#include "util.h"
#include "printf.h"
#include "string.h"
+
#include <stdarg.h>
#include "legicrf.h"
WriteTItag(c->arg[0],c->arg[1],c->arg[2]);
break;
case CMD_SIMULATE_TAG_125K:
+ LED_A_ON();
SimulateTagLowFrequency(c->arg[0], c->arg[1], 1);
+ LED_A_OFF();
break;
case CMD_LF_SIMULATE_BIDIR:
SimulateTagLowFrequencyBidir(c->arg[0], c->arg[1]);
case CMD_MIFAREU_READBL:
MifareUReadBlock(c->arg[0],c->d.asBytes);
break;
+ case CMD_MIFAREUC_AUTH1:
+ MifareUC_Auth1(c->arg[0],c->d.asBytes);
+ break;
+ case CMD_MIFAREUC_AUTH2:
+ MifareUC_Auth2(c->arg[0],c->d.asBytes);
+ break;
case CMD_MIFAREU_READCARD:
- MifareUReadCard(c->arg[0],c->arg[1],c->d.asBytes);
+ MifareUReadCard(c->arg[0], c->arg[1], c->d.asBytes);
break;
+ case CMD_MIFAREUC_READCARD:
+ MifareUReadCard(c->arg[0],c->arg[1],c->d.asBytes);
+ break;
case CMD_MIFARE_READSC:
MifareReadSector(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);
break;
case CMD_MIFARE_SNIFFER:
SniffMifare(c->arg[0]);
break;
+
#endif
#ifdef WITH_ICLASS
#include "hitag2.h"
#include "mifare.h"
+#include "../common/crc32.h"
+
// The large multi-purpose buffer, typically used to hold A/D samples,
// maybe processed in some way.
#define BIGBUF_SIZE 40000
#define FREE_BUFFER_OFFSET (CARD_MEMORY_OFFSET + CARD_MEMORY_SIZE)
#define FREE_BUFFER_SIZE (BIGBUF_SIZE - FREE_BUFFER_OFFSET - 1)
+ /*
+ The statements above translates into this :
+ BIGBUF_SIZE = 40000
+ TRACE_OFFSET = 0
+ TRACE_SIZE = 3000
+ RECV_CMD_OFFSET = 3000
+ MAX_FRAME_SIZE = 256
+ MAX_PARITY_SIZE = 32
+ RECV_CMD_PAR_OFFSET = 3256
+ RECV_RESP_OFFSET = 3288
+ RECV_RESP_PAR_OFFSET= 3544
+ CARD_MEMORY_OFFSET = 3576
+ CARD_MEMORY_SIZE = 4096
+ DMA_BUFFER_OFFSET = 3576
+ DMA_BUFFER_SIZE = 4096
+ FREE_BUFFER_OFFSET = 7672
+ FREE_BUFFER_SIZE = 32327
+ */
+
extern const uint8_t OddByteParity[256];
extern uint8_t *trace; // = (uint8_t *) BigBuf;
extern int traceLen; // = 0;
#define FPGA_HF_SIMULATOR_MODULATE_BPSK (1<<0)
#define FPGA_HF_SIMULATOR_MODULATE_212K (2<<0)
#define FPGA_HF_SIMULATOR_MODULATE_424K (4<<0)
+ #define FPGA_HF_SIMULATOR_MODULATE_424K_8BIT 0x5//101
+
// Options for ISO14443A
#define FPGA_HF_ISO14443A_SNIFFER (0<<0)
#define FPGA_HF_ISO14443A_TAGSIM_LISTEN (1<<0)
int32_t dist_nt(uint32_t nt1, uint32_t nt2);
void MifareReadBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *data);
void MifareUReadBlock(uint8_t arg0,uint8_t *datain);
- void MifareUC_Auth1(uint8_t arg0, uint8_t *datain);
- void MifareUC_Auth2(uint32_t arg0, uint8_t *datain);
- void MifareUReadCard(uint8_t arg0, int Pages, uint8_t *datain);
+ void MifareUReadCard(uint8_t arg0, int arg1, uint8_t *datain);
void MifareReadSector(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain);
void MifareWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain);
void MifareUWriteBlock(uint8_t arg0,uint8_t *datain);
void MifareCGetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain);
void MifareCIdent(); // is "magic chinese" card?
+//desfire
+void Mifare_DES_Auth1(uint8_t arg0,uint8_t *datain);
+void Mifare_DES_Auth2(uint32_t arg0, uint8_t *datain);
+
+// mifaredesfire.h
+bool InitDesfireCard();
+void MifareSendCommand(uint8_t arg0,uint8_t arg1, uint8_t *datain);
+void MifareDesfireGetInformation();
+void MifareDES_Auth1(uint8_t arg0,uint8_t arg1,uint8_t arg2, uint8_t *datain);
+void ReaderMifareDES(uint32_t param, uint32_t param2, uint8_t * datain);
+int DesfireAPDU(uint8_t *cmd, size_t cmd_len, uint8_t *dataout);
+size_t CreateAPDU( uint8_t *datain, size_t len, uint8_t *dataout);
+void OnSuccess();
+void OnError(uint8_t reason);
+
+
+
+
+
/// iso15693.h
void RecordRawAdcSamplesIso15693(void);
void AcquireRawAdcSamplesIso15693(void);
#include "apps.h"\r
#include "util.h"\r
\r
+#include "crc.h"\r
+\r
//-----------------------------------------------------------------------------\r
// Select, Authenticate, Read a MIFARE tag. \r
// read block\r
cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,16);\r
LED_B_OFF();\r
\r
- // Thats it...\r
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
+ LEDsoff();\r
+}\r
+\r
+\r
+void MifareUC_Auth1(uint8_t arg0, uint8_t *datain){\r
+\r
+ byte_t isOK = 0;\r
+ byte_t dataoutbuf[16] = {0x00};\r
+ uint8_t uid[10] = {0x00};\r
+ uint32_t cuid;\r
+\r
+ LED_A_ON();\r
+ LED_B_OFF();\r
+ LED_C_OFF();\r
+ \r
+ iso14a_clear_trace();\r
+ iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
+\r
+ if(!iso14443a_select_card(uid, NULL, &cuid)) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR)\r
+ Dbprintf("Can't select card");\r
+ OnError(0);\r
+ return;\r
+ };\r
+ \r
+ if(mifare_ultra_auth1(cuid, dataoutbuf)){\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) \r
+ Dbprintf("Authentication part1: Fail.");\r
+ OnError(1);\r
+ return;\r
+ }\r
+\r
+ isOK = 1;\r
+ if (MF_DBGLEVEL >= MF_DBG_EXTENDED)\r
+ DbpString("AUTH 1 FINISHED");\r
+ \r
+ cmd_send(CMD_ACK,isOK,cuid,0,dataoutbuf,11);\r
+ LEDsoff();\r
+}\r
+void MifareUC_Auth2(uint32_t arg0, uint8_t *datain){\r
+\r
+ uint32_t cuid = arg0;\r
+ uint8_t key[16] = {0x00};\r
+ byte_t isOK = 0;\r
+ byte_t dataoutbuf[16] = {0x00};\r
+ \r
+ memcpy(key, datain, 16);\r
+ \r
+ LED_A_ON();\r
+ LED_B_OFF();\r
+ LED_C_OFF();\r
+ \r
+ if(mifare_ultra_auth2(cuid, key, dataoutbuf)){\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) \r
+ Dbprintf("Authentication part2: Fail...");\r
+ OnError(1);\r
+ return; \r
+ }\r
+ \r
+ isOK = 1;\r
+ if (MF_DBGLEVEL >= MF_DBG_EXTENDED)\r
+ DbpString("AUTH 2 FINISHED");\r
+ \r
+ cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,11);\r
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
LEDsoff();\r
}\r
int len = iso14443a_select_card(uid, NULL, &cuid);\r
if(!len) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card");\r
- OnError(1);\r
+ //OnError(1);\r
return;\r
};\r
\r
len = mifare_ultra_readblock(cuid, blockNo, dataout);\r
if(len) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Read block error");\r
- OnError(2);\r
+ //OnError(2);\r
return;\r
};\r
\r
len = mifare_ultra_halt(cuid);\r
if(len) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Halt error");\r
- OnError(3);\r
+ //OnError(3);\r
return;\r
};\r
\r
int count_Pages = 0;\r
byte_t dataout[176] = {0x00};;\r
uint8_t uid[10] = {0x00};\r
- uint32_t cuid;\r
+ uint32_t cuid;\r
\r
- LED_A_ON();\r
- LED_B_OFF();\r
- LED_C_OFF();\r
+ LED_A_ON();\r
+ LED_B_OFF();\r
+ LED_C_OFF();\r
\r
if (MF_DBGLEVEL >= MF_DBG_ALL) \r
Dbprintf("Pages %d",Pages);\r
if (!len) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR)\r
Dbprintf("Can't select card");\r
- OnError(1);\r
+ //OnError(1);\r
return;\r
}\r
\r
if (len) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR)\r
Dbprintf("Read block %d error",i);\r
- OnError(2);\r
+ //OnError(2);\r
return;\r
} else {\r
count_Pages++;\r
if (len) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR)\r
Dbprintf("Halt error");\r
- OnError(3);\r
+ //OnError(3);\r
return;\r
}\r
\r
len = 176;\r
\r
cmd_send(CMD_ACK, 1, 0, 0, dataout, len); \r
- FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
- LEDsoff();\r
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
+ LEDsoff();\r
}\r
\r
\r
//\r
// DESFIRE\r
//\r
- }
+\r
+void Mifare_DES_Auth1(uint8_t arg0, uint8_t *datain){\r
+\r
+ byte_t dataout[11] = {0x00};\r
+ uint8_t uid[10] = {0x00};\r
+ uint32_t cuid;\r
+ \r
+ iso14a_clear_trace();\r
+ iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
+\r
+ int len = iso14443a_select_card(uid, NULL, &cuid);\r
+ if(!len) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) \r
+ Dbprintf("Can't select card");\r
+ OnError(1);\r
+ return;\r
+ };\r
+\r
+ if(mifare_desfire_des_auth1(cuid, dataout)){\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) \r
+ Dbprintf("Authentication part1: Fail.");\r
+ OnError(4);\r
+ return;\r
+ }\r
+\r
+ if (MF_DBGLEVEL >= MF_DBG_EXTENDED) DbpString("AUTH 1 FINISHED");\r
+ \r
+ cmd_send(CMD_ACK,1,cuid,0,dataout, sizeof(dataout));\r
+}\r
+\r
+void Mifare_DES_Auth2(uint32_t arg0, uint8_t *datain){\r
+\r
+ uint32_t cuid = arg0;\r
+ uint8_t key[16] = {0x00};\r
+ byte_t isOK = 0;\r
+ byte_t dataout[12] = {0x00};\r
+ \r
+ memcpy(key, datain, 16);\r
+ \r
+ isOK = mifare_desfire_des_auth2(cuid, key, dataout);\r
+ \r
+ if( isOK) {\r
+ if (MF_DBGLEVEL >= MF_DBG_EXTENDED) \r
+ Dbprintf("Authentication part2: Failed"); \r
+ OnError(4);\r
+ return;\r
+ }\r
+\r
+ if (MF_DBGLEVEL >= MF_DBG_EXTENDED) \r
+ DbpString("AUTH 2 FINISHED");\r
+\r
+ cmd_send(CMD_ACK, isOK, 0, 0, dataout, sizeof(dataout));\r
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
+ LEDsoff();\r
++}
CMD_EM4X_WRITE_WORD = 0x0219,
CMD_IO_DEMOD_FSK = 0x021A,
CMD_IO_CLONE_TAG = 0x021B,
-- CMD_EM410X_DEMOD = 0x021C,
++ CMD_EM410X_DEMOD = 0x021c,
--/* CMD_SET_ADC_MUX: ext1 is 0 for lopkd, 1 for loraw, 2 for hipkd, 3 for hiraw */
--// For the 13.56 MHz tags
return retval\r
end,\r
\r
++ -- input parameter is a string\r
++ -- Swaps the endianess and returns a string, \r
++ -- IE: 'cd7a' -> '7acd' -> 0x7acd\r
++ SwapEndiannessStr = function(s, len)\r
++ if s == nil then return nil end\r
++ if #s == 0 then return '' end\r
++ if type(s) ~= 'string' then return nil end\r
++ \r
++ local retval\r
++ if len == 16 then\r
++ retval = s:sub(3,4)..s:sub(1,2)\r
++ elseif len == 24 then\r
++ retval = s:sub(5,6)..s:sub(3,4)..s:sub(1,2)\r
++ elseif len == 32 then\r
++ retval = s:sub(7,8)..s:sub(5,6)..s:sub(3,4)..s:sub(1,2)\r
++ end\r
++ return retval\r
++ end, \r
------------ CONVERSIONS\r
\r
--\r
local B,K,OUT,I,D=16,"0123456789ABCDEF","",0\r
while IN>0 do\r
I=I+1\r
-- IN,D=math.floor(IN/B),math.mod(IN,B)+1\r
++ IN , D = math.floor(IN/B), math.modf(IN,B)+1\r
OUT=string.sub(K,D,D)..OUT\r
end\r
return OUT\r
end
end
++
++ local uid = block0:sub(1,8)
++ local itemtype = block1:sub(1,4)
++ local cardid = block1:sub(9,24)
++
-- Write dump to files
if not DEBUG then
-- local foo = dumplib.SaveAsBinary(bindata, outputTemplate..'.bin')
++ local foo = dumplib.SaveAsBinary(bindata, outputTemplate..'_uid_'..uid..'.bin')
print(("Wrote a BIN dump to the file %s"):format(foo))
-- local bar = dumplib.SaveAsText(emldata, outputTemplate..'.eml')
++ local bar = dumplib.SaveAsText(emldata, outputTemplate..'_uid_'..uid..'.eml')
print(("Wrote a EML dump to the file %s"):format(bar))
end
-- local uid = block0:sub(1,8)
-- local itemtype = block1:sub(1,4)
-- local cardid = block1:sub(9,24)
--
-- Show info
print( string.rep('--',20) )
print( (' ITEM TYPE : 0x%s - %s'):format(itemtype, toyNames[itemtype]) )
local cmdSetDbgOff = "hf mf dbg 0"
core.console( cmdSetDbgOff)
-- -- Look for tag present on reader,
-- result, err = lib14a.read1443a(false)
-- if not result then return oops(err) end
++ -- if not loadFromDump then
++ -- -- Look for tag present on reader,
++ -- result, err = lib14a.read1443a(false)
++ -- if not result then return oops(err) end
-- core.clearCommandBuffer()
++ -- core.clearCommandBuffer()
-- if 0x01 ~= result.sak then -- NXP MIFARE TNP3xxx
-- return oops('This is not a TNP3xxx tag. aborting.')
-- end
++ -- if 0x01 ~= result.sak then -- NXP MIFARE TNP3xxx
++ -- return oops('This is not a TNP3xxx tag. aborting.')
++ -- end
-- -- Show tag info
-- print((' Found tag : %s'):format(result.name))
++ -- -- Show tag info
++ -- print((' Found tag : %s'):format(result.name))
++ -- end
-- Load dump.bin file
print( (' Load data from %s'):format(inputTemplate))
err = LoadEmulator(blocks)
if err then return oops(err) end
core.clearCommandBuffer()
-- print('The simulation is now prepared.\n --> run \"hf mf sim 5 '..uid..'\" <--')
++ print('The simulation is now prepared.\n --> run \"hf mf sim u '..uid..' x\" <--')
end
end
main(args)
#ifndef _PROXMARK_CMD_H_\r
#define _PROXMARK_CMD_H_\r
\r
--#include <common.h>\r
--#include <usb_cmd.h>\r
++#include "common.h"\r
++#include "usb_cmd.h"\r
#include "usb_cdc.h"\r
\r
bool cmd_receive(UsbCommand* cmd);\r
#ifndef _USB_CDC_H_\r
#define _USB_CDC_H_\r
\r
--#include <common.h>\r
++#include "common.h"\r
\r
void usb_disable();\r
void usb_enable();\r
projects / proxmark3-svn / commitdiff