--- /dev/null
+# Change Log
+All notable changes to this project will be documented in this file.
+This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...
+
+## [Unreleased][unreleased]
+### Changed
+- Iclass read, `hf iclass read` now also reads tag config and prints configuration. (holiman)
+
+### Fixed
+- Fixed issue #19, problems with LF T55xx commands (marshmellow)
+
+### Added
+- Added changelog
+
+## [2.0.0] - 2015-03-25
+### Changed
+- LF sim operations now abort when new commands arrive over the USB - not required to push the device button anymore.
+
+### Fixed
+- Mifare simulation, `hf mf sim` (was broken a long time) (pwpiwi)
+- Major improvements in LF area and data operations. (marshmellow, iceman1001)
+- Issues regarding LF simulation (pwpiwi)
+
+### Added
+- iClass functionality: full simulation of iclass tags, so tags can be simulated with data (not only CSN). Not yet support for write/update, but readers don't seem to enforce update. (holiman).
+- iClass decryption. Proxmark can now decrypt data on an iclass tag, but requires you to have the HID decryption key locally on your computer, as this is not bundled with the sourcecode.
+
+
static uint8_t act_all[] = { 0x0a };
static uint8_t identify[] = { 0x0c };
static uint8_t select[] = { 0x81, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
- static uint8_t readcheck_cc[]= { 0x88, 0x02 };
+
+
+ static uint8_t readcheck_cc[]= { 0x88, 0x02,};
+
uint8_t resp[ICLASS_BUFFER_SIZE];
uint8_t read_status = 0;
if(ReaderReceiveIClass(resp) == 8) {
//Save CC (e-purse) in response data
memcpy(card_data+8,resp,8);
-
- //Got both
- read_status = 2;
+ read_status++;
}
return read_status;
}
+
// Reader iClass Anticollission
void ReaderIClass(uint8_t arg0) {
- uint8_t card_data[24]={0};
+ uint8_t card_data[6 * 8]={0xFF};
uint8_t last_csn[8]={0};
+ //Read conf block CRC(0x01) => 0xfa 0x22
+ uint8_t readConf[] = { ICLASS_CMD_READ_OR_IDENTIFY,0x01, 0xfa, 0x22};
+ //Read conf block CRC(0x05) => 0xde 0x64
+ uint8_t readAA[] = { ICLASS_CMD_READ_OR_IDENTIFY,0x05, 0xde, 0x64};
+
+
int read_status= 0;
+ uint8_t result_status = 0;
bool abort_after_read = arg0 & FLAG_ICLASS_READER_ONLY_ONCE;
- bool get_cc = arg0 & FLAG_ICLASS_READER_GET_CC;
+
set_tracing(TRUE);
setupIclassReader();
- size_t datasize = 0;
- while(!BUTTON_PRESS())
+ while(!BUTTON_PRESS())
{
if(!tracing) {
read_status = handshakeIclassTag(card_data);
if(read_status == 0) continue;
- if(read_status == 1) datasize = 8;
- if(read_status == 2) datasize = 16;
+ if(read_status == 1) result_status = FLAG_ICLASS_READER_CSN;
+ if(read_status == 2) result_status = FLAG_ICLASS_READER_CSN|FLAG_ICLASS_READER_CC;
+
+ // handshakeIclass returns CSN|CC, but the actual block
+ // layout is CSN|CONFIG|CC, so here we reorder the data,
+ // moving CC forward 8 bytes
+ memcpy(card_data+16,card_data+8, 8);
+ //Read block 1, config
+ if(arg0 & FLAG_ICLASS_READER_CONF)
+ {
+ if(sendCmdGetResponseWithRetries(readConf, sizeof(readConf),card_data+8, 10, 10))
+ {
+ Dbprintf("Failed to dump config block");
+ }else
+ {
+ result_status |= FLAG_ICLASS_READER_CONF;
+ }
+ }
- //Todo, read the public blocks 1,5 aswell:
- //
- // 0 : CSN (we already have)
+ //Read block 5, AA
+ if(arg0 & FLAG_ICLASS_READER_AA){
+ if(sendCmdGetResponseWithRetries(readAA, sizeof(readAA),card_data+(8*4), 10, 10))
+ {
+// Dbprintf("Failed to dump AA block");
+ }else
+ {
+ result_status |= FLAG_ICLASS_READER_AA;
+ }
+ }
+
+ // 0 : CSN
// 1 : Configuration
- // 2 : e-purse (we already have)
- // (3,4 write-only)
+ // 2 : e-purse
+ // (3,4 write-only, kc and kd)
// 5 Application issuer area
//
//Then we can 'ship' back the 8 * 5 bytes of data,
//Send back to client, but don't bother if we already sent this
if(memcmp(last_csn, card_data, 8) != 0)
{
-
- if(!get_cc || (get_cc && read_status == 2))
+ // If caller requires that we get CC, continue until we got it
+ if( (arg0 & read_status & FLAG_ICLASS_READER_CC) || !(arg0 & FLAG_ICLASS_READER_CC))
{
- cmd_send(CMD_ACK,read_status,0,0,card_data,datasize);
+ cmd_send(CMD_ACK,result_status,0,0,card_data,sizeof(card_data));
if(abort_after_read) {
LED_A_OFF();
return;
//Save that we already sent this....
memcpy(last_csn, card_data, 8);
}
- //If 'get_cc' was specified and we didn't get a CC, we'll just keep trying...
+
}
LED_B_OFF();
}
#include "loclass/elite_crack.h"
#include "loclass/fileutils.h"
#include "protocols.h"
+#include "usb_cmd.h"
static int CmdHelp(const char *Cmd);
int CmdHFiClassReader(const char *Cmd)
{
- UsbCommand c = {CMD_READER_ICLASS, {0}};
+ UsbCommand c = {CMD_READER_ICLASS, {FLAG_ICLASS_READER_CSN|
+ FLAG_ICLASS_READER_CONF|FLAG_ICLASS_READER_AA}};
SendCommand(&c);
UsbCommand resp;
while(!ukbhit()){
if (WaitForResponseTimeout(CMD_ACK,&resp,4500)) {
- uint8_t isOK = resp.arg[0] & 0xff;
+ uint8_t readStatus = resp.arg[0] & 0xff;
uint8_t * data = resp.d.asBytes;
- PrintAndLog("isOk:%02x", isOK);
- if( isOK == 0){
+ PrintAndLog("Readstatus:%02x", readStatus);
+ if( readStatus == 0){
//Aborted
PrintAndLog("Quitting...");
return 0;
}
- if(isOK > 0)
- {
- PrintAndLog("CSN: %s",sprint_hex(data,8));
- }
- if(isOK >= 1)
- {
- PrintAndLog("CC: %s",sprint_hex(data+8,8));
- }else{
- PrintAndLog("No CC obtained");
+ if( readStatus & FLAG_ICLASS_READER_CSN) PrintAndLog("CSN: %s",sprint_hex(data,8));
+ if( readStatus & FLAG_ICLASS_READER_CC) PrintAndLog("CC: %s",sprint_hex(data+16,8));
+ if( readStatus & FLAG_ICLASS_READER_CONF){
+ printIclassDumpInfo(data);
}
} else {
PrintAndLog("Command execute timeout");
uint8_t key_sel_p[8] = { 0 };
UsbCommand c = {CMD_READER_ICLASS, {0}};
- c.arg[0] = FLAG_ICLASS_READER_ONLY_ONCE| FLAG_ICLASS_READER_GET_CC;
+ c.arg[0] = FLAG_ICLASS_READER_ONLY_ONCE| FLAG_ICLASS_READER_CC;
SendCommand(&c);
uint8_t * data = resp.d.asBytes;
memcpy(CSN,data,8);
- memcpy(CCNR,data+8,8);
+ memcpy(CCNR,data+16,8);
PrintAndLog("isOk:%02x", isOK);
projects / proxmark3-svn / commitdiff