-                               default:
-                                       PrintAndLog("Unknown parameter '%c'", param_getchar_indx(cmd, 1, cmdp));
-                                       return 1;
+       bool leaveSignalON = arg_get_lit(1);
+       bool paramsLoadFromFile = arg_get_lit(2);
+       bool dataMakeFromPDOL = arg_get_lit(3);
+       bool APDULogging = arg_get_lit(4);
+       bool decodeTLV = arg_get_lit(5);
+       EMVCommandChannel channel = ECC_CONTACTLESS;
+#ifdef WITH_SMARTCARD
+       if (arg_get_lit(6))
+               channel = ECC_CONTACT;
+       CLIGetHexWithReturn(7, data, &datalen);
+#else
+       CLIGetHexWithReturn(6, data, &datalen);
+#endif
+       CLIParserFree();    
+       
+       SetAPDULogging(APDULogging);
+       
+       // Init TLV tree
+       const char *alr = "Root terminal TLV tree";
+       struct tlvdb *tlvRoot = tlvdb_fixed(1, strlen(alr), (const unsigned char *)alr);
+       
+       // calc PDOL
+       struct tlv *pdol_data_tlv = NULL;
+       struct tlv data_tlv = {
+               .tag = 0x83,
+               .len = datalen,
+               .value = (uint8_t *)data,
+       };
+       if (dataMakeFromPDOL) {
+               ParamLoadDefaults(tlvRoot);
+
+               if (paramsLoadFromFile) {
+                       PrintAndLogEx(INFO, "Params loading from file...");
+                       ParamLoadFromJson(tlvRoot);
+               };
+               
+               pdol_data_tlv = dol_process((const struct tlv *)tlvdb_external(0x9f38, datalen, data), tlvRoot, 0x83);
+               if (!pdol_data_tlv){
+                       PrintAndLogEx(ERR, "Can't create PDOL TLV.");
+                       tlvdb_free(tlvRoot);
+                       return 4;
                }
                }
-               cmdp++;
+       } else {
+               if (paramsLoadFromFile) {
+                       PrintAndLogEx(WARNING, "Don't need to load parameters. Sending plain PDOL data...");
+               }
+               pdol_data_tlv = &data_tlv;
+       }
+
+       size_t pdol_data_tlv_data_len = 0;
+       unsigned char *pdol_data_tlv_data = tlv_encode(pdol_data_tlv, &pdol_data_tlv_data_len);
+       if (!pdol_data_tlv_data) {
+               PrintAndLogEx(ERR, "Can't create PDOL data.");
+               tlvdb_free(tlvRoot);
+               return 4;
        }
        }
+       PrintAndLogEx(INFO, "PDOL data[%d]: %s", pdol_data_tlv_data_len, sprint_hex(pdol_data_tlv_data, pdol_data_tlv_data_len));
        
        // exec
        uint8_t buf[APDU_RES_LEN] = {0};
        size_t len = 0;
        uint16_t sw = 0;
        
        // exec
        uint8_t buf[APDU_RES_LEN] = {0};
        size_t len = 0;
        uint16_t sw = 0;
-       int res = EMVSelectPSE(activateField, leaveSignalON, PSENum, buf, sizeof(buf), &len, &sw);
+       int res = EMVGPO(channel, leaveSignalON, pdol_data_tlv_data, pdol_data_tlv_data_len, buf, sizeof(buf), &len, &sw, tlvRoot);
+       
+       if (pdol_data_tlv != &data_tlv)
+               free(pdol_data_tlv);
+       tlvdb_free(tlvRoot);
        
        if (sw)
        
        if (sw)
-               PrintAndLog("APDU response status: %04x - %s", sw, GetAPDUCodeDescription(sw >> 8, sw & 0xff)); 
+               PrintAndLogEx(INFO, "APDU response status: %04x - %s", sw, GetAPDUCodeDescription(sw >> 8, sw & 0xff)); 
+
+       if (res)
+               return res;
+       
+       if (decodeTLV)
+               TLVPrintFromBuffer(buf, len);
+
+       return 0;
+}
+
+int CmdEMVReadRecord(const char *cmd) {
+       uint8_t data[APDU_RES_LEN] = {0};
+       int datalen = 0;
+
+       CLIParserInit("emv readrec", 
+               "Executes Read Record command. It returns data in TLV format.\nNeeds a bank applet to be selected and sometimes needs GPO to be executed.", 
+               "Usage:\n\temv readrec -k 0101 -> read file SFI=01, SFIrec=01\n\temv readrec -kt 0201-> read file 0201 and show result in TLV\n");
+
+       void* argtable[] = {
+               arg_param_begin,
+               arg_lit0("kK",  "keep",    "keep field ON for next command"),
+               arg_lit0("aA",  "apdu",    "show APDU reqests and responses"),
+               arg_lit0("tT",  "tlv",     "TLV decode results of selected applets"),
+#ifdef WITH_SMARTCARD
+               arg_lit0("wW",  "wired",   "Send data via contact (iso7816) interface. Contactless interface set by default."),
+#endif
+               arg_strx1(NULL,  NULL,     "<SFI 1byte HEX><SFIrec 1byte HEX>", NULL),
+               arg_param_end
+       };
+       CLIExecWithReturn(cmd, argtable, true);
+       
+       bool leaveSignalON = arg_get_lit(1);
+       bool APDULogging = arg_get_lit(2);
+       bool decodeTLV = arg_get_lit(3);
+       EMVCommandChannel channel = ECC_CONTACTLESS;
+#ifdef WITH_SMARTCARD
+       if (arg_get_lit(4))
+               channel = ECC_CONTACT;
+       CLIGetHexWithReturn(5, data, &datalen);
+#else
+       CLIGetHexWithReturn(4, data, &datalen);
+#endif
+       CLIParserFree();
+       
+       if (datalen != 2) {
+               PrintAndLogEx(ERR, "Command needs to have 2 bytes of data");
+               return 1;
+       }
+       
+       SetAPDULogging(APDULogging);
+               
+       // exec
+       uint8_t buf[APDU_RES_LEN] = {0};
+       size_t len = 0;
+       uint16_t sw = 0;
+       int res = EMVReadRecord(channel, leaveSignalON, data[0], data[1], buf, sizeof(buf), &len, &sw, NULL);
+       
+       if (sw)
+               PrintAndLogEx(INFO, "APDU response status: %04x - %s", sw, GetAPDUCodeDescription(sw >> 8, sw & 0xff)); 
 
        if (res)
                return res;
 
        if (res)
                return res;
@@ -275,76 +370,403 @@ int CmdHFEMVPPSE(const char *cmd) {
        return 0;
 }
 
        return 0;
 }
 
-int UsageCmdHFEMVExec(void) {
-       PrintAndLog("HELP :  Executes EMV contactless transaction:\n");
-       PrintAndLog("Usage:  hf emv exec [-s][-a][-t]\n");
-       PrintAndLog("  Options:");
-       PrintAndLog("  -s       : select card");
-       PrintAndLog("  -a       : show APDU reqests and responses\n");
-       PrintAndLog("  -t       : TLV decode results\n");
-       PrintAndLog("  -f       : force search AID. Search AID instead of execute PPSE.\n");
-       PrintAndLog("Samples:");
-       PrintAndLog(" hf emv pse -s -> select card");
-       PrintAndLog(" hf emv pse -s -t -a -> select card, show responses in TLV, show APDU");
+int CmdEMVAC(const char *cmd) {
+       uint8_t data[APDU_RES_LEN] = {0};
+       int datalen = 0;
+
+       CLIParserInit("emv genac", 
+               "Generate Application Cryptogram command. It returns data in TLV format .\nNeeds a EMV applet to be selected and GPO to be executed.", 
+               "Usage:\n\temv genac -k 0102 -> generate AC with 2-byte CDOLdata and keep field ON after command\n"
+                       "\temv genac -t 01020304 -> generate AC with 4-byte CDOL data, show result in TLV\n"
+                       "\temv genac -Daac 01020304 -> generate AC with 4-byte CDOL data and terminal decision 'declined'\n"
+                       "\temv genac -pmt 9F 37 04 -> load params from file, make CDOL data from CDOL, generate AC with CDOL, show result in TLV"); 
+
+       void* argtable[] = {
+               arg_param_begin,
+               arg_lit0("kK",  "keep",     "keep field ON for next command"),
+               arg_lit0("cC",  "cda",      "executes CDA transaction. Needs to get SDAD in results."),
+               arg_str0("dD",  "decision", "<aac|tc|arqc>", "Terminal decision. aac - declined, tc - approved, arqc - online authorisation requested"),
+               arg_lit0("pP",  "params",   "load parameters from `emv/defparams.json` file for CDOLdata making from CDOL and parameters"),
+               arg_lit0("mM",  "make",     "make CDOLdata from CDOL (tag 8C and 8D) and parameters (by default uses default parameters)"),
+               arg_lit0("aA",  "apdu",     "show APDU reqests and responses"),
+               arg_lit0("tT",  "tlv",      "TLV decode results of selected applets"),
+#ifdef WITH_SMARTCARD
+               arg_lit0("wW",  "wired",   "Send data via contact (iso7816) interface. Contactless interface set by default."),
+#endif
+               arg_strx1(NULL,  NULL,      "<HEX CDOLdata/CDOL>", NULL),
+               arg_param_end
+       };
+       CLIExecWithReturn(cmd, argtable, false);
+       
+       bool leaveSignalON = arg_get_lit(1);
+       bool trTypeCDA = arg_get_lit(2);
+       uint8_t termDecision = 0xff;
+       if (arg_get_str_len(3)) {
+               if (!strncmp(arg_get_str(3)->sval[0], "aac", 4))
+                       termDecision = EMVAC_AAC;
+               if (!strncmp(arg_get_str(3)->sval[0], "tc", 4))
+                       termDecision = EMVAC_TC;
+               if (!strncmp(arg_get_str(3)->sval[0], "arqc", 4))
+                       termDecision = EMVAC_ARQC;
+
+               if (termDecision == 0xff) {
+                       PrintAndLog("ERROR: can't find terminal decision '%s'", arg_get_str(3)->sval[0]);
+                       return 1;
+               }
+       } else {
+               termDecision = EMVAC_TC;
+       }
+       if (trTypeCDA)
+               termDecision = termDecision | EMVAC_CDAREQ;
+       bool paramsLoadFromFile = arg_get_lit(4);
+       bool dataMakeFromCDOL = arg_get_lit(5);
+       bool APDULogging = arg_get_lit(6);
+       bool decodeTLV = arg_get_lit(7);
+       EMVCommandChannel channel = ECC_CONTACTLESS;
+#ifdef WITH_SMARTCARD
+       if (arg_get_lit(8))
+               channel = ECC_CONTACT;
+       CLIGetHexWithReturn(9, data, &datalen);
+#else
+       CLIGetHexWithReturn(8, data, &datalen);
+#endif
+       CLIParserFree();    
+       
+       SetAPDULogging(APDULogging);
+       
+       // Init TLV tree
+       const char *alr = "Root terminal TLV tree";
+       struct tlvdb *tlvRoot = tlvdb_fixed(1, strlen(alr), (const unsigned char *)alr);
+       
+       // calc CDOL
+       struct tlv *cdol_data_tlv = NULL;
+       struct tlv data_tlv = {
+               .tag = 0x01,
+               .len = datalen,
+               .value = (uint8_t *)data,
+       };
+       
+       if (dataMakeFromCDOL) {
+               ParamLoadDefaults(tlvRoot);
+
+               if (paramsLoadFromFile) {
+                       PrintAndLogEx(INFO, "Params loading from file...");
+                       ParamLoadFromJson(tlvRoot);
+               };
+               
+               cdol_data_tlv = dol_process((const struct tlv *)tlvdb_external(0x8c, datalen, data), tlvRoot, 0x01); // 0x01 - dummy tag
+               if (!cdol_data_tlv){
+                       PrintAndLogEx(ERR, "Can't create CDOL TLV.");
+                       tlvdb_free(tlvRoot);
+                       return 4;
+               }
+       } else {
+               if (paramsLoadFromFile) {
+                       PrintAndLogEx(WARNING, "Don't need to load parameters. Sending plain CDOL data...");
+               }
+               cdol_data_tlv = &data_tlv;
+       }
+       
+       PrintAndLogEx(INFO, "CDOL data[%d]: %s", cdol_data_tlv->len, sprint_hex(cdol_data_tlv->value, cdol_data_tlv->len));
+
+       // exec
+       uint8_t buf[APDU_RES_LEN] = {0};
+       size_t len = 0;
+       uint16_t sw = 0;
+       int res = EMVAC(channel, leaveSignalON, termDecision, (uint8_t *)cdol_data_tlv->value, cdol_data_tlv->len, buf, sizeof(buf), &len, &sw, tlvRoot);
+       
+       if (cdol_data_tlv != &data_tlv)
+               free(cdol_data_tlv);
+       tlvdb_free(tlvRoot);
+       
+       if (sw)
+               PrintAndLogEx(INFO, "APDU response status: %04x - %s", sw, GetAPDUCodeDescription(sw >> 8, sw & 0xff)); 
+
+       if (res)
+               return res;
+       
+       if (decodeTLV)
+               TLVPrintFromBuffer(buf, len);
+
+       return 0;   
+}
+
+int CmdEMVGenerateChallenge(const char *cmd) {
+
+       CLIParserInit("emv challenge", 
+               "Executes Generate Challenge command. It returns 4 or 8-byte random number from card.\nNeeds a EMV applet to be selected and GPO to be executed.", 
+               "Usage:\n\temv challenge -> get challenge\n\temv challenge -k -> get challenge, keep fileld ON\n");
+
+       void* argtable[] = {
+               arg_param_begin,
+               arg_lit0("kK",  "keep",    "keep field ON for next command"),
+               arg_lit0("aA",  "apdu",    "show APDU reqests and responses"),
+#ifdef WITH_SMARTCARD
+               arg_lit0("wW",  "wired",   "Send data via contact (iso7816) interface. Contactless interface set by default."),
+#endif
+               arg_param_end
+       };
+       CLIExecWithReturn(cmd, argtable, true);
+       
+       bool leaveSignalON = arg_get_lit(1);
+       bool APDULogging = arg_get_lit(2);
+       EMVCommandChannel channel = ECC_CONTACTLESS;
+#ifdef WITH_SMARTCARD
+       if (arg_get_lit(3))
+               channel = ECC_CONTACT;
+#endif
+       CLIParserFree();    
+       
+       SetAPDULogging(APDULogging);
+       
+       // exec
+       uint8_t buf[APDU_RES_LEN] = {0};
+       size_t len = 0;
+       uint16_t sw = 0;
+       int res = EMVGenerateChallenge(channel, leaveSignalON, buf, sizeof(buf), &len, &sw, NULL);
+       
+       if (sw)
+               PrintAndLogEx(INFO, "APDU response status: %04x - %s", sw, GetAPDUCodeDescription(sw >> 8, sw & 0xff)); 
+
+       if (res)
+               return res;
+
+       PrintAndLogEx(SUCCESS, "Challenge: %s", sprint_hex(buf, len));
+       
+       if (len != 4 && len != 8)
+               PrintAndLogEx(WARNING, "Length of challenge must be 4 or 8, but it %d", len);
+       
        return 0;
 }
 
        return 0;
 }
 
-#define TLV_ADD(tag, value)( tlvdb_add(tlvRoot, tlvdb_fixed(tag, sizeof(value) - 1, (const unsigned char *)value)) )
+int CmdEMVInternalAuthenticate(const char *cmd) {
+       uint8_t data[APDU_RES_LEN] = {0};
+       int datalen = 0;
+
+       CLIParserInit("emv intauth", 
+               "Generate Internal Authenticate command. Usually needs 4-byte random number. It returns data in TLV format .\nNeeds a EMV applet to be selected and GPO to be executed.", 
+               "Usage:\n\temv intauth -k 01020304 -> execute Internal Authenticate with 4-byte DDOLdata and keep field ON after command\n"
+                       "\temv intauth -t 01020304 -> execute Internal Authenticate with 4-byte DDOL data, show result in TLV\n"
+                       "\temv intauth -pmt 9F 37 04 -> load params from file, make DDOL data from DDOL, Internal Authenticate with DDOL, show result in TLV"); 
 
 
-int CmdHFEMVExec(const char *cmd) {
-       bool activateField = false;
-       bool showAPDU = false;
-       bool decodeTLV = false;
-       bool forceSearch = false;
+       void* argtable[] = {
+               arg_param_begin,
+               arg_lit0("kK",  "keep",    "keep field ON for next command"),
+               arg_lit0("pP",  "params",  "load parameters from `emv/defparams.json` file for DDOLdata making from DDOL and parameters"),
+               arg_lit0("mM",  "make",    "make DDOLdata from DDOL (tag 9F49) and parameters (by default uses default parameters)"),
+               arg_lit0("aA",  "apdu",    "show APDU reqests and responses"),
+               arg_lit0("tT",  "tlv",     "TLV decode results of selected applets"),
+#ifdef WITH_SMARTCARD
+               arg_lit0("wW",  "wired",   "Send data via contact (iso7816) interface. Contactless interface set by default."),
+#endif
+               arg_strx1(NULL,  NULL,     "<HEX DDOLdata/DDOL>", NULL),
+               arg_param_end
+       };
+       CLIExecWithReturn(cmd, argtable, false);
+       
+       bool leaveSignalON = arg_get_lit(1);
+       bool paramsLoadFromFile = arg_get_lit(2);
+       bool dataMakeFromDDOL = arg_get_lit(3);
+       bool APDULogging = arg_get_lit(4);
+       bool decodeTLV = arg_get_lit(5);
+       EMVCommandChannel channel = ECC_CONTACTLESS;
+#ifdef WITH_SMARTCARD
+       if (arg_get_lit(6))
+               channel = ECC_CONTACT;
+       CLIGetHexWithReturn(7, data, &datalen);
+#else
+       CLIGetHexWithReturn(6, data, &datalen);
+#endif
+       CLIParserFree();    
+       
+       SetAPDULogging(APDULogging);
 
 
+       // Init TLV tree
+       const char *alr = "Root terminal TLV tree";
+       struct tlvdb *tlvRoot = tlvdb_fixed(1, strlen(alr), (const unsigned char *)alr);
+       
+       // calc DDOL
+       struct tlv *ddol_data_tlv = NULL;
+       struct tlv data_tlv = {
+               .tag = 0x01,
+               .len = datalen,
+               .value = (uint8_t *)data,
+       };
+       
+       if (dataMakeFromDDOL) {
+               ParamLoadDefaults(tlvRoot);
+
+               if (paramsLoadFromFile) {
+                       PrintAndLogEx(INFO, "Params loading from file...");
+                       ParamLoadFromJson(tlvRoot);
+               };
+               
+               ddol_data_tlv = dol_process((const struct tlv *)tlvdb_external(0x9f49, datalen, data), tlvRoot, 0x01); // 0x01 - dummy tag
+               if (!ddol_data_tlv){
+                       PrintAndLogEx(ERR, "Can't create DDOL TLV.");
+                       tlvdb_free(tlvRoot);
+                       return 4;
+               }
+       } else {
+               if (paramsLoadFromFile) {
+                       PrintAndLogEx(WARNING, "Don't need to load parameters. Sending plain DDOL data...");
+               }
+               ddol_data_tlv = &data_tlv;
+       }
+       
+       PrintAndLogEx(INFO, "DDOL data[%d]: %s", ddol_data_tlv->len, sprint_hex(ddol_data_tlv->value, ddol_data_tlv->len));
+       
+       // exec
+       uint8_t buf[APDU_RES_LEN] = {0};
+       size_t len = 0;
+       uint16_t sw = 0;
+       int res = EMVInternalAuthenticate(channel, leaveSignalON, data, datalen, buf, sizeof(buf), &len, &sw, NULL);
+       
+       if (ddol_data_tlv != &data_tlv)
+               free(ddol_data_tlv);
+       tlvdb_free(tlvRoot);    
+       
+       if (sw)
+               PrintAndLogEx(INFO, "APDU response status: %04x - %s", sw, GetAPDUCodeDescription(sw >> 8, sw & 0xff)); 
+
+       if (res)
+               return res;
+       
+       if (decodeTLV)
+               TLVPrintFromBuffer(buf, len);
+
+       return 0;   
+}
+
+#define dreturn(n) {free(pdol_data_tlv);tlvdb_free(tlvSelect);tlvdb_free(tlvRoot);DropField();return n;}
+
+void InitTransactionParameters(struct tlvdb *tlvRoot, bool paramLoadJSON, enum TransactionType TrType, bool GenACGPO) {
+       
+       ParamLoadDefaults(tlvRoot);
+
+       if (paramLoadJSON) {
+               PrintAndLog("* * Transaction parameters loading from JSON...");
+               ParamLoadFromJson(tlvRoot);
+       }
+       
+       //9F66:(Terminal Transaction Qualifiers (TTQ)) len:4
+       char *qVSDC = "\x26\x00\x00\x00";
+       if (GenACGPO) {
+               qVSDC = "\x26\x80\x00\x00";
+       }
+       switch(TrType) {
+               case TT_MSD:
+                       TLV_ADD(0x9F66, "\x86\x00\x00\x00"); // MSD
+                       break;
+               // not standard for contactless. just for test.
+               case TT_VSDC:  
+                       TLV_ADD(0x9F66, "\x46\x00\x00\x00"); // VSDC
+                       break;
+               case TT_QVSDCMCHIP:
+                       TLV_ADD(0x9F66, qVSDC); // qVSDC
+                       break;
+               case TT_CDA:
+                       TLV_ADD(0x9F66, qVSDC); // qVSDC (VISA CDA not enabled)
+                       break;
+               default:
+                       break;
+       }
+}
+
+void ProcessGPOResponseFormat1(struct tlvdb *tlvRoot, uint8_t *buf, size_t len, bool decodeTLV) {
+       if (buf[0] == 0x80) {
+               if (decodeTLV){
+                       PrintAndLog("GPO response format1:");
+                       TLVPrintFromBuffer(buf, len);
+               }
+               
+               if (len < 4 || (len - 4) % 4) {
+                       PrintAndLogEx(ERR, "GPO response format1 parsing error. length=%d", len);
+               } else {
+                       // AIP
+                       struct tlvdb * f1AIP = tlvdb_fixed(0x82, 2, buf + 2);
+                       tlvdb_add(tlvRoot, f1AIP);
+                       if (decodeTLV){
+                               PrintAndLogEx(INFO, "\n* * Decode response format 1 (0x80) AIP and AFL:");
+                               TLVPrintFromTLV(f1AIP);
+                       }
+
+                       // AFL
+                       struct tlvdb * f1AFL = tlvdb_fixed(0x94, len - 4, buf + 2 + 2);
+                       tlvdb_add(tlvRoot, f1AFL);
+                       if (decodeTLV)
+                               TLVPrintFromTLV(f1AFL);
+               }       
+       } else {
+               if (decodeTLV)
+                       TLVPrintFromBuffer(buf, len);
+       }
+}
+
+int CmdEMVExec(const char *cmd) {
        uint8_t buf[APDU_RES_LEN] = {0};
        size_t len = 0;
        uint16_t sw = 0;
        uint8_t AID[APDU_AID_LEN] = {0};
        size_t AIDlen = 0;
        uint8_t buf[APDU_RES_LEN] = {0};
        size_t len = 0;
        uint16_t sw = 0;
        uint8_t AID[APDU_AID_LEN] = {0};
        size_t AIDlen = 0;
+       uint8_t ODAiList[4096];
+       size_t ODAiListLen = 0;
        
        int res;
        
        
        int res;
        
-       if (strlen(cmd) < 1) {
-               UsageCmdHFEMVExec();
-               return 0;
-       }
-       
-       int cmdp = 0;
-       while(param_getchar(cmd, cmdp) != 0x00) {
-               char c = param_getchar(cmd, cmdp);
-               if ((c == '-') && (param_getlength(cmd, cmdp) == 2))
-                       switch (param_getchar_indx(cmd, 1, cmdp)) {
-                               case 'h':
-                               case 'H':
-                                       UsageCmdHFEMVPPSE();
-                                       return 0;
-                               case 's':
-                               case 'S':
-                                       activateField = true;
-                                       break;
-                               case 'a':
-                               case 'A':
-                                       showAPDU = true;
-                                       break;
-                               case 't':
-                               case 'T':
-                                       decodeTLV = true;
-                                       break;
-                               case 'f':
-                               case 'F':
-                                       forceSearch = true;
-                                       break;
-                               default:
-                                       PrintAndLog("Unknown parameter '%c'", param_getchar_indx(cmd, 1, cmdp));
-                                       return 1;
-               }
-               cmdp++;
-       }
+       struct tlvdb *tlvSelect = NULL;
+       struct tlvdb *tlvRoot = NULL;
+       struct tlv *pdol_data_tlv = NULL;
+
+       CLIParserInit("emv exec", 
+               "Executes EMV contactless transaction", 
+               "Usage:\n\temv exec -sat -> select card, execute MSD transaction, show APDU and TLV\n"
+                       "\temv exec -satc -> select card, execute CDA transaction, show APDU and TLV\n");
 
 
+       void* argtable[] = {
+               arg_param_begin,
+               arg_lit0("sS",  "select",   "activate field and select card."),
+               arg_lit0("aA",  "apdu",     "show APDU reqests and responses."),
+               arg_lit0("tT",  "tlv",      "TLV decode results."),
+               arg_lit0("jJ",  "jload",    "Load transaction parameters from `emv/defparams.json` file."),
+               arg_lit0("fF",  "forceaid", "Force search AID. Search AID instead of execute PPSE."),
+               arg_rem("By default:",      "Transaction type - MSD"),
+               arg_lit0("vV",  "qvsdc",    "Transaction type - qVSDC or M/Chip."),
+               arg_lit0("cC",  "qvsdccda", "Transaction type - qVSDC or M/Chip plus CDA (SDAD generation)."),
+               arg_lit0("xX",  "vsdc",     "Transaction type - VSDC. For test only. Not a standart behavior."),
+               arg_lit0("gG",  "acgpo",    "VISA. generate AC from GPO."),
+#ifdef WITH_SMARTCARD
+               arg_lit0("wW",  "wired",   "Send data via contact (iso7816) interface. Contactless interface set by default."),
+#endif
+               arg_param_end
+       };
+       CLIExecWithReturn(cmd, argtable, true);
+       
+       bool activateField = arg_get_lit(1);
+       bool showAPDU = arg_get_lit(2);
+       bool decodeTLV = arg_get_lit(3);
+       bool paramLoadJSON = arg_get_lit(4);
+       bool forceSearch = arg_get_lit(5);
+
+       enum TransactionType TrType = TT_MSD;
+       if (arg_get_lit(7))
+               TrType = TT_QVSDCMCHIP;
+       if (arg_get_lit(8))
+               TrType = TT_CDA;
+       if (arg_get_lit(9))
+               TrType = TT_VSDC;
+
+       bool GenACGPO = arg_get_lit(10);
+       EMVCommandChannel channel = ECC_CONTACTLESS;
+#ifdef WITH_SMARTCARD
+       if (arg_get_lit(11))
+               channel = ECC_CONTACT;
+#endif
+       CLIParserFree();
+       
+       SetAPDULogging(showAPDU);
        
        // init applets list tree
        
        // init applets list tree
-       struct tlvdb *tlvSelect = NULL;
        const char *al = "Applets list";
        tlvSelect = tlvdb_fixed(1, strlen(al), (const unsigned char *)al);
 
        const char *al = "Applets list";
        tlvSelect = tlvdb_fixed(1, strlen(al), (const unsigned char *)al);
 
@@ -352,12 +774,12 @@ int CmdHFEMVExec(const char *cmd) {
        // https://www.openscdp.org/scripts/tutorial/emv/applicationselection.html
        if (!forceSearch) {
                // PPSE
        // https://www.openscdp.org/scripts/tutorial/emv/applicationselection.html
        if (!forceSearch) {
                // PPSE
-               PrintAndLog("\n* PPSE.");
+               PrintAndLogEx(NORMAL, "\n* PPSE.");
                SetAPDULogging(showAPDU);
                SetAPDULogging(showAPDU);
-               res = EMVSearchPSE(activateField, true, decodeTLV, tlvSelect);
+               res = EMVSearchPSE(channel, activateField, true, decodeTLV, tlvSelect);
 
                // check PPSE and select application id
 
                // check PPSE and select application id
-               if (!res) {     
+               if (!res) { 
                        TLVPrintAIDlistFromSelectTLV(tlvSelect);
                        EMVSelectApplication(tlvSelect, AID, &AIDlen);
                }
                        TLVPrintAIDlistFromSelectTLV(tlvSelect);
                        EMVSelectApplication(tlvSelect, AID, &AIDlen);
                }
@@ -365,11 +787,10 @@ int CmdHFEMVExec(const char *cmd) {
        
        // Search
        if (!AIDlen) {
        
        // Search
        if (!AIDlen) {
-               PrintAndLog("\n* Search AID in list.");
+               PrintAndLogEx(NORMAL, "\n* Search AID in list.");
                SetAPDULogging(false);
                SetAPDULogging(false);
-               if (EMVSearch(activateField, true, decodeTLV, tlvSelect)) {
-                       tlvdb_free(tlvSelect);
-                       return 2;
+               if (EMVSearch(channel, activateField, true, decodeTLV, tlvSelect)) {
+                       dreturn(2);
                }
 
                // check search and select application id
                }
 
                // check search and select application id
@@ -378,107 +799,61 @@ int CmdHFEMVExec(const char *cmd) {
        }
        
        // Init TLV tree
        }
        
        // Init TLV tree
-       struct tlvdb *tlvRoot = NULL;
        const char *alr = "Root terminal TLV tree";
        tlvRoot = tlvdb_fixed(1, strlen(alr), (const unsigned char *)alr);
        
        // check if we found EMV application on card
        if (!AIDlen) {
        const char *alr = "Root terminal TLV tree";
        tlvRoot = tlvdb_fixed(1, strlen(alr), (const unsigned char *)alr);
        
        // check if we found EMV application on card
        if (!AIDlen) {
-               PrintAndLog("Can't select AID. EMV AID not found");
-               return 2;
+               PrintAndLogEx(WARNING, "Can't select AID. EMV AID not found");
+               dreturn(2);
        }
        
        // Select
        }
        
        // Select
-       PrintAndLog("\n* Selecting AID:%s", sprint_hex_inrow(AID, AIDlen));
+       PrintAndLogEx(NORMAL, "\n* Selecting AID:%s", sprint_hex_inrow(AID, AIDlen));
        SetAPDULogging(showAPDU);
        SetAPDULogging(showAPDU);
-       res = EMVSelect(false, true, AID, AIDlen, buf, sizeof(buf), &len, &sw, tlvRoot);
+       res = EMVSelect(channel, false, true, AID, AIDlen, buf, sizeof(buf), &len, &sw, tlvRoot);
        
        
-       if (res) {      
-               PrintAndLog("Can't select AID (%d). Exit...", res);
-               return 3;
+       if (res) {  
+               PrintAndLogEx(WARNING, "Can't select AID (%d). Exit...", res);
+               dreturn(3);
        }
        
        if (decodeTLV)
                TLVPrintFromBuffer(buf, len);
        }
        
        if (decodeTLV)
                TLVPrintFromBuffer(buf, len);
-       PrintAndLog("* Selected.");
+       PrintAndLogEx(INFO, "* Selected.");
        
        
-       PrintAndLog("\n* Init transaction parameters.");
-
-    //9F66:(Terminal Transaction Qualifiers (TTQ)) len:4
-       TLV_ADD(0x9F66, "\x86\x00\x00\x00"); // MSD
-//     TLV_ADD(0x9F66, "\x26\x00\x00\x00"); // qVSDC
-//     TLV_ADD(0x9F66, "\x8e\x00\x00\x00"); // CDA
-    //9F02:(Amount, Authorised (Numeric)) len:6
-       TLV_ADD(0x9F02, "\x00\x00\x00\x00\x01\x00");
-    //9F1A:(Terminal Country Code) len:2
-       TLV_ADD(0x9F1A, "ru");
-    //5F2A:(Transaction Currency Code) len:2
-    // USD 840, EUR 978, RUR 810, RUB 643, RUR 810(old), UAH 980, AZN 031, n/a 999
-       TLV_ADD(0x5F2A, "\x09\x80");
-    //9A:(Transaction Date) len:3
-       TLV_ADD(0x9A,   "\x00\x00\x00");
-    //9C:(Transaction Type) len:1   |  00 => Goods and service #01 => Cash
-       TLV_ADD(0x9C,   "\x00");
-       // 9F37 Unpredictable Number len:4
-       TLV_ADD(0x9F37, "\x01\x02\x03\x04");
-       // 9F6A Unpredictable Number (MSD for UDOL) len:4
-       TLV_ADD(0x9F6A, "\x01\x02\x03\x04");
-
+       PrintAndLogEx(INFO, "\n* Init transaction parameters.");
+       InitTransactionParameters(tlvRoot, paramLoadJSON, TrType, GenACGPO);
        TLVPrintFromTLV(tlvRoot); // TODO delete!!!
        
        TLVPrintFromTLV(tlvRoot); // TODO delete!!!
        
-       PrintAndLog("\n* Calc PDOL.");
-       struct tlv *pdol_data_tlv = dol_process(tlvdb_get(tlvRoot, 0x9f38, NULL), tlvRoot, 0x83);
+       PrintAndLogEx(NORMAL, "\n* Calc PDOL.");
+       pdol_data_tlv = dol_process(tlvdb_get(tlvRoot, 0x9f38, NULL), tlvRoot, 0x83);
        if (!pdol_data_tlv){
        if (!pdol_data_tlv){
-               PrintAndLog("ERROR: can't create PDOL TLV.");
-               return 4;
+               PrintAndLogEx(WARNING, "Error: can't create PDOL TLV.");
+               dreturn(4);
        }
        
        size_t pdol_data_tlv_data_len;
        unsigned char *pdol_data_tlv_data = tlv_encode(pdol_data_tlv, &pdol_data_tlv_data_len);
        if (!pdol_data_tlv_data) {
        }
        
        size_t pdol_data_tlv_data_len;
        unsigned char *pdol_data_tlv_data = tlv_encode(pdol_data_tlv, &pdol_data_tlv_data_len);
        if (!pdol_data_tlv_data) {
-               PrintAndLog("ERROR: can't create PDOL data.");
-               return 4;
+               PrintAndLogEx(WARNING, "Error: can't create PDOL data.");
+               dreturn(4);
        }
        }
-       PrintAndLog("PDOL data[%d]: %s", pdol_data_tlv_data_len, sprint_hex(pdol_data_tlv_data, pdol_data_tlv_data_len));
+       PrintAndLogEx(NORMAL, "PDOL data[%d]: %s", pdol_data_tlv_data_len, sprint_hex(pdol_data_tlv_data, pdol_data_tlv_data_len));
 
 
-       PrintAndLog("\n* GPO.");
-       res = EMVGPO(true, pdol_data_tlv_data, pdol_data_tlv_data_len, buf, sizeof(buf), &len, &sw, tlvRoot);
+       PrintAndLogEx(NORMAL, "\n* GPO.");
+       res = EMVGPO(channel, true, pdol_data_tlv_data, pdol_data_tlv_data_len, buf, sizeof(buf), &len, &sw, tlvRoot);
        
        
-       free(pdol_data_tlv);
+       free(pdol_data_tlv_data);
+       //free(pdol_data_tlv); --- free on exit.
        
        
-       if (res) {      
-               PrintAndLog("GPO error(%d): %4x. Exit...", res, sw);
-               return 5;
+       if (res) {  
+               PrintAndLogEx(NORMAL, "GPO error(%d): %4x. Exit...", res, sw);
+               dreturn(5);
        }
 
        // process response template format 1 [id:80  2b AIP + x4b AFL] and format 2 [id:77 TLV]
        }
 
        // process response template format 1 [id:80  2b AIP + x4b AFL] and format 2 [id:77 TLV]
-       if (buf[0] == 0x80) {
-               if (decodeTLV){
-                       PrintAndLog("GPO response format1:");
-                       TLVPrintFromBuffer(buf, len);
-               }
-               
-               if (len < 4 || (len - 4) % 4) {
-                       PrintAndLog("ERROR: GPO response format1 parsing error. length=%d", len);
-               } else {
-                       // AIP
-                       struct tlvdb * f1AIP = tlvdb_fixed(0x82, 2, buf + 2);
-                       tlvdb_add(tlvRoot, f1AIP);
-                       if (decodeTLV){
-                               PrintAndLog("\n* * Decode response format 1 (0x80) AIP and AFL:");
-                               TLVPrintFromTLV(f1AIP);
-                       }
-
-                       // AFL
-                       struct tlvdb * f1AFL = tlvdb_fixed(0x94, len - 4, buf + 2 + 2);
-                       tlvdb_add(tlvRoot, f1AFL);
-                       if (decodeTLV)
-                               TLVPrintFromTLV(f1AFL);
-               }               
-       } else {
-               if (decodeTLV)
-                       TLVPrintFromBuffer(buf, len);
-       }
+       ProcessGPOResponseFormat1(tlvRoot, buf, len, decodeTLV);
        
        // extract PAN from track2
        {
        
        // extract PAN from track2
        {
@@ -488,23 +863,23 @@ int CmdHFEMVExec(const char *cmd) {
                        if (pan) {
                                tlvdb_add(tlvRoot, pan); 
                                
                        if (pan) {
                                tlvdb_add(tlvRoot, pan); 
                                
-                               const struct tlv *pantlv = tlvdb_get(tlvRoot, 0x5a, NULL);      
-                               PrintAndLog("\n* * Extracted PAN from track2: %s", sprint_hex(pantlv->value, pantlv->len));
+                               const struct tlv *pantlv = tlvdb_get(tlvRoot, 0x5a, NULL);  
+                               PrintAndLogEx(NORMAL, "\n* * Extracted PAN from track2: %s", sprint_hex(pantlv->value, pantlv->len));
                        } else {
                        } else {
-                               PrintAndLog("\n* * WARNING: Can't extract PAN from track2.");
+                               PrintAndLogEx(NORMAL, "\n* * WARNING: Can't extract PAN from track2.");
                        }
                }
        }
        
                        }
                }
        }
        
-       PrintAndLog("\n* Read records from AFL.");
+       PrintAndLogEx(NORMAL, "\n* Read records from AFL.");
        const struct tlv *AFL = tlvdb_get(tlvRoot, 0x94, NULL);
        if (!AFL || !AFL->len) {
        const struct tlv *AFL = tlvdb_get(tlvRoot, 0x94, NULL);
        if (!AFL || !AFL->len) {
-               PrintAndLog("WARNING: AFL not found.");
+               PrintAndLogEx(WARNING, "AFL not found.");
        }
        
        while(AFL && AFL->len) {
                if (AFL->len % 4) {
        }
        
        while(AFL && AFL->len) {
                if (AFL->len % 4) {
-                       PrintAndLog("ERROR: Wrong AFL length: %d", AFL->len);
+                       PrintAndLogEx(WARNING, "Error: Wrong AFL length: %d", AFL->len);
                        break;
                }
 
                        break;
                }
 
@@ -514,48 +889,88 @@ int CmdHFEMVExec(const char *cmd) {
                        uint8_t SFIend = AFL->value[i * 4 + 2];
                        uint8_t SFIoffline = AFL->value[i * 4 + 3];
                        
                        uint8_t SFIend = AFL->value[i * 4 + 2];
                        uint8_t SFIoffline = AFL->value[i * 4 + 3];
                        
-                       PrintAndLog("* * SFI[%02x] start:%02x end:%02x offline:%02x", SFI, SFIstart, SFIend, SFIoffline);
+                       PrintAndLogEx(NORMAL, "* * SFI[%02x] start:%02x end:%02x offline:%02x", SFI, SFIstart, SFIend, SFIoffline);
                        if (SFI == 0 || SFI == 31 || SFIstart == 0 || SFIstart > SFIend) {
                        if (SFI == 0 || SFI == 31 || SFIstart == 0 || SFIstart > SFIend) {
-                               PrintAndLog("SFI ERROR! Skipped...");
+                               PrintAndLogEx(NORMAL, "SFI ERROR! Skipped...");
                                continue;
                        }
                        
                        for(int n = SFIstart; n <= SFIend; n++) {
                                continue;
                        }
                        
                        for(int n = SFIstart; n <= SFIend; n++) {
-                               PrintAndLog("* * * SFI[%02x] %d", SFI, n);
+                               PrintAndLogEx(NORMAL, "* * * SFI[%02x] %d", SFI, n);
                                
                                
-                               res = EMVReadRecord(true, SFI, n, buf, sizeof(buf), &len, &sw, tlvRoot);
+                               res = EMVReadRecord(channel, true, SFI, n, buf, sizeof(buf), &len, &sw, tlvRoot);
                                if (res) {
                                if (res) {
-                                       PrintAndLog("ERROR SFI[%02x]. APDU error %4x", SFI, sw);
+                                       PrintAndLogEx(WARNING, "Error SFI[%02x]. APDU error %4x", SFI, sw);
                                        continue;
                                }
                                
                                if (decodeTLV) {
                                        TLVPrintFromBuffer(buf, len);
                                        continue;
                                }
                                
                                if (decodeTLV) {
                                        TLVPrintFromBuffer(buf, len);
-                                       PrintAndLog("");
+                                       PrintAndLogEx(NORMAL, "");
                                }
                                
                                }
                                
+                               // Build Input list for Offline Data Authentication
+                               // EMV 4.3 book3 10.3, page 96
                                if (SFIoffline) {
                                if (SFIoffline) {
-                                       // here will be offline records storing...
-                                       // dont foget: if (sfi < 11)
+                                       if (SFI < 11) {
+                                               const unsigned char *abuf = buf;
+                                               size_t elmlen = len;
+                                               struct tlv e;
+                                               if (tlv_parse_tl(&abuf, &elmlen, &e)) {
+                                                       memcpy(&ODAiList[ODAiListLen], &buf[len - elmlen], elmlen);
+                                                       ODAiListLen += elmlen;
+                                               } else {
+                                                       PrintAndLogEx(WARNING, "Error SFI[%02x]. Creating input list for Offline Data Authentication error.", SFI);
+                                               }
+                                       } else {
+                                               memcpy(&ODAiList[ODAiListLen], buf, len);
+                                               ODAiListLen += len;
+                                       }
                                }
                        }
                }
                
                break;
                                }
                        }
                }
                
                break;
-       }       
+       }   
        
        
-       // transaction check
-       const struct tlv *AIPtlv = tlvdb_get(tlvRoot, 0x82, NULL);      
-       uint16_t AIP = AIPtlv->value[0] + AIPtlv->value[1] * 0x100;
-       PrintAndLog("* * AIP=%x", AIP);
+       // copy Input list for Offline Data Authentication
+       if (ODAiListLen) {
+               struct tlvdb *oda = tlvdb_fixed(0x21, ODAiListLen, ODAiList); // not a standard tag
+               tlvdb_add(tlvRoot, oda); 
+               PrintAndLogEx(NORMAL, "* Input list for Offline Data Authentication added to TLV. len=%d \n", ODAiListLen);
+       }
+       
+       // get AIP
+       uint16_t AIP = 0;
+       const struct tlv *AIPtlv = tlvdb_get(tlvRoot, 0x82, NULL);  
+       if (AIPtlv) {
+               AIP = AIPtlv->value[0] + AIPtlv->value[1] * 0x100;
+               PrintAndLogEx(NORMAL, "* * AIP=%04x", AIP);
+       } else {
+               PrintAndLogEx(ERR, "Can't found AIP.");
+       }
 
 
+       // SDA
+       if (AIP & 0x0040) {
+               PrintAndLogEx(NORMAL, "\n* SDA");
+               trSDA(tlvRoot);
+       }
+
+       // DDA
+       if (AIP & 0x0020) {
+               PrintAndLogEx(NORMAL, "\n* DDA");
+               trDDA(channel, decodeTLV, tlvRoot);
+       }   
+       
+       // transaction check
+       
        // qVSDC
        // qVSDC
-       {
+       if (TrType == TT_QVSDCMCHIP|| TrType == TT_CDA){
                // 9F26: Application Cryptogram
                const struct tlv *AC = tlvdb_get(tlvRoot, 0x9F26, NULL);
                if (AC) {
                // 9F26: Application Cryptogram
                const struct tlv *AC = tlvdb_get(tlvRoot, 0x9F26, NULL);
                if (AC) {
-                       PrintAndLog("\n--> qVSDC transaction.");
-                       PrintAndLog("* AC path");
+                       PrintAndLogEx(NORMAL, "\n--> qVSDC transaction.");
+                       PrintAndLogEx(NORMAL, "* AC path");
                        
                        // 9F36: Application Transaction Counter (ATC)
                        const struct tlv *ATC = tlvdb_get(tlvRoot, 0x9F36, NULL);
                        
                        // 9F36: Application Transaction Counter (ATC)
                        const struct tlv *ATC = tlvdb_get(tlvRoot, 0x9F36, NULL);
@@ -565,53 +980,130 @@ int CmdHFEMVExec(const char *cmd) {
                                const struct tlv *IAD = tlvdb_get(tlvRoot, 0x9F10, NULL);
 
                                // print AC data
                                const struct tlv *IAD = tlvdb_get(tlvRoot, 0x9F10, NULL);
 
                                // print AC data
-                               PrintAndLog("ATC: %s", sprint_hex(ATC->value, ATC->len));
-                               PrintAndLog("AC: %s", sprint_hex(AC->value, AC->len));
+                               PrintAndLogEx(NORMAL, "ATC: %s", sprint_hex(ATC->value, ATC->len));
+                               PrintAndLogEx(NORMAL, "AC: %s", sprint_hex(AC->value, AC->len));
                                if (IAD){
                                if (IAD){
-                                       PrintAndLog("IAD: %s", sprint_hex(IAD->value, IAD->len));
+                                       PrintAndLogEx(NORMAL, "IAD: %s", sprint_hex(IAD->value, IAD->len));
                                        
                                        if (IAD->len >= IAD->value[0] + 1) {
                                        
                                        if (IAD->len >= IAD->value[0] + 1) {
-                                               PrintAndLog("\tKey index:  0x%02x", IAD->value[1]);
-                                               PrintAndLog("\tCrypto ver: 0x%02x(%03d)", IAD->value[2], IAD->value[2]);
-                                               PrintAndLog("\tCVR:", sprint_hex(&IAD->value[3], IAD->value[0] - 2));
+                                               PrintAndLogEx(NORMAL, "\tKey index:  0x%02x", IAD->value[1]);
+                                               PrintAndLogEx(NORMAL, "\tCrypto ver: 0x%02x(%03d)", IAD->value[2], IAD->value[2]);
+                                               PrintAndLogEx(NORMAL, "\tCVR:", sprint_hex(&IAD->value[3], IAD->value[0] - 2));
                                                struct tlvdb * cvr = tlvdb_fixed(0x20, IAD->value[0] - 2, &IAD->value[3]);
                                                TLVPrintFromTLVLev(cvr, 1);
                                        }
                                } else {
                                                struct tlvdb * cvr = tlvdb_fixed(0x20, IAD->value[0] - 2, &IAD->value[3]);
                                                TLVPrintFromTLVLev(cvr, 1);
                                        }
                                } else {
-                                       PrintAndLog("WARNING: IAD not found.");
+                                       PrintAndLogEx(WARNING, "IAD not found.");
                                }
                                
                        } else {
                                }
                                
                        } else {
-                               PrintAndLog("ERROR AC: Application Transaction Counter (ATC) not found.");
+                               PrintAndLogEx(ERR, "AC: Application Transaction Counter (ATC) not found.");
                        }
                }
        }
        
                        }
                }
        }
        
-       // TODO: Mastercard M/CHIP
-       {
+       // Mastercard M/CHIP
+       if (GetCardPSVendor(AID, AIDlen) == CV_MASTERCARD && (TrType == TT_QVSDCMCHIP || TrType == TT_CDA)){
                const struct tlv *CDOL1 = tlvdb_get(tlvRoot, 0x8c, NULL);
                if (CDOL1 && GetCardPSVendor(AID, AIDlen) == CV_MASTERCARD) { // and m/chip transaction flag
                const struct tlv *CDOL1 = tlvdb_get(tlvRoot, 0x8c, NULL);
                if (CDOL1 && GetCardPSVendor(AID, AIDlen) == CV_MASTERCARD) { // and m/chip transaction flag
+                       PrintAndLogEx(NORMAL, "\n--> Mastercard M/Chip transaction.");
+
+                       PrintAndLogEx(NORMAL, "* * Generate challenge");
+                       res = EMVGenerateChallenge(channel, true, buf, sizeof(buf), &len, &sw, tlvRoot);
+                       if (res) {
+                               PrintAndLogEx(WARNING, "GetChallenge. APDU error %4x", sw);
+                               dreturn(6);
+                       }
+                       if (len < 4) {
+                               PrintAndLogEx(WARNING, "GetChallenge. Wrong challenge length %d", len);
+                               dreturn(6);
+                       }
+                       
+                       // ICC Dynamic Number
+                       struct tlvdb * ICCDynN = tlvdb_fixed(0x9f4c, len, buf);
+                       tlvdb_add(tlvRoot, ICCDynN);
+                       if (decodeTLV){
+                               PrintAndLogEx(NORMAL, "\n* * ICC Dynamic Number:");
+                               TLVPrintFromTLV(ICCDynN);
+                       }
+                       
+                       PrintAndLogEx(NORMAL, "* * Calc CDOL1");
+                       struct tlv *cdol_data_tlv = dol_process(tlvdb_get(tlvRoot, 0x8c, NULL), tlvRoot, 0x01); // 0x01 - dummy tag
+                       if (!cdol_data_tlv){
+                               PrintAndLogEx(WARNING, "Error: can't create CDOL1 TLV.");
+                               dreturn(6);
+                       }
+                       PrintAndLogEx(NORMAL, "CDOL1 data[%d]: %s", cdol_data_tlv->len, sprint_hex(cdol_data_tlv->value, cdol_data_tlv->len));
+                       
+                       PrintAndLogEx(NORMAL, "* * AC1");
+                       // EMVAC_TC + EMVAC_CDAREQ --- to get SDAD
+                       res = EMVAC(channel, true, (TrType == TT_CDA) ? EMVAC_TC + EMVAC_CDAREQ : EMVAC_TC, (uint8_t *)cdol_data_tlv->value, cdol_data_tlv->len, buf, sizeof(buf), &len, &sw, tlvRoot);
+                       
+                       if (res) {  
+                               PrintAndLogEx(NORMAL, "AC1 error(%d): %4x. Exit...", res, sw);
+                               dreturn(7);
+                       }
+                       
+                       if (decodeTLV)
+                               TLVPrintFromBuffer(buf, len);
+                       
+                       // CDA
+                       PrintAndLogEx(NORMAL, "\n* CDA:");
+                       struct tlvdb *ac_tlv = tlvdb_parse_multi(buf, len);
+                       res = trCDA(tlvRoot, ac_tlv, pdol_data_tlv, cdol_data_tlv);
+                       if (res) {  
+                               PrintAndLogEx(NORMAL, "CDA error (%d)", res);
+                       }
+                       free(ac_tlv);
+                       free(cdol_data_tlv);
+                       
+                       PrintAndLogEx(NORMAL, "\n* M/Chip transaction result:");
+                       // 9F27: Cryptogram Information Data (CID)
+                       const struct tlv *CID = tlvdb_get(tlvRoot, 0x9F27, NULL);
+                       if (CID) {
+                               emv_tag_dump(CID, stdout, 0);
+                               PrintAndLogEx(NORMAL, "------------------------------");
+                               if (CID->len > 0) {
+                                       switch(CID->value[0] & EMVAC_AC_MASK){
+                                               case EMVAC_AAC:
+                                                       PrintAndLogEx(NORMAL, "Transaction DECLINED.");
+                                                       break;
+                                               case EMVAC_TC:
+                                                       PrintAndLogEx(NORMAL, "Transaction approved OFFLINE.");
+                                                       break;
+                                               case EMVAC_ARQC:
+                                                       PrintAndLogEx(NORMAL, "Transaction approved ONLINE.");
+                                                       break;
+                                               default:
+                                                       PrintAndLogEx(WARNING, "Error: CID transaction code error %2x", CID->value[0] & EMVAC_AC_MASK);
+                                                       break;
+                                       }
+                               } else {
+                                       PrintAndLogEx(WARNING, "Wrong CID length %d", CID->len);
+                               }
+                       } else {
+                               PrintAndLogEx(WARNING, "CID(9F27) not found.");
+                       }
                
                }
        }
                
        // MSD
                
                }
        }
                
        // MSD
-       if (AIP & 0x8000) {
-               PrintAndLog("\n--> MSD transaction.");
-               
+       if (AIP & 0x8000 && TrType == TT_MSD) { 
+               PrintAndLogEx(NORMAL, "\n--> MSD transaction.");
                
                
-               PrintAndLog("* MSD dCVV path. Check dCVV");
+               PrintAndLogEx(NORMAL, "* MSD dCVV path. Check dCVV");
 
                const struct tlv *track2 = tlvdb_get(tlvRoot, 0x57, NULL);
                if (track2) {
 
                const struct tlv *track2 = tlvdb_get(tlvRoot, 0x57, NULL);
                if (track2) {
-                       PrintAndLog("Track2: %s", sprint_hex(track2->value, track2->len));
+                       PrintAndLogEx(NORMAL, "Track2: %s", sprint_hex(track2->value, track2->len));
 
                        struct tlvdb *dCVV = GetdCVVRawFromTrack2(track2);
 
                        struct tlvdb *dCVV = GetdCVVRawFromTrack2(track2);
-                       PrintAndLog("dCVV raw data:");
+                       PrintAndLogEx(NORMAL, "dCVV raw data:");
                        TLVPrintFromTLV(dCVV);
                        
                        if (GetCardPSVendor(AID, AIDlen) == CV_MASTERCARD) {
                        TLVPrintFromTLV(dCVV);
                        
                        if (GetCardPSVendor(AID, AIDlen) == CV_MASTERCARD) {
-                               PrintAndLog("\n* Mastercard calculate UDOL");
+                               PrintAndLogEx(NORMAL, "\n* Mastercard calculate UDOL");
 
                                // UDOL (9F69)
                                const struct tlv *UDOL = tlvdb_get(tlvRoot, 0x9F69, NULL);
 
                                // UDOL (9F69)
                                const struct tlv *UDOL = tlvdb_get(tlvRoot, 0x9F69, NULL);
@@ -622,61 +1114,412 @@ int CmdHFEMVExec(const char *cmd) {
                                        .value = (uint8_t *)"\x9f\x6a\x04",
                                };
                                if (!UDOL)
                                        .value = (uint8_t *)"\x9f\x6a\x04",
                                };
                                if (!UDOL)
-                                       PrintAndLog("Use default UDOL.");
+                                       PrintAndLogEx(NORMAL, "Use default UDOL.");
 
 
-                               struct tlv *udol_data_tlv = dol_process(UDOL ? UDOL : &defUDOL, tlvRoot, 0x01); // 0x01 - fake tag!
+                               struct tlv *udol_data_tlv = dol_process(UDOL ? UDOL : &defUDOL, tlvRoot, 0x01); // 0x01 - dummy tag
                                if (!udol_data_tlv){
                                if (!udol_data_tlv){
-                                       PrintAndLog("ERROR: can't create UDOL TLV.");
-                                       return 4;
+                                       PrintAndLogEx(WARNING, "can't create UDOL TLV.");
+                                       dreturn(8);
                                }
 
                                }
 
-                               PrintAndLog("UDOL data[%d]: %s", udol_data_tlv->len, sprint_hex(udol_data_tlv->value, udol_data_tlv->len));
+                               PrintAndLogEx(NORMAL, "UDOL data[%d]: %s", udol_data_tlv->len, sprint_hex(udol_data_tlv->value, udol_data_tlv->len));
                                
                                
-                               PrintAndLog("\n* Mastercard compute cryptographic checksum(UDOL)");
+                               PrintAndLogEx(NORMAL, "\n* Mastercard compute cryptographic checksum(UDOL)");
                                
                                
-                               res = MSCComputeCryptoChecksum(true, (uint8_t *)udol_data_tlv->value, udol_data_tlv->len, buf, sizeof(buf), &len, &sw, tlvRoot);
+                               res = MSCComputeCryptoChecksum(channel, true, (uint8_t *)udol_data_tlv->value, udol_data_tlv->len, buf, sizeof(buf), &len, &sw, tlvRoot);
                                if (res) {
                                if (res) {
-                                       PrintAndLog("ERROR Compute Crypto Checksum. APDU error %4x", sw);
-                                       return 5;
+                                       PrintAndLogEx(WARNING, "Compute Crypto Checksum. APDU error %4x", sw);
+                                       free(udol_data_tlv);
+                                       dreturn(9);
                                }
                                
                                }
                                
-                               if (decodeTLV) {
-                                       TLVPrintFromBuffer(buf, len);
-                                       PrintAndLog("");
-                               }
+                               // Mastercard compute cryptographic checksum result
+                               TLVPrintFromBuffer(buf, len);
+                               PrintAndLogEx(NORMAL, "");
+
+                               free(udol_data_tlv);
 
                        }
                } else {
 
                        }
                } else {
-                       PrintAndLog("ERROR MSD: Track2 data not found.");
+                       PrintAndLogEx(WARNING, "MSD: Track2 data not found.");
                }
        }
                }
        }
+
+       DropField();
        
        
-       // additional contacless EMV commands (fDDA, external authenticate)
+       // Destroy TLV's
+       free(pdol_data_tlv);
+       tlvdb_free(tlvSelect);
+       tlvdb_free(tlvRoot);
+
+       PrintAndLogEx(NORMAL, "\n* Transaction completed.");
+       return 0;
+}
+
+int CmdEMVScan(const char *cmd) {
+       uint8_t AID[APDU_AID_LEN] = {0};
+       size_t AIDlen = 0;
+       uint8_t buf[APDU_RES_LEN] = {0};
+       size_t len = 0;
+       uint16_t sw = 0;
+       int res;
+       json_t *root;
+       json_error_t error;
+
+       CLIParserInit("emv scan", 
+               "Scan EMV card and save it contents to a file.", 
+               "It executes EMV contactless transaction and saves result to a file which can be used for emulation\n"
+                       "Usage:\n\temv scan -at -> scan MSD transaction mode and show APDU and TLV\n"
+                       "\temv scan -c -> scan CDA transaction mode\n");
+
+       void* argtable[] = {
+               arg_param_begin,
+               arg_lit0("aA",  "apdu",     "show APDU reqests and responses."),
+               arg_lit0("tT",  "tlv",      "TLV decode results."),
+               arg_lit0("eE",  "extract",  "Extract TLV elements and fill Application Data"),
+               arg_lit0("jJ",  "jload",    "Load transaction parameters from `emv/defparams.json` file."),
+               arg_rem("By default:",      "Transaction type - MSD"),
+               arg_lit0("vV",  "qvsdc",    "Transaction type - qVSDC or M/Chip."),
+               arg_lit0("cC",  "qvsdccda", "Transaction type - qVSDC or M/Chip plus CDA (SDAD generation)."),
+               arg_lit0("xX",  "vsdc",     "Transaction type - VSDC. For test only. Not a standart behavior."),
+               arg_lit0("gG",  "acgpo",    "VISA. generate AC from GPO."),
+               arg_lit0("mM",  "merge",    "Merge output file with card's data. (warning: the file may be corrupted!)"),
+#ifdef WITH_SMARTCARD
+               arg_lit0("wW",  "wired",   "Send data via contact (iso7816) interface. Contactless interface set by default."),
+#endif
+               arg_str1(NULL,  NULL,       "output.json", "JSON output file name"),
+               arg_param_end
+       };
+       CLIExecWithReturn(cmd, argtable, true);
+       
+       bool showAPDU = arg_get_lit(1);
+       bool decodeTLV = arg_get_lit(2);
+       bool extractTLVElements = arg_get_lit(3);
+       bool paramLoadJSON = arg_get_lit(4);
+
+       enum TransactionType TrType = TT_MSD;
+       if (arg_get_lit(6))
+               TrType = TT_QVSDCMCHIP;
+       if (arg_get_lit(7))
+               TrType = TT_CDA;
+       if (arg_get_lit(8))
+               TrType = TT_VSDC;
+
+       bool GenACGPO = arg_get_lit(9);
+       bool MergeJSON = arg_get_lit(10);
+       EMVCommandChannel channel = ECC_CONTACTLESS;
+       uint8_t relfname[250] = {0};
+       char *crelfname = (char *)relfname;
+       int relfnamelen = 0;
+#ifdef WITH_SMARTCARD  
+       if (arg_get_lit(11))
+               channel = ECC_CONTACT;
+       CLIGetStrWithReturn(12, relfname, &relfnamelen);
+#else
+       CLIGetStrWithReturn(11, relfname, &relfnamelen);
+#endif
+       CLIParserFree();
        
        
+       SetAPDULogging(showAPDU);
        
        
-       // DropField
+       // TODO
+       if (channel == ECC_CONTACT) {
+               PrintAndLogEx(ERR, "Do not use contact interface. Exit.");
+               return 1;
+       }
+       
+       // current path + file name
+       if (!strstr(crelfname, ".json"))
+               strcat(crelfname, ".json");
+       char fname[strlen(get_my_executable_directory()) + strlen(crelfname) + 1];
+       strcpy(fname, get_my_executable_directory());
+       strcat(fname, crelfname);
+
+       if (MergeJSON) {
+               root = json_load_file(fname, 0, &error);
+               if (!root) {
+                       PrintAndLogEx(ERR, "json error on line %d: %s", error.line, error.text);
+                       return 1; 
+               }
+               
+               if (!json_is_object(root)) {
+                       PrintAndLogEx(ERR, "Invalid json format. root must be an object.");
+                       return 1; 
+               }
+       } else {
+               root = json_object();
+       }
+
+       // drop field at start
        DropField();
        DropField();
+
+       // iso 14443 select
+       PrintAndLogEx(NORMAL, "--> GET UID, ATS.");
        
        
-       // Destroy TLV's
+       iso14a_card_select_t card;
+       if (Hf14443_4aGetCardData(&card)) {
+               return 2;
+       }
+
+       JsonSaveStr(root, "$.File.Created", "proxmark3 `emv scan`");
+       
+       JsonSaveStr(root, "$.Card.Communication", "iso14443-4a");
+       JsonSaveBufAsHex(root, "$.Card.UID", (uint8_t *)&card.uid, card.uidlen);
+       JsonSaveHex(root, "$.Card.ATQA", card.atqa[0] + (card.atqa[1] << 2), 2);
+       JsonSaveHex(root, "$.Card.SAK", card.sak, 0);
+       JsonSaveBufAsHex(root, "$.Card.ATS", (uint8_t *)card.ats, card.ats_len);
+       
+       // init applets list tree
+       const char *al = "Applets list";
+       struct tlvdb *tlvSelect = tlvdb_fixed(1, strlen(al), (const unsigned char *)al);
+       
+       // EMV PPSE
+       PrintAndLogEx(NORMAL, "--> PPSE.");
+       res = EMVSelectPSE(channel, true, true, 2, buf, sizeof(buf), &len, &sw);
+
+       if (!res && sw == 0x9000){
+               if (decodeTLV)
+                       TLVPrintFromBuffer(buf, len);
+               
+               JsonSaveBufAsHex(root, "$.PPSE.AID", (uint8_t *)"2PAY.SYS.DDF01", 14);
+               
+               struct tlvdb *fci = tlvdb_parse_multi(buf, len);
+               if (extractTLVElements)
+                       JsonSaveTLVTree(root, root, "$.PPSE.FCITemplate", fci);
+               else
+                       JsonSaveTLVTreeElm(root, "$.PPSE.FCITemplate", fci, true, true, false);
+               JsonSaveTLVValue(root, "$.Application.KernelID", tlvdb_find_full(fci, 0x9f2a));
+               tlvdb_free(fci);
+       }
+
+       res = EMVSearchPSE(channel, false, true, decodeTLV, tlvSelect);
+
+       // check PPSE and select application id
+       if (!res) { 
+               TLVPrintAIDlistFromSelectTLV(tlvSelect);        
+       } else {
+               // EMV SEARCH with AID list
+               SetAPDULogging(false);
+               PrintAndLogEx(NORMAL, "--> AID search.");
+               if (EMVSearch(channel, false, true, decodeTLV, tlvSelect)) {
+                       PrintAndLogEx(ERR, "Can't found any of EMV AID. Exit...");
+                       tlvdb_free(tlvSelect);
+                       DropField();
+                       return 3;
+               }
+
+               // check search and select application id
+               TLVPrintAIDlistFromSelectTLV(tlvSelect);
+       }
+
+       // EMV SELECT application
+       SetAPDULogging(showAPDU);
+       EMVSelectApplication(tlvSelect, AID, &AIDlen);
+
        tlvdb_free(tlvSelect);
        tlvdb_free(tlvSelect);
+
+       if (!AIDlen) {
+               PrintAndLogEx(INFO, "Can't select AID. EMV AID not found. Exit...");
+               DropField();
+               return 4;
+       }
+
+       JsonSaveBufAsHex(root, "$.Application.AID", AID, AIDlen);
+       
+       // Init TLV tree
+       const char *alr = "Root terminal TLV tree";
+       struct tlvdb *tlvRoot = tlvdb_fixed(1, strlen(alr), (const unsigned char *)alr);
+
+       // EMV SELECT applet
+
+       PrintAndLogEx(NORMAL, "\n-->Selecting AID:%s.", sprint_hex_inrow(AID, AIDlen));
+       SetAPDULogging(showAPDU);
+       res = EMVSelect(channel, false, true, AID, AIDlen, buf, sizeof(buf), &len, &sw, tlvRoot);
+       
+       if (res) {  
+               PrintAndLogEx(ERR, "Can't select AID (%d). Exit...", res);
+               tlvdb_free(tlvRoot);
+               DropField();
+               return 5;
+       }
+       
+       if (decodeTLV)
+               TLVPrintFromBuffer(buf, len);
+
+       // save mode
+       if (tlvdb_get(tlvRoot, 0x9f38, NULL)) {
+               JsonSaveStr(root, "$.Application.Mode", TransactionTypeStr[TrType]);
+       }
+
+       struct tlvdb *fci = tlvdb_parse_multi(buf, len);
+       if (extractTLVElements)
+               JsonSaveTLVTree(root, root, "$.Application.FCITemplate", fci);
+       else
+               JsonSaveTLVTreeElm(root, "$.Application.FCITemplate", fci, true, true, false);
+       tlvdb_free(fci);
+
+       // create transaction parameters
+       PrintAndLogEx(NORMAL, "-->Init transaction parameters.");
+       InitTransactionParameters(tlvRoot, paramLoadJSON, TrType, GenACGPO);
+       
+       PrintAndLogEx(NORMAL, "-->Calc PDOL.");
+       struct tlv *pdol_data_tlv = dol_process(tlvdb_get(tlvRoot, 0x9f38, NULL), tlvRoot, 0x83);
+       if (!pdol_data_tlv){
+               PrintAndLogEx(ERR, "Can't create PDOL TLV.");
+               tlvdb_free(tlvRoot);
+               DropField();
+               return 6;
+       }
+       
+       size_t pdol_data_tlv_data_len;
+       unsigned char *pdol_data_tlv_data = tlv_encode(pdol_data_tlv, &pdol_data_tlv_data_len);
+       if (!pdol_data_tlv_data) {
+               PrintAndLogEx(ERR, "Can't create PDOL data.");
+               tlvdb_free(tlvRoot);
+               DropField();
+               return 6;
+       }
+       PrintAndLogEx(INFO, "PDOL data[%d]: %s", pdol_data_tlv_data_len, sprint_hex(pdol_data_tlv_data, pdol_data_tlv_data_len));
+
+       PrintAndLogEx(INFO, "-->GPO.");
+       res = EMVGPO(channel, true, pdol_data_tlv_data, pdol_data_tlv_data_len, buf, sizeof(buf), &len, &sw, tlvRoot);
+       
+       free(pdol_data_tlv_data);
+       free(pdol_data_tlv);
+       
+       if (res) {  
+               PrintAndLogEx(ERR, "GPO error(%d): %4x. Exit...", res, sw);
+               tlvdb_free(tlvRoot);
+               DropField();
+               return 7;
+       }
+       ProcessGPOResponseFormat1(tlvRoot, buf, len, decodeTLV);
+       
+       struct tlvdb *gpofci = tlvdb_parse_multi(buf, len);
+       if (extractTLVElements)
+               JsonSaveTLVTree(root, root, "$.Application.GPO", gpofci);
+       else
+               JsonSaveTLVTreeElm(root, "$.Application.GPO", gpofci, true, true, false);
+
+       JsonSaveTLVValue(root, "$.ApplicationData.AIP", tlvdb_find_full(gpofci, 0x82));
+       JsonSaveTLVValue(root, "$.ApplicationData.AFL", tlvdb_find_full(gpofci, 0x94));
+
+       tlvdb_free(gpofci);
+
+       PrintAndLogEx(INFO, "-->Read records from AFL.");
+       const struct tlv *AFL = tlvdb_get(tlvRoot, 0x94, NULL);
+       
+       while(AFL && AFL->len) {
+               if (AFL->len % 4) {
+                       PrintAndLogEx(ERR, "Wrong AFL length: %d", AFL->len);
+                       break;
+               }
+
+               json_t *sfijson = json_path_get(root, "$.Application.Records");
+               if (!sfijson) {
+                       json_t *app = json_path_get(root, "$.Application");
+                       json_object_set_new(app, "Records", json_array());
+                       
+                       sfijson = json_path_get(root, "$.Application.Records");
+               }
+               if (!json_is_array(sfijson)) {
+                       PrintAndLogEx(ERR, "Internal logic error. `$.Application.Records` is not an array.");
+                       break;
+               }
+               for (int i = 0; i < AFL->len / 4; i++) {
+                       uint8_t SFI = AFL->value[i * 4 + 0] >> 3;
+                       uint8_t SFIstart = AFL->value[i * 4 + 1];
+                       uint8_t SFIend = AFL->value[i * 4 + 2];
+                       uint8_t SFIoffline = AFL->value[i * 4 + 3];
+                       
+                       PrintAndLogEx(INFO, "--->SFI[%02x] start:%02x end:%02x offline:%02x", SFI, SFIstart, SFIend, SFIoffline);
+                       if (SFI == 0 || SFI == 31 || SFIstart == 0 || SFIstart > SFIend) {
+                               PrintAndLogEx(ERR, "SFI ERROR! Skipped...");
+                               continue;
+                       }
+                       
+                       for(int n = SFIstart; n <= SFIend; n++) {
+                               PrintAndLogEx(INFO, "---->SFI[%02x] %d", SFI, n);
+                               
+                               res = EMVReadRecord(channel, true, SFI, n, buf, sizeof(buf), &len, &sw, tlvRoot);
+                               if (res) {
+                                       PrintAndLogEx(ERR, "SFI[%02x]. APDU error %4x", SFI, sw);
+                                       continue;
+                               }
+                               
+                               if (decodeTLV) {
+                                       TLVPrintFromBuffer(buf, len);
+                                       PrintAndLogEx(NORMAL, "");
+                               }
+                               
+                               json_t *jsonelm = json_object();
+                               json_array_append_new(sfijson, jsonelm);
+
+                               JsonSaveHex(jsonelm, "SFI", SFI, 1);
+                               JsonSaveHex(jsonelm, "RecordNum", n, 1);
+                               JsonSaveHex(jsonelm, "Offline", SFIoffline, 1);
+                               
+                               struct tlvdb *rsfi = tlvdb_parse_multi(buf, len);
+                               if (extractTLVElements)
+                                       JsonSaveTLVTree(root, jsonelm, "$.Data", rsfi);
+                               else
+                                       JsonSaveTLVTreeElm(jsonelm, "$.Data", rsfi, true, true, false);
+                               tlvdb_free(rsfi);
+                       }
+               }
+               
+               break;
+       }
+       
+       // getting certificates
+       if (tlvdb_get(tlvRoot, 0x90, NULL)) {
+               PrintAndLogEx(INFO, "-->Recovering certificates.");
+               PKISetStrictExecution(false);
+               RecoveryCertificates(tlvRoot, root);
+               PKISetStrictExecution(true);
+       }
+       
+       // free tlv object
        tlvdb_free(tlvRoot);
 
        tlvdb_free(tlvRoot);
 
-       PrintAndLog("\n* Transaction completed.");
+       // DropField
+       DropField();
+       
+       res = json_dump_file(root, fname, JSON_INDENT(2));
+       if (res) {
+               PrintAndLogEx(ERR, "Can't save the file: %s", fname);
+               return 200;
+       }
+       PrintAndLogEx(SUCCESS, "File `%s` saved.", fname);
+       
+       // free json object
+       json_decref(root);
        
        return 0;
 }
 
        
        return 0;
 }
 
+int CmdEMVTest(const char *cmd) {
+       return ExecuteCryptoTests(true);
+}
+
 int CmdHelp(const char *Cmd);
 static command_t CommandTable[] =  {
 int CmdHelp(const char *Cmd);
 static command_t CommandTable[] =  {
-       {"help",        CmdHelp,                1,      "This help"},
-       {"exec",        CmdHFEMVExec,   0,      "Executes EMV contactless transaction."},
-       {"pse",         CmdHFEMVPPSE,   0,      "Execute PPSE. It selects 2PAY.SYS.DDF01 or 1PAY.SYS.DDF01 directory."},
-       {"search",      CmdHFEMVSearch, 0,      "Try to select all applets from applets list and print installed applets."},
-       {"select",      CmdHFEMVSelect, 0,      "Select applet."},
-       {NULL, NULL, 0, NULL}
+       {"help",        CmdHelp,                    1,  "This help"},
+       {"exec",        CmdEMVExec,                 0,  "Executes EMV contactless transaction."},
+       {"pse",         CmdEMVPPSE,                 0,  "Execute PPSE. It selects 2PAY.SYS.DDF01 or 1PAY.SYS.DDF01 directory."},
+       {"search",      CmdEMVSearch,               0,  "Try to select all applets from applets list and print installed applets."},
+       {"select",      CmdEMVSelect,               0,  "Select applet."},
+       {"gpo",         CmdEMVGPO,                  0,  "Execute GetProcessingOptions."},
+       {"readrec",     CmdEMVReadRecord,           0,  "Read files from card."},
+       {"genac",       CmdEMVAC,                   0,  "Generate ApplicationCryptogram."},
+       {"challenge",   CmdEMVGenerateChallenge,    0,  "Generate challenge."},
+       {"intauth",     CmdEMVInternalAuthenticate, 0,  "Internal authentication."},
+       {"scan",        CmdEMVScan,                 0,  "Scan EMV card and save it contents to json file for emulator."},
+       {"test",        CmdEMVTest,                 0,  "Crypto logic test."},
+       {NULL,          NULL,                       0,  NULL}
 };
 
 };
 
-int CmdHFEMV(const char *Cmd) {
+int CmdEMV(const char *Cmd) {
        CmdsParse(CommandTable, Cmd);
        return 0;
 }
        CmdsParse(CommandTable, Cmd);
        return 0;
 }
Proxmark3 GIT tracking
Impressum, Datenschutz