X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/0a85b72549d294b127c3224610870be4f9382f9a..bcf61bd34ab2747580aabf648093e5854b7283ed:/client/scripting.c diff --git a/client/scripting.c b/client/scripting.c index 9e3ff4e3..9e643932 100644 --- a/client/scripting.c +++ b/client/scripting.c @@ -16,6 +16,11 @@ #include "cmdmain.h" #include "scripting.h" #include "util.h" +#include "nonce2key/nonce2key.h" +#include "../common/iso15693tools.h" +#include "../common/crc16.h" +#include "../common/crc64.h" +#include "aes.h" /** * The following params expected: * UsbCommand c @@ -102,7 +107,62 @@ static int l_WaitForResponseTimeout(lua_State *L){ return 1;// one return value } } -//static int l_nonce2key(lua_State *L){ return CmdHF14AMfRdSc(luaL_checkstring(L, 1));} + +static int returnToLuaWithError(lua_State *L, const char* fmt, ...) +{ + char buffer[200]; + va_list args; + va_start(args,fmt); + vsnprintf(buffer, sizeof(buffer), fmt,args); + va_end(args); + + lua_pushnil(L); + lua_pushstring(L,buffer); + return 2; +} + +static int l_nonce2key(lua_State *L){ + + size_t size; + const char *p_uid = luaL_checklstring(L, 1, &size); + if(size != 4) return returnToLuaWithError(L,"Wrong size of uid, got %d bytes, expected 4", (int) size); + + const char *p_nt = luaL_checklstring(L, 2, &size); + if(size != 4) return returnToLuaWithError(L,"Wrong size of nt, got %d bytes, expected 4", (int) size); + + const char *p_nr = luaL_checklstring(L, 3, &size); + if(size != 4) return returnToLuaWithError(L,"Wrong size of nr, got %d bytes, expected 4", (int) size); + + const char *p_par_info = luaL_checklstring(L, 4, &size); + if(size != 8) return returnToLuaWithError(L,"Wrong size of par_info, got %d bytes, expected 8", (int) size); + + const char *p_pks_info = luaL_checklstring(L, 5, &size); + if(size != 8) return returnToLuaWithError(L,"Wrong size of ks_info, got %d bytes, expected 8", (int) size); + + + uint32_t uid = bytes_to_num(( uint8_t *)p_uid,4); + uint32_t nt = bytes_to_num(( uint8_t *)p_nt,4); + + uint32_t nr = bytes_to_num(( uint8_t*)p_nr,4); + uint64_t par_info = bytes_to_num(( uint8_t *)p_par_info,8); + uint64_t ks_info = bytes_to_num(( uint8_t *)p_pks_info,8); + + uint64_t key = 0; + + int retval = nonce2key(uid,nt, nr, par_info,ks_info, &key); + + //Push the retval on the stack + lua_pushinteger(L,retval); + + //Push the key onto the stack + uint8_t dest_key[8]; + num_to_bytes(key,sizeof(dest_key),dest_key); + + //printf("Pushing to lua stack: %012"llx"\n",key); + lua_pushlstring(L,(const char *) dest_key,sizeof(dest_key)); + + return 2; //Two return values +} //static int l_PrintAndLog(lua_State *L){ return CmdHF14AMfDump(luaL_checkstring(L, 1));} static int l_clearCommandBuffer(lua_State *L){ clearCommandBuffer(); @@ -120,12 +180,21 @@ static int l_foobar(lua_State *L) printf("foobar called with %d arguments" , n); lua_settop(L, 0); printf("Arguments discarded, stack now contains %d elements", lua_gettop(L)); - UsbCommand response = {CMD_MIFARE_READBL, {1337, 1338, 1339}}; - printf("Now returning a UsbCommand as a string"); - lua_pushlstring(L,(const char *)&response,sizeof(UsbCommand)); - return 1; + + // todo: this is not used, where was it intended for? + // UsbCommand response = {CMD_MIFARE_READBL, {1337, 1338, 1339}}; + + printf("Now returning a uint64_t as a string"); + uint64_t x = 0xDEADBEEF; + uint8_t destination[8]; + num_to_bytes(x,sizeof(x),destination); + lua_pushlstring(L,(const char *)&x,sizeof(x)); + lua_pushlstring(L,(const char *)destination,sizeof(destination)); + + return 2; } + /** * @brief Utility to check if a key has been pressed by the user. This method does not block. * @param L @@ -148,6 +217,110 @@ static int l_CmdConsole(lua_State *L) return 0; } +static int l_iso15693_crc(lua_State *L) +{ + // uint16_t Iso15693Crc(uint8_t *v, int n); + size_t size; + const char *v = luaL_checklstring(L, 1, &size); + uint16_t retval = Iso15693Crc((uint8_t *) v, size); + lua_pushinteger(L, (int) retval); + return 1; +} + +/* + Simple AES 128 cbc hook up to OpenSSL. + params: key, input +*/ +static int l_aes128decrypt(lua_State *L) +{ + //Check number of arguments + int i; + size_t size; + const char *p_key = luaL_checklstring(L, 1, &size); + if(size != 32) return returnToLuaWithError(L,"Wrong size of key, got %d bytes, expected 32", (int) size); + + const char *p_encTxt = luaL_checklstring(L, 2, &size); + + unsigned char indata[16] = {0x00}; + unsigned char outdata[16] = {0x00}; + unsigned char aes_key[16] = {0x00}; + unsigned char iv[16] = {0x00}; + + // convert key to bytearray and convert input to bytearray + for (i = 0; i < 32; i += 2) { + sscanf(&p_encTxt[i], "%02x", (unsigned int *)&indata[i / 2]); + sscanf(&p_key[i], "%02x", (unsigned int *)&aes_key[i / 2]); + } + + aes_context ctx; + aes_init(&ctx); + //aes_setkey_enc(&ctx, (const unsigned char *)aes_key, 128); + aes_setkey_dec(&ctx, aes_key, 128); + aes_crypt_cbc(&ctx, AES_DECRYPT, sizeof(indata), iv, indata, outdata ); + //Push decrypted array as a string + lua_pushlstring(L,(const char *)&outdata, sizeof(outdata)); + return 1;// return 1 to signal one return value +} +static int l_aes128encrypt(lua_State *L) +{ + //Check number of arguments + int i; + size_t size; + const char *p_key = luaL_checklstring(L, 1, &size); + if(size != 32) return returnToLuaWithError(L,"Wrong size of key, got %d bytes, expected 32", (int) size); + + const char *p_txt = luaL_checklstring(L, 2, &size); + + unsigned char indata[16] = {0x00}; + unsigned char outdata[16] = {0x00}; + unsigned char aes_key[16] = {0x00}; + unsigned char iv[16] = {0x00}; + + for (i = 0; i < 32; i += 2) { + sscanf(&p_txt[i], "%02x", (unsigned int *)&indata[i / 2]); + sscanf(&p_key[i], "%02x", (unsigned int *)&aes_key[i / 2]); + } + + aes_context ctx; + aes_init(&ctx); + aes_setkey_enc(&ctx, aes_key, 128); + aes_crypt_cbc(&ctx, AES_ENCRYPT, sizeof(indata), iv, indata, outdata ); + //Push encrypted array as a string + lua_pushlstring(L,(const char *)&outdata, sizeof(outdata)); + return 1;// return 1 to signal one return value +} + +static int l_crc16(lua_State *L) +{ + size_t size; + const char *p_str = luaL_checklstring(L, 1, &size); + + uint16_t retval = crc16_ccitt( (uint8_t*) p_str, size); + lua_pushinteger(L, (int) retval); + return 1; +} + +static int l_crc64(lua_State *L) +{ + size_t size; + uint64_t crc = 0; + unsigned char outdata[8] = {0x00}; + + const char *p_str = luaL_checklstring(L, 1, &size); + + crc64( (uint8_t*) p_str, size, &crc); + + outdata[0] = (uint8_t)(crc >> 56) & 0xff; + outdata[1] = (uint8_t)(crc >> 48) & 0xff; + outdata[2] = (uint8_t)(crc >> 40) & 0xff; + outdata[3] = (uint8_t)(crc >> 32) & 0xff; + outdata[4] = (uint8_t)(crc >> 24) & 0xff; + outdata[5] = (uint8_t)(crc >> 16) & 0xff; + outdata[6] = (uint8_t)(crc >> 8) & 0xff; + outdata[7] = crc & 0xff; + lua_pushlstring(L,(const char *)&outdata, sizeof(outdata)); + return 1; +} /** * @brief Sets the lua path to include "./lualibs/?.lua", in order for a script to be @@ -169,7 +342,8 @@ int setLuaPath( lua_State* L, const char* path ) lua_pushstring( L, buf ); // push the new one lua_setfield( L, -2, "path" ); // set the field "path" in table at -2 with value at top of stack lua_pop( L, 1 ); // get rid of package table from top of stack - return 0; // all done! + free(buf); + return 0; // all done! } @@ -179,12 +353,17 @@ int set_pm3_libraries(lua_State *L) static const luaL_Reg libs[] = { {"SendCommand", l_SendCommand}, {"WaitForResponseTimeout", l_WaitForResponseTimeout}, - //{"nonce2key", l_nonce2key}, + {"nonce2key", l_nonce2key}, //{"PrintAndLog", l_PrintAndLog}, {"foobar", l_foobar}, {"ukbhit", l_ukbhit}, {"clearCommandBuffer", l_clearCommandBuffer}, - {"console", l_CmdConsole}, + {"console", l_CmdConsole}, + {"iso15693_crc", l_iso15693_crc}, + {"aes128_decrypt", l_aes128decrypt}, + {"aes128_encrypt", l_aes128encrypt}, + {"crc16", l_crc16}, + {"crc64", l_crc64}, {NULL, NULL} };