X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/e5ad43c07eecd24792f0ca3f3468b10f447fafb3..refs/pull/121/head:/armsrc/epa.c?ds=inline diff --git a/armsrc/epa.c b/armsrc/epa.c index 0e93a056..6bd8692e 100644 --- a/armsrc/epa.c +++ b/armsrc/epa.c @@ -5,15 +5,15 @@ // at your option, any later version. See the LICENSE.txt file for the text of // the license. //----------------------------------------------------------------------------- -// Routines to support the German eletronic "Personalausweis" (ID card) +// Routines to support the German electronic "Personalausweis" (ID card) // Note that the functions which do not implement USB commands do NOT initialize // the card (with iso14443a_select_card etc.). If You want to use these // functions, You need to do the setup before calling them! //----------------------------------------------------------------------------- #include "iso14443a.h" - #include "epa.h" +#include "cmd.h" // Protocol and Parameter Selection Request // use regular (1x) speed in both directions @@ -74,6 +74,32 @@ static const uint8_t oid_pace_start[] = { 0x04 // id-PACE }; +// APDUs for replaying: +// MSE: Set AT (initiate PACE) +static uint8_t apdu_replay_mse_set_at_pace[41]; +// General Authenticate (Get Nonce) +static uint8_t apdu_replay_general_authenticate_pace_get_nonce[8]; +// General Authenticate (Map Nonce) +static uint8_t apdu_replay_general_authenticate_pace_map_nonce[75]; +// General Authenticate (Mutual Authenticate) +static uint8_t apdu_replay_general_authenticate_pace_mutual_authenticate[75]; +// General Authenticate (Perform Key Agreement) +static uint8_t apdu_replay_general_authenticate_pace_perform_key_agreement[18]; +// pointers to the APDUs (for iterations) +static struct { + uint8_t len; + uint8_t *data; +} const apdus_replay[] = { + {sizeof(apdu_replay_mse_set_at_pace), apdu_replay_mse_set_at_pace}, + {sizeof(apdu_replay_general_authenticate_pace_get_nonce), apdu_replay_general_authenticate_pace_get_nonce}, + {sizeof(apdu_replay_general_authenticate_pace_map_nonce), apdu_replay_general_authenticate_pace_map_nonce}, + {sizeof(apdu_replay_general_authenticate_pace_mutual_authenticate), apdu_replay_general_authenticate_pace_mutual_authenticate}, + {sizeof(apdu_replay_general_authenticate_pace_perform_key_agreement), apdu_replay_general_authenticate_pace_perform_key_agreement} +}; + +// lengths of the replay APDUs +static uint8_t apdu_lengths_replay[5]; + //----------------------------------------------------------------------------- // Closes the communication channel and turns off the field //----------------------------------------------------------------------------- @@ -101,16 +127,16 @@ size_t EPA_Parse_CardAccess(uint8_t *data, pace_version_info_t *pace_info) { size_t index = 0; - + while (index <= length - 2) { // determine type of element // SET or SEQUENCE if (data[index] == 0x31 || data[index] == 0x30) { // enter the set (skip tag + length) index += 2; - // extended length + // check for extended length if ((data[index - 1] & 0x80) != 0) { - index += (data[index] & 0x7F); + index += (data[index-1] & 0x7F); } } // OID @@ -158,7 +184,7 @@ size_t EPA_Parse_CardAccess(uint8_t *data, index += 2 + data[index + 1]; } } - + // TODO: We should check whether we reached the end in error, but for that // we need a better parser (e.g. with states like IN_SET or IN_PACE_INFO) return 0; @@ -176,7 +202,7 @@ int EPA_Read_CardAccess(uint8_t *buffer, size_t max_length) // we reserve 262 bytes here just to be safe (256-byte APDU + SW + ISO frame) uint8_t response_apdu[262]; int rapdu_length = 0; - + // select the file EF.CardAccess rapdu_length = iso14_apdu((uint8_t *)apdu_select_binary_cardaccess, sizeof(apdu_select_binary_cardaccess), @@ -185,9 +211,10 @@ int EPA_Read_CardAccess(uint8_t *buffer, size_t max_length) || response_apdu[rapdu_length - 4] != 0x90 || response_apdu[rapdu_length - 3] != 0x00) { + Dbprintf("epa - no select cardaccess"); return -1; } - + // read the file rapdu_length = iso14_apdu((uint8_t *)apdu_read_binary, sizeof(apdu_read_binary), @@ -196,9 +223,10 @@ int EPA_Read_CardAccess(uint8_t *buffer, size_t max_length) || response_apdu[rapdu_length - 4] != 0x90 || response_apdu[rapdu_length - 3] != 0x00) { + Dbprintf("epa - no read cardaccess"); return -1; } - + // copy the content into the buffer // length of data available: apdu_length - 4 (ISO frame) - 2 (SW) size_t to_copy = rapdu_length - 6; @@ -211,24 +239,19 @@ int EPA_Read_CardAccess(uint8_t *buffer, size_t max_length) // Abort helper function for EPA_PACE_Collect_Nonce // sets relevant data in ack, sends the response //----------------------------------------------------------------------------- -static void EPA_PACE_Collect_Nonce_Abort(UsbCommand *ack, uint8_t step, int func_return) +static void EPA_PACE_Collect_Nonce_Abort(uint8_t step, int func_return) { - // step in which the failure occured - ack->arg[0] = step; - // last return code - ack->arg[1] = func_return; - // power down the field EPA_Finish(); - + // send the USB packet - UsbSendPacket((void *)ack, sizeof(UsbCommand)); + cmd_send(CMD_ACK,step,func_return,0,0,0); } //----------------------------------------------------------------------------- // Acquire one encrypted PACE nonce //----------------------------------------------------------------------------- -void EPA_PACE_Collect_Nonce(UsbCommand *c, UsbCommand *ack) +void EPA_PACE_Collect_Nonce(UsbCommand *c) { /* * ack layout: @@ -242,29 +265,22 @@ void EPA_PACE_Collect_Nonce(UsbCommand *c, UsbCommand *ack) */ // return value of a function - int func_return; + int func_return = 0; - // initialize ack with 0s - memset(ack->arg, 0, 12); - memset(ack->d.asBytes, 0, 48); - // set up communication func_return = EPA_Setup(); if (func_return != 0) { - EPA_PACE_Collect_Nonce_Abort(ack, 1, func_return); + EPA_PACE_Collect_Nonce_Abort(1, func_return); return; } - // increase the timeout (at least some cards really do need this!) - iso14a_set_timeout(0x0002FFFF); - // read the CardAccess file // this array will hold the CardAccess file uint8_t card_access[256] = {0}; int card_access_length = EPA_Read_CardAccess(card_access, 256); // the response has to be at least this big to hold the OID if (card_access_length < 18) { - EPA_PACE_Collect_Nonce_Abort(ack, 2, card_access_length); + EPA_PACE_Collect_Nonce_Abort(2, card_access_length); return; } @@ -275,14 +291,14 @@ void EPA_PACE_Collect_Nonce(UsbCommand *c, UsbCommand *ack) card_access_length, &pace_version_info); if (func_return != 0 || pace_version_info.version == 0) { - EPA_PACE_Collect_Nonce_Abort(ack, 3, func_return); + EPA_PACE_Collect_Nonce_Abort(3, func_return); return; } - + // initiate the PACE protocol // use the CAN for the password since that doesn't change func_return = EPA_PACE_MSE_Set_AT(pace_version_info, 2); - + // now get the nonce uint8_t nonce[256] = {0}; uint8_t requested_size = (uint8_t)c->arg[0]; @@ -290,17 +306,15 @@ void EPA_PACE_Collect_Nonce(UsbCommand *c, UsbCommand *ack) // check if the command succeeded if (func_return < 0) { - EPA_PACE_Collect_Nonce_Abort(ack, 4, func_return); + EPA_PACE_Collect_Nonce_Abort(4, func_return); return; } - - // save received information - ack->arg[1] = func_return; - memcpy(ack->d.asBytes, nonce, func_return); // all done, return EPA_Finish(); - UsbSendPacket((void *)ack, sizeof(UsbCommand)); + + // save received information + cmd_send(CMD_ACK,0,func_return,0,nonce,func_return); } //----------------------------------------------------------------------------- @@ -321,7 +335,7 @@ int EPA_PACE_Get_Nonce(uint8_t requested_length, uint8_t *nonce) sizeof(apdu_general_authenticate_pace_get_nonce)); // append Le (requested length + 2 due to tag/length taking 2 bytes) in RAPDU apdu[sizeof(apdu_general_authenticate_pace_get_nonce)] = requested_length + 4; - + // send it uint8_t response_apdu[262]; int send_return = iso14_apdu(apdu, @@ -334,7 +348,7 @@ int EPA_PACE_Get_Nonce(uint8_t requested_length, uint8_t *nonce) { return -1; } - + // if there is no nonce in the RAPDU, return here if (send_return < 10) { @@ -349,7 +363,7 @@ int EPA_PACE_Get_Nonce(uint8_t requested_length, uint8_t *nonce) } // copy the nonce memcpy(nonce, response_apdu + 6, nonce_length); - + return nonce_length; } @@ -408,34 +422,97 @@ int EPA_PACE_MSE_Set_AT(pace_version_info_t pace_version_info, uint8_t password) return 0; } +//----------------------------------------------------------------------------- +// Perform the PACE protocol by replaying given APDUs +//----------------------------------------------------------------------------- +void EPA_PACE_Replay(UsbCommand *c) +{ + uint32_t timings[sizeof(apdu_lengths_replay) / sizeof(apdu_lengths_replay[0])] = {0}; + + // if an APDU has been passed, save it + if (c->arg[0] != 0) { + // make sure it's not too big + if(c->arg[2] > apdus_replay[c->arg[0] - 1].len) + { + cmd_send(CMD_ACK, 1, 0, 0, NULL, 0); + } + memcpy(apdus_replay[c->arg[0] - 1].data + c->arg[1], + c->d.asBytes, + c->arg[2]); + // save/update APDU length + if (c->arg[1] == 0) { + apdu_lengths_replay[c->arg[0] - 1] = c->arg[2]; + } else { + apdu_lengths_replay[c->arg[0] - 1] += c->arg[2]; + } + cmd_send(CMD_ACK, 0, 0, 0, NULL, 0); + return; + } + + // return value of a function + int func_return; + + // set up communication + func_return = EPA_Setup(); + if (func_return != 0) { + EPA_Finish(); + cmd_send(CMD_ACK, 2, func_return, 0, NULL, 0); + return; + } + + // increase the timeout (at least some cards really do need this!)///////////// + // iso14a_set_timeout(0x0003FFFF); + + // response APDU + uint8_t response_apdu[300] = {0}; + + // now replay the data and measure the timings + for (int i = 0; i < sizeof(apdu_lengths_replay); i++) { + StartCountUS(); + func_return = iso14_apdu(apdus_replay[i].data, + apdu_lengths_replay[i], + response_apdu); + timings[i] = GetCountUS(); + // every step but the last one should succeed + if (i < sizeof(apdu_lengths_replay) - 1 + && (func_return < 6 + || response_apdu[func_return - 4] != 0x90 + || response_apdu[func_return - 3] != 0x00)) + { + EPA_Finish(); + cmd_send(CMD_ACK, 3 + i, func_return, 0, timings, 20); + return; + } + } + EPA_Finish(); + cmd_send(CMD_ACK,0,0,0,timings,20); + return; +} + //----------------------------------------------------------------------------- // Set up a communication channel (Card Select, PPS) // Returns 0 on success or a non-zero error code on failure //----------------------------------------------------------------------------- int EPA_Setup() { - // return code int return_code = 0; - // card UID - uint8_t uid[8]; - // card select information + uint8_t uid[10]; + uint8_t pps_response[3]; + uint8_t pps_response_par[1]; iso14a_card_select_t card_select_info; - // power up the field - iso14443a_setup(); + // power up the field + iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD); // select the card return_code = iso14443a_select_card(uid, &card_select_info, NULL); if (return_code != 1) { return 1; } - // send the PPS request - ReaderTransmit((uint8_t *)pps, sizeof(pps)); - uint8_t pps_response[3]; - return_code = ReaderReceive(pps_response); + ReaderTransmit((uint8_t *)pps, sizeof(pps), NULL); + return_code = ReaderReceive(pps_response, pps_response_par); if (return_code != 3 || pps_response[0] != 0xD0) { return return_code == 0 ? 2 : return_code; } - return 0; -} \ No newline at end of file +}